Topic: Cybersecurity
Event recording
Event description
Event date: 23 June 2022, 17:30–18:30 CEST
In this talk, researchers from the Geneva Academy will shed light on the different examples of cyber operations (e.g. Stuxnet, NotPetya, and SolarWinds) allegedly conducted or sponsored by states to explicate their geopolitical effects and challenges to international law. As the importance of ICT grows in the modern world, cyber operations have become an integral part of state and non-state actors’ strategies against other states and actors. Researchers will present their findings as part of the project on disruptive military technologies.
For more information, and to register, please visit the official page.
Event description
Event date: 22 June 2022, 9:30–15:00 CEST
The International Geneva Welcome Centre (CAGI) and the CyberPeace Institute jointly curated an all-day cyber skills event for NGOs. The uptake of cloud-based technologies and storage of valuable donor and beneficiary data have made NGOs a frequent target of cyberattacks. The reality for NGOs is that they have to safeguard their cybersecurity as much as private businesses do. The event invites local government representatives, cybersecurity experts, and NGOs to partake in testimonial drafting, roundtable discussions, and awareness raising for boosting NGOs’ cyber skills.
For more information, and to register, please visit the official page.
Acronym: IEC
Established: 1906
Address: 3 rue de Varembé, 1211 Geneva 20 , Switzerland
Stakeholder group: International and regional organisations
The IEC is the world leader in the preparation and publication of international standards for all electrical, electronic, and related technologies. A global, not-for-profit membership organisation, the IEC provides a neutral and independent institutional framework to over 170 countries, coordinating the work of more than 20,000 experts. We administer four IEC Conformity Assessment Systems, which represent the largest working multilateral agreement based on one-time testing of products globally. The members of each system certify that devices, systems, installations, services, and people perform as required.
IEC International Standards represent a global consensus of state-of-the-art know-how and expertise. Together with conformity assessment, they are foundational for international trade.
IEC Standards incorporate the needs of many stakeholders in every participating country and form the basis for testing and certification. Every member country, and all its stakeholders represented through the IEC National Committees has one vote and a say in what goes into an IEC International Standard.
Our work is used in the verification of the safety, performance, and interoperability of electric and electronic devices and systems such as mobile phones, refrigerators, office and medical equipment, or electricity generation. It also helps accelerate digitisation, arteficial inteligence (AI), or virtual reality applications; protects information technology (IT) and critical infrastructure systems from cyberattacks, and increases the safety of people and the environment.
Digital activities
The IEC works to ensure that its activities have a global reach in order to meet all the challenges of digital transformation worldwide. The organisation covers an array of digital policy issues.
Digital policy issues
Artificial intelligence and the internet of things
AI applications are driving digital transformation across a diverse range of industries, including energy, healthcare, smart manufacturing, transport, and other strategic sectors that rely on IEC Standards and Conformity Assessment Systems. AI technologies allow insights and analytics that go far beyond the capabilities of legacy analytic systems.
For example, digital transformation of the grid is enabling increased automation, making it more efficient and able to integrate fluctuating renewable energy sources seamlessly. IEC Standards pave the way for the use of a variety of digital technologies relating to smart energy. They deal with issues such as the integration of renewable energies within the electrical network but also increased automatisation.
The IEC’s work in the area of AI takes a three-pronged approach. IEC experts focus on sector-specific needs (vertical standards) and conformity assessment, while the joint IEC and International Organization for Standardization (ISO) technical committee on AI, JTC1/SC 42, brings together technology experts, as well as ethicists, lawyers, social scientists, and others to develop generic and foundational standards (horizontal standards).
In addition, IEC Safety Standards are an essential element of the framework for AI applications in power utilities and smart manufacturing. IEC Conformity Assessment Systems complete the process by ensuring that the standards are properly implemented.
SC 42 addresses some of the concerns about the use and application of AI technologies. For example, data quality standards for ML and analytics are crucial for helping to ensure that applied technologies produce useful insights and eliminate faulty features.
Governance standards in AI and the business process framework for big data analytics address how the technologies can be governed and overseen from a management perspective. International standards in the areas of trustworthiness, ethics, and societal concerns will ensure responsible deployment.
The joint IEC and ISO technical committee also develop foundational standards for the IoT. Among other things, SC 41 standards promote interoperability, as well as architecture and a common vocabulary for the IoT.
Hardware
The IEC develops standards for many of the technologies that support digital transformation. Sensors, cloud, and edge computing are examples.
Advances in data acquisition systems are driving the growth of big data and AI use-cases. The IEC prepares standards relating to semiconductor devices, including sensors.
Sensors can be certified under the IEC Quality Assessment System for Electronic Components (IECQ), one of the four IEC Conformity Assessment Systems.
Cloud computing and its technologies have also supported the increase of AI applications. The joint IEC and ISO technical committee prepares standards for cloud computing including distributed platforms and edge devices, which are situated close to users and data collection points. The publications cover key requirements relating to data storage and recovery.
Building trust
International Standards play an important role in increasing trust in AI and help support public and private decision-making, not least because they are developed by a broad range of stakeholders. This helps to ensure that the IEC’s work strikes the right balance between the desire to deploy AI and other new technologies rapidly and the need to study their ethical implications.
The IEC has been working with a wide range of international, regional, and national organisations to develop new ways to bring stakeholders together to address the challenges of AI. These include the Swiss Federal Department of Foreign Affairs (FDFA) and the standards development organisations, ISO, and the International Telecommunication Union (ITU).
More than 500 participants followed the AI with Trust conference, in-person and online, to hear different stakeholder perspectives on the interplay between legislation, standards and conformity assessment. They followed use-case sessions on healthcare, sensor technology, and collaborative robots, and heard distinguished experts exchange ideas on how they could interoperate more efficiently to build trust in AI. The conference in Geneva was the first milestone of the AI with Trust initiative.
The IEC is also a founding member of the Open Community for Ethics in Autonomous and Intelligent Systems (OCEANIS). OCEANIS brings together standardisation organisations from around the world to enhance awareness of the role of standards in facilitating innovation and addressing issues related to ethics and values.
Read more
– e-tech
IEC and ISO Work on Artificial Intelligence
Computational Approaches for AI Systems
– IEC Blog
– Video
AI with Trust conference interviews AI Governance
Network security and critical infrastructure
The IEC develops cybersecurity standards and conformity assessments for both IT and operational technology (OT). One of the biggest challenges today is that cybersecurity is often understood only in terms of IT, which leaves critical infrastructure, such as power utilities, transport systems, manufacturing plants and hospitals, vulnerable to cyberattacks.
Cyberattacks on IT and OT systems often have different consequences. The effects of cyberattacks on IT are generally economic, while cyberattacks on critical infrastructure can impact the environment, damage equipment, or even threaten public health and lives.
When implementing a cybersecurity strategy, it is essential to take the different priorities of cyber-physical and IT systems into account. The IEC provides relevant and specific guidance via two of the world’s best-known cybersecurity standards: IEC 62443 for cyber-physical systems and ISO/IEC 27001 for IT systems.
Both take a risk-based approach to cybersecurity, which is based on the concept that it is neither efficient nor sustainable to try to protect all assets in equal measure. Instead, users must identify what is most valuable and requires the greatest protection and identify vulnerabilities.
Conformity assessment provides further security by ensuring that the standards are implemented correctly: IECEE certification for IEC 62443 and IECQ for ISO/IEC 27001.
ISO/IEC 27001 for IT
IT security focuses in equal measure on protecting the confidentiality, integrity, and availability of data – the so-called CIA triad. Confidentiality is of paramount importance and information security management systems, such as the one described in ISO/IEC 27001, are designed to protect sensitive data, such as personally identifiable information (PII), intellectual property (IP), or credit card numbers, for example.
Implementing the information security management system (ISMS) described in ISO/IEC 27001 means embedding information security continuity in business continuity management systems. Organisations are shown how to plan and monitor the use of resources to identify attacks earlier and take steps more quickly to mitigate the initial impact.
IEC 62443 for OT
In cyber-physical systems, where IT and OT converge, the goal is to protect safety, integrity, availability, and confidentiality (SIAC). Industrial control and automation systems (ICAS) run in a loop to check continually that everything is functioning correctly.
The IEC 62443 series was developed because IT cybersecurity measures are not always appropriate for ICAS. ICAS are found in an ever-expanding range of domains and industries, including critical infrastructure, such as energy generation, water management, and the healthcare sector.
ICAS must run continuously to check that each component in an operational system is functioning correctly. Compared to IT systems, they have different performance and availability requirements and equipment lifetime.
Conformity assessment: IECEE
Many organisations are applying for the IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE) conformity assessment certification to verify that the requirements of IEC 62443 have been met.
IECEE provides a framework for assessments in line with IEC 62443, which specifies requirements for security capabilities, whether technical (security mechanisms) or process (human procedures) related. Successful recipients receive the IECEE industrial cybersecurity capability certificate of conformity.
Conformity assessment: IECQ
While certification to ISO/IEC 27001 has existed since the standard was published in 2013, it is only in recent years that the IEC Quality Assessment System for Electronic Components (IECQ), has set up a true single standardised way of assessing and certifying an ISMS to ISO/IEC 27001.
International standards such as IEC 62443 and ISO/IEC 27001 are based on industry best practices and reached by consensus. Conformity assessment confirms that they have been implemented correctly to ensure a safe and secure digital society.
Read more
- Cyber Security: Ensuring IEC 62443 is Implemented Correctly
- Understanding IEC 62443
- IECQ Certification, a Crucial Requirement for ISO/IEC 27001
- Eight Things Organizations Should do to Ensure Compliance with Cyber Security Regulations
- Cyber Security for Critical Infrastructure
Video
- Cybersecurity for the Healthcare Sector
- Cybersecurity for Power Utilities and other Cyber Physical Systems
Social media channels
Facebook @InternationalElectrotechnicalCommission
LinkedIn @IECStandards
Pinterest @IECStandards
Twitter @IECStandards
YouTube @IEC – International Electrotechnical Commission
Acronym: DCAF
Established: 2000
Address: Maison de la Paix, Chemin Eugène-Rigot 2D, 1211 Geneva, Switzerland
DCAF is dedicated to making states and people safer through more effective and accountable security and justice. Since 2000, DCAF has facilitated, driven, and shaped security sector reform (SSR) policy and programming worldwide.
Digital activities
Cyberspace and cybersecurity have numerous implications for security provision, management, and oversight, which is why DCAF is engaged in these topics within its work. DCAF has implemented a cycle of policy projects to develop new norms and good practices in cyberspace. At the operational level, cybersecurity governance has become a prominent part of SSR programming.
Digital policy issues
Capacity development
DCAF supported the drafting of the Global Counterterrorism Forum’s (GCTF) Zurich-London Recommendations on Preventing and Countering Violent Extremism (P/CVE) and Terrorism Online. Subsequently, it co-developed the Policy Toolkit, which transforms these recommendations into practical tools for states. DCAF applies the Policy Toolkit in its work in the Western Balkans. Several UN bodies – as well as the Organization for Security and Co-operation in Europe (OSCE) – are planning to incorporate it into their activities. DCAF has also developed a French language guide on good practices concerning cyberspace governance for the Ecole nationale à vocation régionale (ENVR) de la cybersécurité in Senegal, which is mainly targeted at cybersecurity practitioners in Francophone Africa.
DCAF contributes to effective and accountable cybersecurity in Europe and Central Asia by providing practical guidance and support for the governance of the cybersecurity sector; supporting the development of national and international legal and policy frameworks to promote good cybersecurity governance, and facilitating multistakeholder engagement in cybersecurity. This work is organised in several service lines: providing national cybersecurity assessments; developing policy advice; enhancing regional and transnational cooperation between cybersecurity authorities; building the capacity of computer emergency response teams (CERTs); promoting dialogue and coordination between state and non-state cybersecurity actors; and publishing policy research on good governance in cybersecurity. DCAF regularly works with partners, including the (International Telecommunication Union (ITU), the Regional Cooperation Council (RCC), the OSCE, and DiploFoundation.
To increase the transparency and accountability of the security sector in the Middle East and North Africa, DCAF supports the automation of internal processes, information sharing, document management systems, and data visualisation and analysis in parliaments, ministries, public administrations, and oversight institutions. Furthermore, four online Sector Observatories (Marsads) provide centralised information and analyses on the Tunisian, Libyan, Palestinian, and Egyptian security sectors and their actors, and three legal databases provide searchable online access to legislation governing the security sectors in Libya, Tunisia, and Palestine. Finally, DCAF has provided legal expertise to national oversight institutions in regard to possible privacy violations through and misuse of COVID-19 apps developed by national governments.
In 2016, DCAF developed a social media guide for ombuds institutions and the armed forces under its jurisdiction to support the use of social media as a safe and effective communication tool.
DCAF uses social media platforms to inform stakeholders and the public about its activities, including in relation to cybersecurity.
Digital tools
Social media channels
LinkedIn @DCAF
Twitter @DCAF_Geneva
YouTube @DCAF Geneva Centre for Security Sector Governance
Acronym: WIPO
Established: 1967
Address: Chemin des Colombettes 34, 1211 Geneva 20, Switzerland
Website: https://www.wipo.int/
Stakeholder group: International and regional organisations
WIPO is a UN agency functioning as the global forum for intellectual property (IP) related services (patents, copyright, trademarks, and designs), policy, information, and cooperation. The organisation was established in 1967. It currently has 193 member states and over 200 observers representing non-governmental organisations (NGOs) and intergovernmental organisations. WIPO leads the development of a balanced and effective global IP ecosystem to promote innovation and creativity for a better and more sustainable future.
Digital activities
WIPO runs several online registration systems for patents and trademarks. There are also numerous databases available for use by stakeholders on the same subjects.
Digital policy issues
Frontier technologies including artificial intelligence
WIPO pays particular attention to the interplay between frontier technologies including artificial intelligence (AI) and IP.
The WIPO Conversation on IP and Frontier Technologies provides an open, inclusive forum to engage with and facilitate discussion and knowledge-building among the widest possible set of stakeholders. It leads the global discourse on the impact of frontier technologies on IP, in this fast-moving, complex space. Each year, WIPO usually holds two sessions of the Conversation covering both the uses and applications of frontier technologies to assist IP Offices and IP owners as well as more conceptual policy-based discussions to ensure that the IP systems continue to foster innovation. The five sessions of the WIPO Conversation to date have focused on AI, data, and frontier technologies in IP administration.
WIPO has prepared a paper exploring the (potential) impact of AI on IP policies in areas such as copyright and related rights, patents, trademarks, designs, and overall IP administration. It also maintains an AI and IP strategy clearing house, which collates government instruments (strategies, regulations, etc.) that are relevant to AI, data, and IP.
WIPO is also developing and deploying AI solutions in the context of various activities; relevant examples are WIPO Translate and the WIPO Brand Image Search, which use AI for automated translation and image recognition. The WIPO Index of AI Initiatives in IP Offices seeks to foster information sharing and collaboration between national IP Offices working on similar projects.
- Revised Issue Paper on Intellectual Property Policy and Artificial Intelligence (2020)
- IP and Frontier Technologies
- The WIPO Conversation on IP and Frontier Technologies
- IP and AI
- IP and Data
- AI and IP Clearing House
- Index of AI Initiatives
- Frontier Technologies in IP Administration
- UN Secretary-General’s High-level Panel on Digital Cooperation follow-up process | Contributing to the roundtables on AI and digital platforms.
- Taking part in the Road to Bern via Geneva dialogues on digital and data cooperation.
- Cooperating with the International Telecommunication Union (ITU) in the AI for Good initiative
- Supporting UNESCO’s work on developing the first global normative instrument on the ethics of AI.
- Participating in the work of the Geneva Science and Diplomacy Anticipator (GESDA), and an independent foundation to leverage the anticipative power of science with diplomacy organisations and citizens working in Geneva and around the world.
Alternative dispute resolution and critical internet resources
WIPO’sactivitiesregarding the Domain Name System(DNS) revolve around the protection of trademarks and related rights in the context of domain names. It developed the Uniform Domain-Name Dispute-Resolution Policy (UDRP) with the Internet Corporation for Assigned Names and Numbers (ICANN). Under this policy, WIPO’s Arbitration and Mediation Center provides dispute resolution services for second-level domain name registrations under generic top-level domains (gTLDs) to which the UDPR applies. The Center also administers disputes under specific policies adopted by some gTLD registries (e.g. .aero, .asia, .travel). In addition, it offers domain name dispute resolution services for over 70 country code top-level domains (ccTLDs). WIPO has developed a ccTLD Program to provide advice to many ccTLD registries on the establishment of dispute resolution procedures. It also contributes to the work carried out within the framework of ICANN in regard to the strengthening of existing trademark rights protection mechanisms or the development of new such mechanisms.
- WIPO Guide to the Uniform Domain Name Dispute Resolution Policy
- Guide to WIPO’s services for country code top-level domain registries
- WIPO’s Arbitration and Mediation Center
- WIPO Online Case Administration Tools, including WIPO eADR (allowing parties in a dispute, mediators, arbitrators, and experts in a WIPO case to securely submit communications electronically into an online docket) and online facilities for meetings and hearings as part of WIPO cases.
Intellectual property rights
Trademarks
WIPO has long been involved in issues related to the protection of trademarks in the context of the DNS. The first phase of the WIPO Internet Domain Name Process, carried out in 1991, explored trademark abuse in second-level domain names, and led to the adoption, by ICANN, of the UDRP. WIPO has also contributed to the development of several trademark rights protection mechanisms applicable to gTLDs (such as legal rights objections, the Trademark Clearinghouse, and the uniform rapid suspension system). The WIPO Arbitration and Mediation Center administers trademark-related dispute resolution cases for several gTLDs and ccTLDs.
Copyright
WIPO is actively contributing to international discussions on the opportunities offered by copyright in the digital environment, especially to developing economies, small and medium enterprises (SMEs) and women entrepreneurs. The organisation administers the Internet Treaties and the Beijing Treaty, which clarify that existing copyright and related rights apply on the internet, and introduce new online rights, while also establishing international norms aimed at preventing unauthorised access to and use of creative works on the internet or other digital networks. The WIPO Accessible Books Consortium furthers the practical implementation of the Marrakesh Treaty to increase the number of books available worldwide in accessible digital formats. WIPO member states are considering topics related to copyright in the digital environment at the multilateral level. WIPO also carries out research and organises seminars and other meetings on aspects concerning challenges and possible solutions for taking advantage of the opportunities offered by copyright and related rights in the digital era.
- WIPO Copyright Treaty
- WIPO Performances and Phonogram Treaty
- Standing Committee on Copyright and Related Rights
- Standing Committee on the Law of Trademarks, Industrials Designs and Geographical Indications
- WIPO’s Arbitration and Mediation Center
Liability of intermediaries
Given WIPO’s concerns regarding the protection of copyright and related rights on the internet, the organisation is exploring issues related to the roles and responsibilities of internet intermediaries when it comes to online copyright infringements. The organisation carries out or commissions research and publishes studies on the relationship between copyright and internet intermediaries (such as comparative analyses of national approaches to the liability of Internet intermediaries), and organises events (seminars, workshops, sessions at the World Summit on the Information Society (WSIS) Forum and Internet Governance Forum (IGF) meetings, etc.) aimed at facilitating multistakeholder discussions on the potential liability of internet intermediaries concerning copyright infringements.
Sustainable development
WIPO is of the view that IP is a critical incentive for innovation and creativity, and, as such, a key to the success of the sustainable development goals (SDGs). The organisation works to enable member states to use the IP system to drive the innovation, competitiveness, and creativity needed to achieve the SDGs. It does so, for instance, through supporting countries in their efforts to build an innovative IP ecosystem, providing legislative advice on updating national IP laws, and supporting judiciary systems in keeping up with technological innovation. WIPO’s contribution to the implementation of the Agenda 2030 is guided by its Development Agenda.
- WIPO and the Sustainable Development Goals – Innovation Driving Human Progress (brochure)
- The Impact of Innovation – WIPO and the Sustainable Development Goals
- WIPO GREEN – online marketplace for sustainable technologies
- COVID-19 Technical Assistance Platform – a one-stop digital platform for technical assistance provided by WIPO, WHO, and WTO on IP, public health, and trade matters related to COVID-19.
Climate change
WIPO’s Global Challenges programme brings together various stakeholders to explore issues related to green technologies and the environment. For instance, it hosts WIPO GREEN, a multistakeholder platform aimed to promote innovation and diffusion of green technologies, and it provides analysis of relevant IP issues to facilitate international policy dialogue. The WIPO GREEN platform includes a digital database of more than 120,000 green technologies in sectors such as energy, water and transportation. In 2022, WIPO launched the Green Technology Book, a major digital publication to showcase concrete solutions related to climate change adaptation. The report will be fully integrated with the WIPO GREEN database, allowing for continuous additions by technology providers.
- Innovation and Diffusion of Green Technologies: The Role of Intellectual Property and other Enabling Factors (2015).
- WIPO GREEN – online marketplace for sustainable/ green technologies
Digital tools
Some examples of the digital tools WIPO uses in relation to its services:
- WIPO Online Case Administration Tools, including WIPO eADR (allowing parties in a dispute, mediators, arbitrators, and experts in a WIPO case to securely submit communications electronically into an online docket) and online facilities for meetings and hearings as part of WIPO cases.
- WIPO GREEN – online marketplace for sustainable technologies.
- WIPO Match – platform that matches seekers of specific IP-related development needs with potential providers offering resources.
- WIPO Alert – platform to upload information on entities that infringed copyright at national level.
- Madrid e-services – online tools and resources.
- Electronic Forum – enables the electronic distribution and submission by email of comments concerning preliminary draft working documents and draft reports.
- WIPO Academy – also includes an eLearning Centre.
- WIPO Connect – enables collective management of copyright and related rights at local and central levels.
- ABC Global Book Service – on-line catalogue that allows participating libraries for the blind and organisations serving people who are print disabled to obtain accessible content.
- WIPO Knowledge Centre – hosts virtual exhibitions. Recent subjects have included geographical indications, and AI.
Acronym: OHCHR
Address: Palais Wilson 52, Rue des Pâquis, 1201 Geneva, Switzerland
Website: https://www.ohchr.org/
Stakeholder group: International and regional organisations
The Office of the United Nations High Commissioner for Human Rights and other related UN human rights entities, namely the United Nations Human Rights Council, the Special Procedures, and the Treaty Bodies are considered together under this section.
The UN Human Rights Office is headed by the OHCHR and is the principal UN entity on human rights. Also known as UN Human Rights, it is part of the UN Secretariat. UN Human Rights has been mandated by the UN General Assembly (UNGA) to promote and protect all human rights. As such, it plays a crucial role in supporting the three fundamental pillars of the UN: peace and security, human rights, and development. UN Human Rights provides technical expertise and capacity development in regard to the implementation of human rights, and in this capacity assists governments in fulfilling their obligations.
UN Human Rights is associated with a number of other UN human rights entities. To illustrate, it serves as the secretariat for the UN Human Rights Council (UNHRC) and the Treaty Bodies. The UNHRC is a body of the UN that aims to promote the respect of human rights worldwide. It discusses thematic issues, and in addition to its ordinary session, it has the ability to hold special sessions on serious human rights violations and emergencies. The ten Treaty Bodies are committees of independent experts that monitor the implementation of the core international human rights treaties.
The UNHRC established the Special Procedures, which are made up of UN Special Rapporteurs (i.e. independent experts or working groups) working on a variety of human rights thematic issues and country situations to assist the efforts of the UNHRC through regular reporting and advice. The Universal Periodic Review (UPR), under the auspices of the UNHRC, is a unique process that involves a review of the human rights records of all UN member states, providing the opportunity for each state to declare what actions they have taken to improve the human rights situations in their countries. UN Human Rights also serves as the secretariat to the UPR process.
Certain non-governmental organisations (NGOs) and national human rights institutions participate as observers in UNHRC sessions after receiving the necessary accreditation.
Digital activities
Digital issues are increasingly gaining prominence in the work of UN Human Rights, the UNHRC, the Special Procedures, the UPR, and the Treaty Bodies.
A landmark document that provides a blueprint for digital human rights is the UNHRC resolution (A/HRC/20/8) on the promotion, protection, and enjoyment of human rights on the internet, which was first adopted in 2012, starting a string of regular resolutions with the same name addressing a growing number of issues. All resolutions affirm that the same rights that people have offline must also be protected online. Numerous other resolutions and reports from UN human rights entities and experts considered in this overview tackle an ever-growing range of other digital issues including the right to privacy in the digital age; freedom of expression and opinion; freedom of association and peaceful assembly; the rights of older persons; racial discrimination; the rights of women and girls; human rights in the context of violent extremism online; economic, social, and cultural rights; human rights and technical standard-setting; business and human rights; and the safety of journalists.
Digital policy issues
Artificial intelligence
In 2018, the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression presented a report to the UNGA on Artificial Intelligence (AI) Technologies and Implications for the Information Environment. Among other things, the document addresses the role of AI in the enjoyment of freedom of opinion and expression including ‘access to the rules of the game when it comes to AI-driven platforms and websites’ and therefore urges for a human rights-based approach to AI.
For her 2020 thematic report to the Human Rights Council, the UN Special Rapporteur on contemporary forms of racism, racial discrimination, xenophobia, and related intolerance analysed different forms of racial discrimination in the design and use of emerging technologies, including the structural and institutional dimensions of this discrimination. She followed up with reports examining how digital technologies, including AI-driven predictive models, deployed in the context of border enforcement and administration reproduce, reinforce, and compound racial discrimination.
In 2020, the Committee on the Elimination of Racial Discrimination published its General Recommendation No. 36 on preventing and combating racial profiling by law enforcement officials (CERD/C/GC/36), which focuses on algorithmic decision-making and AI in relation to racial profiling by law enforcement officials.
Child safety online (1)
The issue of child safety online has garnered the attention of UN human rights entities for some time. A 2016 resolution on Rights of the Child: Information and Communications Technologies and Child Sexual Exploitation adopted by the UNHRC calls on states to ensure ‘full, equal, inclusive, and safe access […] to information and communications technologies by all children and safeguard the protection of children online and offline’, as well as the legal protection of children from sexual abuse and exploitation online. The Special Rapporteur on the sale and sexual exploitation of children, including child prostitution, child pornography, and other child sexual abuse material, mandated by the UNHRC to analyse the root causes of sale and sexual exploitation and pro- mote measures to prevent it, also looks at issues related to child abuse, such as the sexual exploitation of children online, which has been addressed in a report (A/ HRC/43/40) published in 2020, but also in earlier reports.
The Committee on the Rights of the Child published its General Comment No. 25 on Children’s Rights in Relation to the Digital Environment (CRC/C/GC/25), which lays out how states parties should implement the convention in relation to the digital environment and provides guidance on relevant legislative, policy, and other measures to ensure full compliance with their obligations under the convention and optional protocols in the light of opportunities, risks, and challenges in promoting, respecting, protecting, and fulfilling all children’s rights in the digital environment.
Data governance
UN Human Rights maintains an online platform consisting of a number of databases on anti-discrimination and jurisprudence, as well as the Universal Human Rights Index (UHRI), which provides access to recommendations issued to countries by Treaty Bodies, Special Procedures, and the UPR of the UNHCR.
UN Human Rights also published a report titled A Human Rights-Based Approach to Data – Leaving no one Behind in the 2030 Agenda for Sustainable Development that specifically focuses on issues of data collection and disaggregation in the context of sustainable development.
UN Human Rights has worked closely with partners across the UN system in contributing to the Secretary-General’s 2020 Data Strategy, and co-leads, with the Office of Legal Affairs and UN Global Pulse, work on the subsequent Data Protection and Privacy Program.
Capacity development
UN Human Rights launched the Guiding Principles in Technology Project (B-Tech Project) to provide guidance and resources to companies operating in the technology space with regard to the implementation of the UN Guiding Principles on Business and Human Rights (UNGPs on BHR). Following the publication of a B-Tech scoping paper in 2019, several foundational papers have delved into a broad range of business-related issues, from business-model-related human rights risks to access to remedies. At the heart of the B-Tech project lies multistakeholder engagement, informing all of its outputs. The B-Tech project is enhancing its engagement in Africa, working with technology company operators, investors, and other key digital economy stakeholders, including civil society, across Africa in a set of African economies and their tech hubs to create awareness of implementing the UNGPs on BHR.
Following a multistakeholder consultation held on 7–8 March 2022, the High Commissioner presented her report on UN Guiding Principles on Business and Human Rights and Technology Companies (A/HRC/50/56), which demonstrated the value and practical application of the UNGPs in preventing and addressing adverse human rights impacts by technology companies.
Extreme poverty (2)
The Special Rapporteur on extreme poverty and human rights has in recent years increased his analysis of human rights issues arising in the context of increased digitisation and automation. His 2017 report to the General Assembly tackled the socio-economic challenges in an emerging world where automation and AI threaten traditional sources of income and analysed the promises and possible pitfalls of introducing a universal basic income. His General Assembly report in 2019 addressed worrying trends in connection with the digitisation of the welfare state. Moreover, in his 2022 report to the UNHRC on non-take-up of rights in the context of social protection, the Special Rapporteur highlighted, among other things, the benefits and considerable risks associated with automation of social protection processes.
Content policy
Geneva-based human rights organisations and mechanisms have consistently addressed content policy questions, in particular in the documents referred under Freedom of Expression and Freedom of Peaceful Assembly and of Association. Other contexts where content policy plays an important role include Rights of the Child, Gender Rights Online, and Rights of Persons with Disabilities. Moreover, the use of digital technologies in the context of terrorism and violent extremism is closely associated with content policy considerations.
UN Human Rights, at the request of the UNHRC, prepared a compilation report in 2016, which explores, among other issues, aspects related to the prevention and countering of violent extremism online, and underscores that responses to violent extremism that are robustly built on human rights are more effective and sustainable.
Additional efforts were made in 2019 when the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism published a report where she examined the multifaceted impacts of counter-terrorism measures on civic space and the rights of civil society actors and human rights defenders, including measures taken to address vaguely defined terrorist and violent extremist content. In July 2020, she published a report discussing the human rights implications of the use of biometric data to identify terrorists and recommended safeguards that should be taken.
Interdisciplinary approaches
Collaboration within the UN system
UN Human Rights is a member of the Secretary-General’s Reference Group and contributed to the development of his Strategy on New Technologies in 2018. The OHCHR was co-champion of the follow-up on two human-rights-related recommendations of the Secretary-General’s High-Level Panel on Digital Cooperation. The outcomes of this process were the basis of the Secretary-General’s Roadmap on Digital Cooperation, presented in June 2020.
As part of the implementation of the Secretary-General’s Call to Action for Human Rights, UN Human Rights launched the UN Hub for Human rights and Digital Technology, which provides a central repository of authoritative guidance from various UN human rights mechanisms on the application of human rights norms to the use and governance of digital technologies.
Moreover, as requested by the Secretary-General’s Roadmap to Digital Cooperation and the Secretary-General’s Call to Action for Human Rights, UN Human Rights is leading a UN system-wide process to develop a human rights due diligence guidance (HRDD) for digital technology. The HRDD guidance in development pertains to the application of human rights due diligence and human rights impact assessment related to the UN’s design, development, procurement, and use of digital technologies, and is expected to be completed by the end of 2022.
UN Human Rights participated in the UNESCO-led process to develop ethical standards for AI. With its aim to protect human rights and serve as an ethical guidance compass in the use of AI, UNESCO recommendation on the Ethics of AI was adopted by UNESCO member states at UNESCO’s General Conference in November 2021. As a strong contributor to the Inter-Agency Working Group on AI, UN Human Rights also provided feedback on the ethical principles of AI for the UN system.
In addition, UN Human Rights is a member of the Legal Identity Agenda Task Force, which promotes solutions for the implementation of SDG target 16.9 (i.e. by 2030, provide legal identity for all, including birth registration). It leads its work on exclusion and discrimination in the context of digitised identity systems.
Neurotechnology
Rapid advancements in neurotechnology and neuroscience, while holding promises of medical benefits and scientific breakthroughs, present a number of human rights and ethical challenges. Against this backdrop, UN Human Rights has been contributing significantly to an inter-agency process led by the Executive Office of the Secretary-General to develop a global roadmap for effective and inclusive governance of neurotechnology.
Secretary-General’s Report on Our Common Agenda
Since the adoption of A/RES/76/6 on Our Common Agenda in November 2021, the follow-up by the UN system has been underway. UN Human Rights is co-leading several proposals in collaboration with other entities, notably on the application of the human rights framework in the digital sphere, mitigation and prevention of internet shutdowns, and disinformation.
Privacy and data protection
Challenges to the right to privacy in the digital age, such as surveillance, communications interception, and the increased use of data-intensive technologies, are among some of the issues covered by the activities of UN Human Rights. At the request of the UNGA and the UNHRC, the High Commissioner prepared four reports on the right to privacy in the digital age. The first report, presented in 2014, addressed the threat to human rights caused by surveillance by governments, in particular mass surveillance. The ensuing report, published in September 2018, identified key principles, standards, and best practices regarding the promotion and protection of the right to privacy. It outlined minimum standards for data privacy legal frameworks. In September 2021, the High Commissioner presented a ground-breaking report on AI and the right to privacy (A/HRC/48/31), in which she called for a ban on AI applications that are incompatible with international human rights law, and stressed the urgent need for a moratorium on the sale and use of AI systems that pose serious human rights risks until adequate safeguards are put in place. In September 2022, the High Commissioner presented a report focusing on the abuse of spyware by public authorities, the key role of encryption in ensuring the enjoyment of human rights in the digital age, and the widespread monitoring of public spaces.
The UNHRC also tackles online privacy and data protection. Resolutions on the promotion and protection of human rights on the internet have underlined the need to address security concerns on the internet in accordance with international human rights obligations to ensure the protection of all human rights online, including the right to privacy. The UNHRC has also adopted specific resolutions on the right to privacy in the digital age, addressing issues such as mass surveillance, AI, the responsibility of business enterprises, and the key role of the right to privacy as an enabler of other human rights. Resolutions on the safety of journalists have emphasised the importance of encryption and anonymity tools for journalists to freely exercise their work. Two resolutions on new and emerging technologies (2019 and 2021) have further broadened the lens, for example by asking for a report on the human rights implications of technical standard-setting processes.
The UNHRC has also mandated the Special Rapporteur on the right to privacy to address the issue of online privacy in its Resolution on the Right to Privacy in the Digital Age from 2015 (A/HRC/RES/28/16). To illustrate, the Special Rapporteur has addressed the question of privacy from the stance of surveillance in the digital age (A/HRC/34/60), which becomes particularly challenging in the context of cross-border data flows. More recently, specific attention has been given to the privacy of health data that is being produced more and more in the day and age of digitalisation, and that requires the highest legal and ethical standards (A/HRC/40/63). In this vein, in 2020, the Special Rapporteur examined data protection and surveillance in relation to COVID-19 and contact tracing in his preliminary report (A/75/147), in which he provided a more definitive analysis of how pandemics can be managed with respect to the right to privacy (A/76/220) in 2021. In another 2020 report (A/HRC/43/52), the Special Rapporteur provides a set of recommendations on privacy in the online space calling for, among other things, ‘comprehensive protection for secure digital communications, including by promoting strong encryption and anonymity- enhancing tools, products, and services, and resisting requests for “backdoors” to digital communications’ and recommending that ‘government digital identity programs are not used to monitor and enforce societal gender norms, or for purposes that are not lawful, necessary, and proportionate in a democratic society.’
The Special Rapporteur also addressed the challenges of AI and privacy, as well as children’s privacy, particularly the role of privacy in supporting autonomy and positive participation of children in society, in his report in 2021 (A/HRC/46/37).
Lastly, in 2022, the Special Rapporteur examined developments in privacy and data protection in Ibero- America in her report titled Privacy and Personal Data Protection in Ibero-America: A Step Towards Globalization? (A/HRC/49/55).
Freedom of expression
The High Commissioner and her office advocate for the promotion and protection of freedom of expression, including in the online space. Key topics in this advocacy are the protection of the civic space and the safety of journalists online; various forms of information control, including internet shutdowns and censorship; addressing incitement to violence, discrimination, or hostility; disinformation; and the role of social media platforms in the space of online expression.
Freedom of expression in the digital space also features highly on the agenda of the UNHRC. It has often been underlined that states have a responsibility to ensure adequate protection of freedom of expression online, including when they adopt and implement measures aimed at dealing with issues such as cybersecurity, incitement to violence, and the promotion and distribution of extremist content online. The UNHRC has also been firm in condemning measures to intentionally prevent or disrupt access to or the dissemination of information online, and has called on states to refrain from and cease such measures.
In 2021, at the request of the UNHRC A/HRC/47/22, the High Commissioner prepared a report on internet shutdowns (A/HRC/50/55), which looks at trends in internet shutdowns, analysing their causes, their legal implications, and their impact on a range of human rights, including economic, social, and cultural rights. She called on states to refrain from the full range of internet shutdowns and for companies to uphold their responsibilities to respect human rights. She stressed the need for development agencies, and regional and international organisations to bridge their digital connectivity efforts with efforts related to internet shutdowns.
UN Human Rights also weighs in on a range of law-making processes that are relevant to the exercise of the right to freedom of expression. For example, it has engaged with the development of the EU Digital Services Act, commented extensively on global trends in regulating social media, and participated in the process of elaborating a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes.
Special Rapporteurs on the promotion and protection of the right to freedom of opinion and expression have been analysing issues relating to free expression in the digital space for more than a decade. Reports in the first half of the 2010s already addressed the importance of universal access to the internet for the enjoyment of human rights, free expression in the context of elections, and the adverse impacts of government surveillance on free expression. In 2018, the Special Rapporteur published a report on online content regulation. It tackles governments’ regulation of user-generated online content, analyses the role of companies, and recommends that states should ensure an enabling environment for online freedom of expression and that businesses should rely on human rights law when designing their products and services. The same year, he also presented to the UNGA a report addressing freedom of expression issues linked to the use of AI by companies and states. A year later, the Special Rapporteur presented a report to the UNGA on online hate speech that discusses the regulation of hate speech in international human rights law and how it provides a basis for governmental actors considering regulatory options and for companies determining how to respect human rights online.
In 2020, the Special Rapporteur issued Disease Pandemics and the Freedom of Opinion and Expression, a report that specifically tackles issues such as access to the internet, which is highlighted to be ‘a critical element of healthcare policy and practice, public information, and even the right to life’. The report calls for greater international coordination on digital connectivity given the importance of digital access to healthcare information. Other reports addressed the vital importance of encryption and anonymity for the exercise of freedom of opinion and the threats to freedom of expression emanating from widespread digital surveillance.
The Special Rapporteur, while acknowledging the complexities and challenges posed by disinformation in the digital age, noted that responses by states and companies to counter disinformation have been inadequate and detrimental to human rights. In her 2021 report Disinformation and Freedom of Opinion and Expression (A/HRC/47/25), she examined the threats posed by disinformation to human rights, democratic institutions, and development processes, and called for multidimensional and multistakeholder responses to disinformation that are well grounded in the international human rights framework and urged companies to review their business models and states to recalibrate their responses to disinformation.
More recently, in 2022, the Special Rapporteur issued Reinforcing Media Freedom and the Safety of Journalists in the Digital Age (A/HRC/50/29), a report in which she calls on states and the international community to strengthen multistakeholder cooperation to protect and promote media freedom and the safety of journalists in the digital age, and ensure independence, pluralism, and viability of the media. She also calls on digital services companies and social media platforms to respect the UNGPs on BHR.
Online hate speech and discrimination have also been addressed by the Special Rapporteur on freedom of religion and belief. For instance, in a report published in 2019, the online manifestation of antisemitism (including antisemitic hate speech) was underscored, and best practices from the Netherlands and Poland were shared. The report highlights that governments ‘have an affirmative responsibility to address online antisemitism, as the digital sphere is now the primary public forum and marketplace for ideas’. In another document published that same year, the Special Rapporteur assesses the impact of online platforms on discrimination and on the perpetuation of hostile and violent acts in the name of religion, as well as how restrictive measures such as blocking and filtering of websites negatively impact the freedom of expression.
The issue of online blasphemy and undue limitations on expressing critical views of religions and beliefs imposed by governments has also been addressed on a number of occasions, including in a report from 2018.
Gender rights online (3)
UN Human Rights and the UNHRC have reiterated on several occasions the need for countries to bridge the gender digital divide and enhance the use of ICTs, including the internet, to promote the empowerment of all women and girls. It has also condemned gender-based violence committed on the internet. Implementing a 2016 UNHRC resolution on the Promotion, Protection, and Enjoyment of Human Rights on the Internet, the High Commissioner on Human Rights in 2017 prepared a report on Ways to Bridge the Gender Digital Divide from a Human Rights Perspective.
Rights of persons with disabilities
The promotion and protection of the rights of persons with disabilities in the online space have been addressed on several occasions by the UN Special Rapporteur on the rights of persons with disabilities. A report from 2016 underscored that ICTs including the internet can increase the participation of persons with disabilities in public decision-making processes and that states should work towards reducing the access gap between those who can use ICTs and those who cannot.
Nevertheless, a report from 2019 stressed that the shift to e-governance and service delivery in a digital manner can hamper access for older persons with disabilities who may lack the necessary skills or equipment.
The Special Rapporteur also examined the opportunities and risks posed by AI, including discriminatory impacts in relation to AI in decision-making systems. In his 2021 report (A/HRC/49/52), the Special Rapporteur emphasises the importance of disability-inclusive AI and the inclusion of persons with disabilities in conversations about AI.
Freedom of peaceful assembly and association
The exercise of the rights to freedom of peaceful assembly and association in the digital environment in recent years has attracted increased attention. For example, the High Commissioner presented to the 44th session of the UNHRC a report on new technologies such as ICTs and their impact on the promotion and protection of human rights in the context of assemblies, including peaceful protests. The report highlighted many of the great opportunities for the exercise of human rights that digital technologies offer, analysed key issues linked to online content takedowns, and called on states to stop the practice of network disruptions in the context of protests. It also developed guidance concerning the use of surveillance tools, in particular facial recognition technology.
The Human Rights Committee published in July 2020 its General Comment No. 37 on Article 21 of the International Covenant on Civil and Political Rights (ICCPR) (right of peaceful assembly), which addresses manifold aspects arising in the digital context.
The Special Rapporteur on the rights to freedom of peaceful assembly and of association in 2019 published a report for the UNHRC focusing on the opportunities and challenges facing the rights to freedom of peaceful assembly and of association in the digital age. In following reports, he condemned the widespread practice of internet shutdowns and raised concerns about technologically mediated restrictions on free association and assembly in the context of crises.
Digital tools
Technical standard-settings and human rights
The UNHRC adopted resolution A/HRC/RES/47/23 on new and emerging digital technologies and human rights, which requested UN Human Rights to convene an expert consultation and write a report discussing the relationship between human rights and technical standard-setting processes for new and emerging digital technologies. The expert consultation and the report will be presented in 2023 at the UNHRC.
As requested by the UNHRC, in its resolution A/HRC/ RES/47/23, the High Commissioner presented her report on UN Guiding Principles on Business and Human Rights and Technology Companies (A/HRC/50/56), following the multistakeholder consultation held on 7–8 March 2022. The High Commissioner’s report demonstrated the value and practical application of the UNGPs in preventing and addressing adverse human rights impacts by technology companies
The UNHRC has developed an e-learning tool to assist government officials from least-developed countries and small island developing states (SIDS) as per the mandate of the Trust Fund to develop competencies on the UNHRC and its mechanisms.
Future of meetings
For more information, visit the UN Human Rights meetings and events page.
Social media channels
Facebook @WIPO
Flickr @WIPO
Instagram @wipo
LinkedIn @WIPO
Podcast @https://www.wipo.int/podcasts/en/
Twitter @WIPO
YouTube @WIPO