Beyond transforming the networking layer, New IP also sets out to reconceptualize the unique identifier systems that underpin the internet.[47] This is done through the incorporation of immutable identifiers and “burned in” addresses throughout the networking process and the introduction of decentralized ledger technologies (DLTs)—more commonly known as blockchain—into the networking architecture. These technologies would significantly alter the nature of the internet, introducing new tracking capabilities, facilitating access to data and information controls, and also undermining the governance models of current internet identifiers such as domain names and addresses.
Identifiers are used to locate and retrieve information by assigning unique, permanent names to “things” on the internet (such as users, content, routers, servers, devices). Within New IP proposals, these identifiers have been described as bit strings that are centrally administered and immutable. The reliance on persistent, one-to-one relationships between an identifier and an object would enable unparalleled tracing over the internet through the creation of permanent records, for example, on users’ browsing history. Additionally, using these identifiers, the network could be instructed to discard packets or disconnect devices that are deemed illegitimate, through what New IP depictions describe as the “shut off” protocol.[48]
DLTs are also being proposed for standardization in ways that would transform the internet’s existing identifiers systems, primarily the domain name system.[49] Huawei’s descriptions of New IP include a blockchain layer that would operate at the point of networking connection to provide what Huawei representatives have described as the “decentralized trustworthiness of the Internet name spaces.”[50] This claims to solve DNS security issues through the verification of IP address ownership and tracking of DNS resolution (the process of translating an IP address into a domain name). Presented as a security feature, in practice this allows unparalleled tracing over the internet.
The distributed nature of DLTs and their reliance on encryption means the technology is normally associated with being decentralized and secure. However, these features are dependent on how the technologies are implemented. If applied to the internet architecture as proposed within New IP, DLT would generate opposite effects.[51] Its use would allow for centralized control, streamline data collection, and further facilitate individualized tracking of users and content. It would also automatically collect and share data with designated entities.[52] This means it could be employed by governments to share, gather, aggregate, and analyze data. These features are likely to be supported and further enhanced by 5G’s edge computing, a technology that brings information processing closer to devices and end-user, and that is expected to boost data generation and collection.[53]
Lastly, the secured implementation of this technology depends largely on who controls the DLT (and the data it processes). In China, this is likely to be state-owned entities; other governments that import these technologies could facilitate similar arrangements. Combined with immutable identifiers as described in some New IP proposals, every action and transaction thus becomes traceable and allows for surveillance and scrutiny. This would further erode anonymity online and open the door to mass surveillance. In other words, the distributed nature of DLT does not prevent centralization, and the mere use of blockchain encryption does not guarantee privacy or protection from surveillance.
There are a number of additional concerns about the integration of blockchain into a large-scale network, such as its high power consumption and environmental impact, and the latency on routing decisions, which would erode the user experience. These considerations, though valid, are beyond the scope of this chapter.
How New IP Fails to Respect Human Rights
The capture, transfer, and use of personal data envisioned by New IP would violate states’ obligations in the International Bill of Rights to respect and ensure human rights and corporate actors’ responsibilities, reflected in the UN Guiding Principles on Business and Human Rights, to respect human rights in their activities.[54]
As shown above, New IP would be significantly more intrusive than current forms of online surveillance. Under this model, surveillance would not happen through hacking or interfering with the network; surveillance capabilities would be built into the internet architecture itself. If adopted, New IP’s data gathering, individual tracking, and user and content control capabilities would threaten multiple human rights. This section discusses the impact that a New IP network model would have on the right to privacy and other human rights that are essential for the health of open and free societies. The impacts would be felt not only on civil and political rights, but also on economic, social, and cultural rights. The section also addresses how New IP would contribute to China’s social control and surveillance ecosystem and undermine the principle of universality of human rights by facilitating systems where access to rights is contingent on the fulfillment of responsibilities.
New IP would place surveillance data in the hands both of corporate actors—ISPs and infrastructure providers—and of the governments with which they collaborate. In the case of China, the companies that would hold the information yielded by New IP are either government-controlled or have close links with the government.[55] It is commonplace in China for the government to capture and use data generated by the private sector. The requirement for such data-sharing is often built into local regulations and is likely to be broadened in the years to come.[56]
Impacts on Privacy
The right to privacy is protected in Article 12 of the Universal Declaration of Human Rights (UDHR) and Article 17 of the International Covenant on Civil and Political Rights (ICCPR), as well as regional human rights treaties. At its heart, this right seeks to defend individuals’ private sphere—an area for autonomous development, interaction, and liberty that is free from state intervention.[57] The right to privacy includes informational privacy—that is, privacy in information that exists, or that can be deduced, about a person. This includes information from online communications and metadata.
While technology-mediated, mass data collection by both private and public actors is increasingly common, it must not unduly interfere with privacy. International human rights law and standards set out clear rules on the circumstances under which interferences with the right to privacy are permissible. In broad terms, any interference must be provided for by clear and publicly accessible law, pursue an objectively legitimate aim, and be necessary and proportionate to achieving that aim.
The precise parameters of acceptable interferences with the right to privacy in the collation, retention, and use of online data are being discussed in parallel with ongoing developments in information-gathering technologies and artificial intelligence. David Kaye, when UN Special Rapporteur on freedom of opinion and expression, called for an immediate moratorium on the global trade and use of surveillance technologies until “rigorous human rights safeguards are put in place to regulate such practices.”[58] The statement was made with reference only to targeted surveillance. When considering mass surveillance, the challenge becomes even more severe and raises the question whether safeguards can ever be robust enough to mitigate such risk. The European Union’s proposed regulation on artificial intelligence is one example of an effort to develop a legal framework to ensure respect for human rights, including through the creation of robust safeguards that would mitigate potential threats to rights from mass surveillance.
Wherever the parameters of acceptable mass collection of data and surveillance lie, it is clear that New IP would fall far short of compliance with the right to privacy. Both case law and commentary from international organizations relate to privacy infringements far less intrusive than those enabled by New IP. They show clearly that New IP would violate the right to privacy in four distinct ways.
(a) Data collection: The right to privacy stipulates that any collection of personal data must be fair, lawful, and transparent.[59] Laws permitting the collection of personal data must guarantee that such information can only be accessed by those who need it, ensure that it is only processed for purposes compatible with international human rights law, and enable individuals to ascertain what data are held about them, and by whom. Laws should also enable individuals to request the correction and deletion of those data. In practice, many states have sought to translate these requirements through data protection laws, such as the General Data Protection Regulation in the European Union.
Much debate has taken place about whether “bulk” data collection constitutes an act of surveillance. Recent analysis by the United Nations High Commissioner for Human Rights indicates that data collection relating to “a person’s identity, family or life” interferes with the right to privacy.[60] Data do not need to be examined by a person or an algorithm for privacy to be impacted; the mere collection of information means that “an individual loses some control over information that could put his or her privacy at risk.”[61] The European Court of Human Rights (ECtHR) too has reinforced these standards in its recent Big Brother Watch decision, which set a new precedent against indiscriminate data collection for Council of Europe (CoE) member states.[62]
New IP would not meet privacy standards on data collection. Its reliance on DLT would allow the gathering of data such as browsing history and online habits and, through immutable identifiers, those data could be attributed to specific users or devices. In addition, any metadata collected through the deployment of DLT that when aggregated could give an insight into an individual’s “behavior, social relationships, private preferences, and identity” would constitute an interference with or violation of the right to privacy.[63]
(b) Surveillance: Surveillance is only permissible if—in addition to the general requirements relating to interferences with the right to privacy—it is limited in scope and duration, targeted, and subject to independent authorization and oversight.[64] According to UN Human Rights Council (UNHRC) Resolution 42/15, arbitrary surveillance, interception of communications, and collection of personal data are all violations or abuses of the right to privacy.[65] Similarly, in the context of the COVID-19 pandemic, UNHRC Resolution 47/23 of July 2021 highlights how response measures to the pandemic have “reinforced the need to address arbitrary surveillance not in accordance with States’ obligations under international human rights law and inconsistent with the principles of necessity, proportionality and legality.”[66]
New IP would not meet privacy standards on surveillance. Its alternative networking model would enable mass surveillance at an unprecedented scale. The Mercator Institute for China Studies (MERICS) reports that China has rolled out surveillance initiatives such as Golden Shield, Skynet, Safe Cities and Police Clouds, and Project Sharp Eyes, yet these currently face challenges of lack of digitization and harmonization across states.[67] New IP would have the capacity to offer streamlined access to data and profiling mechanisms for the benefit of such surveillance programs. Even if, as some liberal democracies argue, mass surveillance can sometimes be justified on the grounds of national security, New IP goes far beyond being a proportionate response to any conceivable threat. Its enabling of mass-scale, long-term monitoring of the population in all circumstances would clearly not be compatible with the right to privacy.
(c) Erosion of anonymity: As assessed by the former UN Special Rapporteur on freedom of opinion and expression, anonymity online is necessary for the exercise of this right, and any restrictions on it must be strictly limited to measures that are lawful, necessary, proportionate, and in furtherance of a legitimate objective.[68]
The erosion of anonymity contemplated by New IP would meet none of these conditions. New IP would undermine anonymity by weakening encryption frameworks used in the Internet. The proposed reconfiguration of the networking layer would expose a great deal of information on users and contents. With this information so readily available, the ability of existing encryption efforts to prevent content inspection and censorship would be severely curtailed. Using burned-in identifiers, no longer anonymous users could be effectively blocked from the network. Unprotected communications would also be exposed to inspection and content blocking.
New IP would in addition co-opt existing trust mechanisms such as blockchain encryption and incorporate them into its surveillance architecture. Proponents of New IP maintain that blockchain and DLTs will render the network safe. However, as conceived under New IP, DLTs actually give great control to whoever manages their implementation—most likely government authorities or state-owned operators.[69] The erosion of mechanisms that help protect anonymity could have a significant negative impact on dissidents, human rights defenders, journalists, and activists, all of whom rely on these tools to communicate freely.[70] It would also jeopardize all internet users by rendering them vulnerable to state interference.
(d) Permanent user profiles: New IP could enable the creation of permanent profiles on individuals. The adoption of permanent user profiles would amount to a gross violation of the right to privacy and have a chilling effect on other rights. New IP’s combined use of DLT and identifiers would enable individuals’ online activity to be recorded on permanent ledgers. This level of individualized tracking offered by New IP would threaten, if not eliminate, anonymity online. It would potentially feed private activities online into social control or surveillance programs, such as China’s social credit system, which makes financial credit and other social advantages contingent on socially acceptable behavior, and the Golden Shield Project (the Great Firewall), which controls accessible internet content.
The interest in applying DLT to tracing individuals is not new for the Chinese authorities; in 2018, the Chinese Central Internet regulator proposed legislation to require blockchain companies to sign up users by means of their national ID numbers.[71]
Comparison with Western Data Collection
and Surveillance Practices
Mass surveillance is certainly not unknown in the West. The Edward Snowden revelations uncovered unlawful practices of domestic and foreign surveillance emerging from the United States.[72] The amount of data amassed and used by social media and technology companies too is increasingly perceived as infringing on privacy.[73] While the mass surveillance undertaken by Western governments is arguably disproportionate, New IP and related social control would embody different surveillance objectives—control of behavior, rather than for an aim recognized as legitimate by international human rights law, such as national security or the prevention of crime. Surveillance under New IP would also happen at a wholly different scale, being the norm rather than the exception whenever the internet is used. Moreover, being all-pervasive and invisible, New IP and related measures would not be restrained by checks and balances, such as transparent rules with the opportunity to seek redress for breach through the courts, opportunities to highlight and protest against poor practice publicly and in the media, or the potential for investor scruple that restricts investment in rights-violating systems.
Impacts on Other Rights That Enable Open and Free Societies
There would be impacts in three important areas: civil and political rights; economic, cultural, and social rights (ECS); and discrimination.
Civil and political rights: New IP’s surveillance capabilities would not only have an impact on individuals’ right to privacy, but would also interfere with other civil and political rights that are essential for democratic societies. These include the right to freedom of opinion and expression, and the right to freedom of peaceful assembly and association. As with the right to privacy, international human rights law is clear that any restrictions on these rights must be provided for by clear and publicly accessible law, must pursue an objectively legitimate aim, and must be necessary and proportionate to achieving that aim.
New IP would affect freedom of opinion and expression in multiple ways. First, data collection and surveillance can lead to self-censorship.[74] New IP would exert an overt form of surveillance, as network users would very likely be aware of the possibility of individualized tracking of online activity. This would set off a Panopticon effect, meaning that New IP users might adjust their online behavior and particularly their communications and the information they search for and share.[75] Second, if users know that its surveillance mechanisms may entail consequences such as restricted access to social credit, New IP could serve as a mechanism to silence dissent and enforce control. Lastly, New IP could interfere with users’ ability to seek, receive, and impart information and to inform opinions without interference. Specifically, entities in charge of managing DLT could block both users and content.
Similarly, New IP could have chilling impacts on the right to freedom of peaceful assembly and association. It could be leveraged by governments to disable organization through online channels by blocking specific users, such as dissidents or perceived troublemakers; specific sites and platforms that bring protesters together; or specific content related to the purpose of mobilization. These actions could be interpreted as microtargeted shutdowns, which would in turn help governments avoid the unpopular, complete network shutdowns that are commonplace today. These types of interference would undermine the right of assembly by restricting the ability to mobilize effectively.[76] New IP would also enhance the ability of governments to keep track of protesters, either through mass surveillance mechanisms enabled by data collection or through targeted surveillance enabled by user profiles. New IP’s undermining of encryption and anonymity would thus have negative impacts on freedom of peaceful assembly and association.
Economic, social, and cultural (ESC) rights: Lack of access to an open, free, and global internet may impede the realization of ESC rights and of the sustainable development goals. For example, lack of free access to health information during a pandemic may prevent individuals from becoming aware of appropriate prevention and remedies and may obscure the effects of the pandemic in their communities.[77] Lack of access to a global internet may have an adverse impact on education, by reducing the sources of information available to individuals. It may reduce employment opportunities, particularly internationally. More generally, by creating barriers between communities and countries, lack of a global, open internet may reduce prospects for economic growth and development and may thereby operate to perpetuate conditions of poverty. This in itself would hinder the implementation of a wide range of ESC rights.
Discrimination: Article 2.1 ICCPR requires states not to discriminate in their implementation of rights, and Article 26 entitles all persons to equality before the law and protection against discrimination on any grounds. Similarly, Article 2.2 of the International Covenant on Economic, Social and Cultural Rights (ICESCR) requires states to implement economic, social, and cultural rights without discrimination.
The enhanced individualized tracking and profiling enabled by New IP would facilitate the discriminatory treatment of individuals and groups. For example, individualized tracking through New IP may place minorities at risk. States would have the tools to single out target groups, track their online activity, persecute them, or coerce them into adopting desired behaviors. China’s well-documented surveillance of the Uyghurs through the Integrated Joint-Operations Platform (IJOP) in Xinjiang indicates that these potential uses are not far-fetched. These efforts would run in parallel with other efforts to reinforce discriminatory practices through technology such as in AI, with several Chinese firms filing patents and seeking to standardize facial recognition software that claims to be able to identify religious or ethnic minorities by their features.[78]
Risks of Conditional Implementation of Human Rights
New IP would enable the creation of data logs and collection of information at an unprecedented scale. If deployed domestically within China, government agencies in charge of managing New IP’s blockchain logs could easily share collected data with the purpose of implementing or strengthening profiling, scoring, and ranking mechanisms that render access to rights and benefits conditional on meeting specific criteria. In other words, they could make human rights contingent on meeting conditions or responsibilities. Such mechanisms could penalize and impose consequences on those monitored. Social benefits and freedoms such as freedom of movement could be denied as a form of punishment to control behavior. Such consequences could be imposed not only on groups linked by a characteristic, which would constitute a form of discrimination, but also on individuals by reference to their behavior.
Conditionality is already evident in China’s social credit system. First formalized as a national objective in 2014, this system is still being developed and features as a priority in the country’s most recent Five-Year Plan. At its heart, it is a reward and punishment mechanism designed to render entry into various market transactions contingent upon scoring of behavior, applied to both individual and corporate actors. Unlike financial credit scoring systems in the West, this system takes account not only of financial information but also of nonfinancial information such as travel, health, and police data gathered from a multiplicity of agencies and sources.[79] The system operates not through the imposition of new obligations, but rather as a strict enforcement mechanism for existing regulations, including those that may lead to discriminatory treatment of individuals.[80]
Multiple reports indicate that China’s social credit system pursues primarily financial and commercial goals, yet it has troubling effects in the enjoyment of rights. China is reported to have banned millions of citizens from buying plane or train tickets, and some local governments are also experimenting with additional limitations, barring those deemed untrustworthy from access to financial services and real estate transactions.[81]
In practice, China’s rollout of the social credit system appears to have been challenging and far from uniform. There are diverse social credit regimes across various units of government, with varying assessment criteria and scope.[82] The creation of separate systems across the country has resulted in a marked fragmentation.[83] In addition, they are not fully digitized, relying heavily on nonsystematized data and human analysis.[84]
New IP would largely resolve these implementation challenges and enable further systems of contingent access to rights. New IP’s reliance on DLT would facilitate nationwide data collection and data sharing with designated entities, such as government agencies and corporations that participate in social credit schemes.[85] The combined use of DLT and identifiers would further strengthen the creation of fully digital, permanent records on individuals. By significantly increasing the data-driven analytical power of the Chinese state, New IP would align very closely with China’s data governance priorities to create a cohesive information ecosystem across regions and administrative levels.[86]
Contingency systems for the implementation of human rights can entrench discrimination and undermine a cardinal tenet of international human rights law: the principle of universality of human rights. This principle establishes that everyone is entitled to the benefit of human rights without discrimination. In other words, the entitlement to human rights cannot be made contingent on the performance of responsibilities.[87] While China is not a party to the ICCPR, it is to the ICESCR and numerous other instruments that stress the universal nature of human rights. By making rights contingent on responsibilities, China would breach both civil and political rights, such as the right to freedom of movement (Article 13 UDHR, Article 12 ICCPR) and economic, social, and cultural rights such as the right to social security (Article 22 UDHR, Article 9 ICESCR), as well as nondiscrimination provisions (Article 2 UDHR, Article 2 ICCPR, Article 2 ICESCR).[88]
In sum, the creation of a system that gives states the tools to make human rights and social benefits contingent on each person’s individual, closely monitored behavior has deeply worrying potential for human and societal control. It would facilitate discrimination and run directly contrary to the principle of universality of human rights.
Reinforcing Human Rights in Standards Development
Historically, standardization was perceived as ethically neutral. However, as the example of New IP demonstrates, standardization processes can have important ethical and human rights implications.
Building human rights awareness into standardization is becoming ever more pressing, particularly in the field of emerging technologies. If standardization processes approve technologies that undermine human rights, the norms and processes of human rights law do not offer a robust defense against implementation of those technologies. As in other fields, human rights norms fare poorly when competing against adopted technical standards. Trade protections afforded to ITU recommended standards provide a useful example. Under WTO rules, technologies standardized within the ITU get immediate clearance to be traded internationally; the TBT agreement further encourages the adoption of approved standards. These WTO rules take precedence over human rights norms, even when standardized technologies may directly challenge human rights. Moreover, human rights norms and processes do not offer teeth to challenge technical standards. Not only is there no normative mechanism to embed human rights into standardization, but, once adopted, standards cannot be set aside on human rights grounds. On the contrary, WTO rules support standardized technologies without consideration of their compliance with human rights.[89]
If human rights continue to be overlooked in the development of technical standards, the standardization of surveillance-enabling technologies such as New IP has the potential to sweep away large swaths of the protections afforded by the Universal Declaration of Human Rights and the UN human rights treaties. Yet the government representatives, civil society, international organizations, and academic community devoted to human rights may all be oblivious because they are not aware of or engaged in standardization processes.
It is therefore vital that participation in SDOs be diversified to include those concerned with human rights. While standards development processes are expert-led processes and should remain a sphere of technical and engineering expertise, they should reinforce ongoing efforts to build a sufficiently open and diverse participation to ensure a realistic prospect of human rights issues being raised and considered in technology design. A recent ethnographic analysis of the IETF pointed to a cultural resistance among technical experts to including human rights considerations in standardization, rooted in shared views of technology as largely apolitical and “non-prescriptive” in nature.[90] In spite of the work of IETF’s Human Rights Protocol Considerations Research Group, which has proposed human rights guidelines for protocol development, the organization has been slow to incorporate human rights considerations into standards.[91] Similarly, within the ITU, proposals to introduce privacy assessments and human rights impacts reviews have encountered pushback.[92] Moving toward a greater integration of human rights into standardization processes will require the removal of barriers to participation such as prohibitive costs, as well as enhanced support to newcomers to reach the level of expertise needed to participate meaningfully, and creative thinking to institutionalize human rights thinking in technical processes.
Recommendations
Like-minded governments should continue to increase their efforts to uphold the core values of a global, open, and free internet, and to oppose ongoing efforts to standardize New IP and related technologies.
The case study of New IP in this chapter illustrates how, in the light of developments in technology and artificial intelligence, a growing range of technical standards processes have ethical and human rights implications. Consequently, we make several specific recommendations with the aim of better integrating human rights into standards development.
- The human rights and diplomatic communities should, whenever possible, increase their participation in standardization processes. Multilateral bodies such as the ITU should lower the barriers to participation for nonstate members. Additional funding should be directed to enhance the participation of human rights organizations and consumer protection agencies. At the same time, governments should consider bringing human rights expertise into national delegations to multilateral bodies, including by involving nongovernmental organizations (NGOs), as some are already beginning to do.
- The UN should set up a unit on standards and human rights within the Office of the High Commissioner for Human Rights (OHCHR), tasked with advising technology SDOs on human rights issues and alerting the international human rights community to standardization developments that require attention. The OHCHR and standards bodies based in Geneva, such as the ITU, should take advantage of their proximity to share knowledge and participate in one another’s meetings.
- Human rights capacity and roles should be enhanced within the Secretariats and working groups of the SDOs. Existing groups, such as the IETF’s Human Rights Protocol Considerations Research Group, should be empowered to offer thorough scrutiny and advice on controversial technologies. Human rights analysis should be more thoroughly integrated into the workstream of technical working groups developing specifications and guidelines.
- Capacity-building should be enhanced to bridge the gap between technical and human rights communities. Technical experts participating in SDOs should develop greater understanding of existing human rights standards and latest human rights guidance on surveillance technologies. Likewise, human rights and diplomatic communities should strengthen their awareness of technology development, internet infrastructure, and how SDOs operate. Events organized by SDOs could offer opportunities for both communities to interact through a combination of training sessions, workshops, and panels.
- The UN Human Rights Council should commission a clear articulation of human rights standards regarding collation of data and surveillance, derived from Article 17 ICCPR and other relevant norms, and building on OHCHR’s existing work on privacy in the digital age. This should aim to delineate more clearly the distinction between technology that is and is not compatible with international human rights law.
- Consideration could be given to an international statement of commitment to human rights from standards development organizations, such that no standard is to be read as legitimating practices contrary to the human rights obligations of any state. Similarly, consideration could be given to revising the WTO rules so that their advantages do not apply to technology whose use would entail mass violation of human rights.
- Coordination efforts at the national level (e.g., through standards hubs) offer accessible entry points for human rights groups to participate in standardization debates. When national standards hubs coordinate positions for standardization discussions, they should encourage diverse participation, particularly in debates about technologies that have wide societal impact. Standards hubs should then feed those inputs into international standards development. Similarly, to encourage diverse participation, government delegates responsible for monitoring technology standards should act as an early warning system to alert civil society organizations when standards that affect human rights are first proposed.
Notes
1. Cabinet Office, “Carbis Bay G7 Summit Communiqué,” 2021, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1001128/Carbis_Bay_G7_Summit_Communique__PDF__430KB__25_pages_.pdf.
2. G7 Information Center, “G7 Digital and Technology—1,” 2021, www.g8.utoronto.ca/ict/2021-annex_1-framework-standards.html.
3. U.K. Government, “Global Britain in a Competitive Age: The Integrated Review of Security, Defence, Development and Foreign Policy,” July 2, 2021, www.gov.uk/government/publications/global-britain-in-a-competitive-age-the-integrated-review-of-security-defence-development-and-foreign-policy/global-britain-in-a-competitive-age-the-integrated-review-of-security-defence-development-and-foreign-policy.
4. Sheng Jiang, “New IP Networking for Network 2030,” Fifth ITU Workshop on Network 2030, International Telecommunication Union, October 15, 2019, www.itu.int/en/ITU-T/Workshops-and-Seminars/2019101416/Documents/Sheng_Jiang_Presentation.pdf.
5. China Electronics Standardization Institute, “Original CSET Translation of ‘Artificial Intelligence Standardization White Paper,’ ” Center for Security and Emerging Technology, Georgetown University, May 12, 2020, https://cset.georgetown.edu/research/artificial-intelligence-standardization-white-paper/.
6. Stacie Hoffmann, Samantha Bradshaw, and Emily Taylor, “Networks and Geopolitics: How Great Power Rivalries Infected 5G,” Oxford Information Labs, 2019, https://oxil.uk/publications/geopolitics-of-5g/Geopolitics_5G_Final.pdf.
7. Initially referred to as “Decentralized Internet Infrastructure.” See “Decentralized Internet Infrastructure (DII),” Light Reading (video), November 20, 2018, www.lightreading.com/blockchain/decentralized-Internet-infrastructure-(dii)/v/d-id/747708. The technology was introduced as “New IP” at the ITU-T Telecommunication Standardization Advisory Group (TSAG) in 2019. See Huawei, “New IP: Shaping the Future Network,” presented at the ITU-T TSAG, Geneva, September 2019, www.ietf.org/lib/dt/documents/LIAISON/liaison-2019-09-30-itu- t-tsag-ietf-iab-ls-on-new-ip-shaping-future-network-attachment-3.pptx.
8. Ying Miao, “Managing Digital Contention in China,” Journal of Cyber Policy 5, 2 (April 7, 2020), pp. 218–38.
9. Nick Merrill and Konstantinos Komaitis, “The Consequences of a Fragmenting, Less Global Internet,” Brookings, December 17, 2020, www.brookings.edu/techstream/the-consequences-of-a-fragmenting-less-global-Internet/.
10. Konstantinos Karachalios and Karen McCabe, “Standards, Innovation, and Their Role in the Context of the World Trade Organization,” International Centre for Trade and Sustainable Development (ICTSD) and World Economic Forum, December 2013, https://e15initiative.org/wp-content/uploads/2015/09/E15-Innovation-KarachaliosMcCabe-FINAL.pdf.
11. Other relevant entities include ICANN, the regional internet registries,W3C and IEEE, which lead the development of policies for name and numbering resources, web standards, and physical and data link layers standards, respectively. Internet standards are also shaped by mobile industry associations, such as 3GPP and GSMA, and by regional bodies such as ETSI.
12. Stacie Hoffmann, Dominique Lazanski, and Emily Taylor, “Standardising the Splinternet: How China’s Technical Standards Could Fragment the Internet,” Journal of Cyber Policy 5, 2 (August 2020), pp. 239–64.
13. International Telecommunications Union, “Terms and Conditions,” 2021, www.itu.int/en/myitu/Membership/Become-a-Member/Terms-and-Conditions.
14. Hoffmann et al., “Standardising the Splinternet,” p. 246.
15. Anna Gross, Madhumita Murgia, and Yuan Yang, “Chinese Tech Groups Shaping UN Facial Recognition Standards,” Financial Times, December 1, 2019, www.ft.com/content/c3555a3c-0d3e-11ea-b2d6-9bf4d1957a67.
16. According to the WTO, “Technical regulations in accordance with relevant international standards are rebuttably presumed ‘not to create an unnecessary obstacle to international trade.’ ” See World Trade Organization, “Technical Information on Technical Barriers to Trade,” n.d., www.wto.org/english/tratop_e/tbt_e/tbt_info_e.htm.
17. Ibid., Article 2.4. The TBT considers as “international standards” those standards developed by organizations such as the ITU, International Standardization Organization (ISO), the International Electrotechnical Commission (IEC). See Karachalios and McCabe, “Standards, Innovation, and Their Role in the Context of the World Trade Organization.”
18. See World Trade Organization, “Technical Information on Technical Barriers to Trade,” TBT Agreement, Article 5.4.
19. Hoffmann et al., “Standardising the Splinternet,” p. 246.
20. To date, New IP-related work at the ITU has been raised in multiple Study Groups including those dealing with protocols and test specifications (SG11), future networks and cloud (SG13), multimedia (SG16), security (SG17), and IoT and smart cities (SG20); see Hoffmann et al., “Standardising the Splinternet,” p. 264.
21. Max J. Zenglein and Anna Holzmann, “Evolving Made in China 2025: China’s Industrial Policy in the Quest for Global Tech Leadership,” Mercator Institute for China Studies (MERICS), July 2, 2019, https://merics.org/en/report/evolving-made-china-2025.
22. “The Digital Side of the Belt and Road Initiative Is Growing,” The Economist, February 6, 2020, www.economist.com/special-report/2020/02/06/the-digital-side-of-the-belt-and-road-initiative-is-growing.
23. Hoffmann et al., “Standardising the Splinternet,” p. 254.
24. Stuart Lau and Reuters, “EU Seeks to Curb Investment by State-Backed Buyers from China and Other Countries,” South China Morning Post, June 17, 2020, www.scmp.com/news/world/europe/article/3089474/eu-wants-curb-company-takeovers-state-backed-buyers-china-other; and Lindsay Maizland and Andrew Chatzky, “Huawei: China’s Controversial Tech Giant,” Council on Foreign Relations, August 6, 2020, www.cfr.org/backgrounder/huawei-chinas-controversial-tech-giant.
25. Maizland and Chatzky, “Huawei: China’s Controversial Tech Giant.”
26. Internet World Stats, www.Internetworldstats.com/stats.htm.
27. The Economist, “The Digital Side of the Belt and Road Initiative.”
28. “ ‘New IP’ and Global Internet Governance,” Georgia Institute of Technology, Internet Governance Project and Internet Society (video), September 23, 2020, www.Internetsociety.org/events/new-ip-and-global-Internet-governance/.
29. Ibid.
30. ITU-T, “Technical Report: Network 2030—Description of Demonstrations for Network 2030 on Sixth ITU Workshop on Network 2030 and Demo Day, 13 January 2020,” June 2020, www.itu.int/en/ITU-T/focusgroups/net2030/Documents/Description_of_Demonstrations.pdf?csf=1&e=D7M69p.
31. Alexander Chipman Koty, “What Is the China Standards 2035 Plan and How Will It Impact Emerging Industries?,” China Briefing, July 2, 2020, www.china-briefing.com/news/what-is-china-standards-2035-plan-how-will-it-impact-emerging-technologies-what-is-link-made-in-china-2025-goals/; “Original CSET Translation of ‘Outline of the People’s Republic of China 14th Five-Year Plan for National Economic and Social Development and Long-Range Objectives for 2035,’ ” Center for Security and Emerging Technology, Georgetown University, May 13, 2020, https://cset.georgetown.edu/publication/china-14th-five-year-plan/.
32. Stephen Chen, “China Starts Large-Scale Testing of its Internet of the Future,” South China Morning Post, April 20, 2021, www.scmp.com/news/china/science/article/3130338/china-starts-large-scale-testing-its-Internet-future.
33. See TSAG Contribution 135 entitled “Response to “New IP, Shaping Future Network” Proposal” (RIPE NCC, January 28, 2020); TSAG Contribution 139 entitled “New IP” (Austria and others, September 7, 2020); TSAG Contribution 156 (IEEE, September 8, 2020); and ITU-T TSAG Liaison Statement entitled “LS on New IP, Shaping Future Network” (IETF, March 20, 2020).
34. These include the European Telecommunications Network Operators’ Association (ETNO) and the Global System for Mobile Communications Association (GSMA). See ETNO, “ETNO Position Paper on the New IP Proposal,” November 5, 2020, https://www.etno.eu/library/positionpapers/417-new-ip.html, and ITU-T SG13 Contribution 1069 entitled “New IP, Future Vertical Communication Networks or Similar Proposals” (Austria and others, November 18, 2020).
35. See, for example: recommendation entitled “Scenarios and Requirements of Network Resource Sharing Based on Distributed Ledger Technology,” presented by China Telecom, China Unicom, ZTE, Huawei scheduled for Q4 2022; recommendation entitled “Scenarios and Requirements of Intent-Based Network for Network Evolution,” presented by China Telecom and the Ministry of Industry and Information Technology of China scheduled for Q4 2022; and IETF submission entitled “Gap Analysis in Internet Addressing,” July 12, 2021. All at www.itu.int/ITU-T/workprog/wp_item.aspx?isn=17181.
36. Andrew Allemann, “China Wants to Patent a Decentralized Blockchain DNS,” Domain Name Wire, May 10, 2021, https://domainnamewire.com/2021/05/10/china-wants-to-patent-a-decentralized-blockchain-dns/.
37. Xinhua News Agency, “Original CSET Translation of ‘Outline of the People’s Republic of China 14th Five-Year Plan for National Economic and Social Development and Long-Range Objectives for 2035,’ ” Center for Security and Emerging Technology, Georgetown University, May 13, 2020, https://cset.georgetown.edu/publication/china-14th-five-year-plan/.
38. David Ignatius, “Russia Is Trying to Set the Rules for the Internet. The U.N. Saw through the Ruse,” Washington Post, February 1, 2021, www.washingtonpost.com/opinions/2021/02/01/russia-Internet-rules-united-nations/.
39. For discussion on Chinese narratives on decentralization and “decentralized trust,” see Hoffmann et al., “Standardising the Splinternet,” pp. 249–50.
40. Georgia Institute of Technology, “ ‘New IP’ and Global Internet Governance.”
41. See, for example, IETF RFC 1958 entitled “ Architectural Principles of the Internet” (June 1996), https://datatracker.ietf.org/doc/html/rfc1958.
42. Anna Gross and Madhumita Murgia, “China and Huawei Propose Reinvention of the Internet,” Financial Times, March 27, 2020, www.ft.com/content/c78be2cf-a1a1-40b1-8ab7-904d7095e0f2; Jon Fingas, “China, Huawei Propose Internet Protocol with a Built-In Killswitch,” Engadget, March 30, 2020, www.engadget.com/2020-03-30-china-huawei-new-ip-proposal.html.
43. Marco Hogewoning, “Do We Need a New IP?,” RIPE NCC, April 22, 2020, https://labs.ripe.net/author/marco_hogewoning/do-we-need-a-new-ip/.
44. Just as intelligence from the application layer is integrated into the networking layer, the network may signal information back to the application layer.
45. There are other areas where standards are raising human rights concerns. DNS over HTTPS (DoH) and Transport Layer Security (TLS) 1.3 are two such examples. These standards seek to protect privacy and surveillance threats but can potentially generate unintended effects that weaken the stability and security of the internet.
46. Hoffmann et al., “Standardising the Splinternet,” p. 245.
47. Unique identifiers include domain names, internet protocol addresses, Autonomous Systems Numbers, and Port Numbers; these identifiers are central for current internet protocols to function. See the Internet Corporation for Assigned Names and Numbers, “ICANN Acronyms and Terms,” n.d., www.icann.org/en/icann-acronyms-and-terms/unique-identifier-en.
48. Huawei, “New IP: Shaping the Future Network.”
49. Chinese delegations are already working through the ITU to standardize the use of DLT in Internet architecture. Chinese companies first submitted Contribution 693 at SG13 in 2019 to discuss the creation of a decentralized DNS root based on blockchain. According to SG13’s work program, conversations on DLTs are set to continue during 2022. See, for example, recommendation entitled “Framework and Requirements of Decentralized Trustworthy Network Infrastructure,” scheduled for Q3 2021.
50. Light Reading, “Decentralized Internet Infrastructure (DII).”
51. One main feature of DLTs is that transactions are immutable. From a security perspective, replacing the DNS with blockchain means that threats such as fraud become almost permanent as they are hard, if not impossible, to undo.
52. Hoffmann et al., “Standardising the Splinternet,” p. 250.
53. Ibid., p. 244.
54. The Universal Declaration of Human Rights (UDHR); International Covenant on Economic, Social and Cultural Rights (ICESCR); and International Covenant on Civil and Political Rights (ICCPR). China is not a party to the ICCPR, but arguably many of its obligations reflect customary international law. It is a party to the ICESCR. According to ICCPR Article 2 (1), states are required to respect and ensure the rights recognized in the Covenant, including the right to privacy.
55. For instance, there are few Chinese ISPs and they are all state-owned: China Unicom, China Telecom, and China Mobile.
56. Upcoming updates to cybersecurity regulations, namely the Multi-Level Protection Scheme 2.0 and the Cryptography Law, are expected to require companies that hold sensitive data to undergo “cybersecurity monitoring” connected to the public security agency and to adopt Chinese algorithms for encryption. See Samm Sacks, “Data Security and U.S.-China Tech Entanglement,” Lawfare, April 2, 2020, www.lawfareblog.com/data-security-and-us-china-tech-entanglement.
57. United Nations Human Rights Council, “The Right to Privacy in the Digital Age. Report of the United Nations High Commissioner for Human Rights,” UN doc A/HRC/39/29, August 3, 2018.
58. United Nations Human Rights Council, “Surveillance and Human Rights. Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression,” UN doc A/HRC/41/35, May 28, 2019.
59. UNHRC, “The Right to Privacy in the Digital Age,” para. 29.
60. Ibid.
61. Ibid.; United Nations Human Rights Council, “The Right to Privacy in the Digital Age: Report of the Office of the United Nations High Commissioner for Human Rights,” UN doc A/HRC/27/37, June 30, 2014.
62. The ECtHR ruled that the U.K. government’s bulk data collection practices revealed by Edward Snowden in 2013 breached citizens’ right to privacy. See Big Brother Watch Team, “UK Mass Surveillance Found Unlawful by Europe’s Highest Human Rights Court,” Big Brother Watch, May 25, 2021, https://bigbrotherwatch.org.uk/2021/05/uk-mass-surveillance-found-unlawful-by-europes-highest-human-rights-court/.
63. United Nations Human Rights Council, Resolution 42/15, UN doc A/HRC/RES/42/15, September 26, 2019.
64. UNHRC, “The Right to Privacy in the Digital Age” (2018?).
65. UNHRC, Resolution 42/15.
66. United Nations Human Rights Council, “New and Emerging Digital Technologies and Human Rights,” UN doc A/HRC/47/L.12/Rev.1, July 13, 2021.
67. Katja Drinhausen and Vincent Brussee, “China’s Social Credit System in 2021,” Mercator Institute for China Studies (MERICS), March 2021, p. 19, https://merics.org/en/report/chinas-social-credit-system-2021-fragmentation-towards-integration.
68. “Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression,” David Kaye, May 22, 2015 (A/HRC/29/32). See para. 56.
69. Hoffmann and others, “Standardising the Splinternet,” p. 250.
70. UNHRC, “The Right to Privacy in the Digital Age.” See para. 20.
71. Zheping Huang, “China Requires Blockchain-Based Information Service Providers to Register Users Using Real Names, Censor Postings and Store User Data,” South China Morning Post, October 22, 2018, www.scmp.com/tech/blockchain/article/2169613/china-requires-blockchain-based-information-service-providers; Article 19, “Blockchain: Technology Alone Cannot Protect Freedom of Expression,” July 1, 2019, www.article19.org/resources/blockchain-technology-alone-cannot-protect-freedom-of-expression/.
72. Raphael Satter, “U.S. Court: Mass Surveillance Program Exposed by Snowden Was Illegal,” Reuters, September 2, 2020, www.reuters.com/article/us-usa-nsa-spying-idUSKBN25T3CK.
73. Bennett Cyphers and Cory Doctorow, “Privacy without Monopoly: Data Protection and Interoperability,” Electronic Frontier Foundation, February 12, 2021, www.eff.org/wp/interoperability-and-privacy.
74. UNHRC, “Surveillance and Human Rights.”
75. Paul Bernal, “Data Gathering, Surveillance and Human Rights: Recasting the Debate,” Journal of Cyber Policy 1, 2 (September 16, 2016), pp. 243–64.
76. UNHRC, “Surveillance and Human Rights.”
77. Harriet Moynihan and Champa Patel, “Restrictions on Online Freedom of Expression in China,” Chatham House, March 2021, https://www.chathamhouse.org/2021/03/restrictions-online-freedom-expression-china/chinas-domestic-restrictions-online-freedom.
78. Leo Kelion, “Huawei Patent Mentions Use of Uighur-Spotting Tech,” BBC News, January 13, 2021, www.bbc.co.uk/news/technology-55634388; and Anna Gross and others, “Chinese Tech Groups Shaping UN Facial Recognition Standard,” Financial Times, December 1, 2019, www.ft.com/content/c3555a3c-0d3e-11ea-b2d6-9bf4d1957a67.
79. Fan Liang and others, “Constructing a Data-Driven Society: China’s Social Credit System as a State Surveillance Infrastructure,” Policy & Internet 10, 4, (2018), pp. 415–53; Democratic Staff Report, “The Big Brother: China’s Digital Authoritarianism,” Committee on Foreign Relations, United States Senate, July 21, 2020, www.foreign.senate.gov/download/2020-sfrc-minority-report_-the-new-big-brother—-china-and-digital-authoritarianism.
80. Drinhausen and Brussee, “China’s Social Credit System in 2021.”
81. He Huifeng, “China’s Social Credit System Shows Its Teeth, Banning Millions from Taking Flights, Trains,” South China Morning Post, February 18, 2019, www.scmp.com/economy/china-economy/article/2186606/chinas-social-credit-system-shows-its-teeth-banning-millions.
82. Liu, Chuncheng, “Multiple Social Credit Systems in China,” Economic Sociology: The European Electronic Newsletter 21, 1 (2019), pp. 22–32, Max Planck Institute for the Study of Societies, http://hdl.handle.net/10419/223109.
83. Ibid.; see also Drinhausen and Brussee, “China’s Social Credit System in 2021,” p. 13.
84. Drinhausen and Brussee, “China’s Social Credit System in 2021,” p. 12.
85. Hoffmann et al., “Standardising the Splinternet,” p. 250.
86. Drinhausen and Brussee, “China’s Social Credit System in 2021,” p. 12.
87. See UN Charter, Art 55(c), UDHR Art 2, ICESCR Art 2, and ICCPR Art 2.
88. See Committee on Economic, Social and Cultural Rights (CESCR), General Comment 19 (2008), para. 9.
89. Of course, a country’s implementation of a standard could be challenged through conventional domestic or international systems of human rights accountability such as litigation and treaty body review.
90. Corinne Cath, “The Technology We Choose to Create: Human Rights Advocacy in the Internet Engineering Task Force,” Telecommunications Policy 45, 6 (2021), www.sciencedirect.com/science/article/pii/S0308596121000483.
91. To date, only one protocol has been subject to a human rights review, and solely for informational purposes. See IETF Memo entitled: “QUIC Human Rights Review,” October 22, 2018. Beyond the cited guidelines, human rights considerations at IETF are mostly raised by individual participants through mailing lists and meetings.
92. As reported by an anonymous source familiar with the ITU standardization environment.