Putting cybersecurity on the rights track

Association for Progressive Communications (APC)

This report is a compilation of the outcomes of the research component of a small project entitled “Putting cybersecurity on the rights track” that the Association for Progressive Communications (APC) implemented during the course of 2019 with the participation of APC members. The project was supported by the Mozilla Foundation, and its goal was to enable the APC network to develop a research and advocacy strategy to ensure that cybersecurity policy and norms are influenced by civil society and progressive techie voices so that these policies integrate a rights-based approach.

The project built on the pre-event on a rights-based approach to cybersecurity organised by APC at the 2017 Internet Governance Forum in Geneva. Based on the outcomes of that event, APC identified what it believed to be the primary challenges for civil society in relation to the cybersecurity landscape:

  • The sidelining of civil society from cybersecurity processes.

  • The fragmentation of cybersecurity processes.

  • The rights and security “balance” myth.

  • The “cybersecurity is a national security issue” myth.

  • A lack of common understanding and strategy amongprogressive non-state actors (rights defenders, civil society organisations, technologists, progressive internet companies and ethical hackers).

Strategies identified at this event by APC and its partners and members to address these challenges included:

  • Deepening discourse: This can be done by connecting and combining the “rights” approach used by civil society organisations working in the digital space with the “network security” approach used by engineers and cybersecurity tech experts.

  • Debunking myths: Through research and evidence, we can debunk the “security vs rights” approach, as well as the idea that cybersecurity should be dealt with primarily through “national security” strategies.

  • Connecting people, movements, sectors: In particular, this involves bringing technologists and human rights experts together so that they see the challenges through one another’s eyes. We also want to use opportunities such as the Global Commission on the Stability of Cyberspace to develop rights-based norms.

  • Moving out of civil society’s comfort zone: By promoting opportunities for civil society to participate in and speak at mainstream cybersecurity events, we will contribute to breaking down silos, gaining knowledge and developing tactics which will strengthen rights advocacy.

The “Putting cybersecurity on the rights track” project sought to move forward the implementation of some of these strategies through the development of the following key activities:

  • Conducting a survey of APC members to establish a baseline of their cybersecurity-related perceptions, understanding and concerns.

  • Mapping the ecosystem of who the key actors are and where critical cybersecurity decisions are being made (globally and regionally) to identify opportunities to advance human rights-based approaches to cybersecurity and identify where the main threats to human rights-based approaches to cybersecurity lie.

  • Identifying and documenting case studies where APC members approached a cybersecurity challenge from a human rights perspectives in order to extract some lessons that can be shared.

  • Visualising the ecosystem to map the issues, actors, institutions and processes making up the cybersecurity universe

  • Building a longer-term research agenda.

You can download the full report here.

« Go back