[bestbits] contribution to the IGF's high level meeting

[Jeanette Hofmann]

Hi all, since several people asked, please find below the text I read 
yesterday at the high level leaders meeting:


Mr Chair, Excellencies, colleagues, ladies and gentlemen,

I feel honored for being given the opportunity to offer my thoughts to 
this high level meeting!

A crucial issue for “the future of Internet governance beyond the year 
2015” concerns the interpretation, the evolution, and application of the 
Right to Privacy, and of Data Protection law.

The Internet has challenged the foundation of the Human Right to Privacy 
in two important ways:

The first concerns extraterritoriality. While international law is very 
clear about the obligation of states to protect the right to privacy 
within their jurisdictions, there is fundamental disagreement and 
uncertainty as to whether this obligation also applies outside of 
national jurisdictions.

The second aspect concerns the role of private entities in the context 
of data protection. In the digital environment, a large share of data 
processing is carried out by the private sector, not by states. However, 
international human rights law is state-centric by nature and imposes 
obligations on states, not on private entities.

As a result, the application of rights to privacy and data protection 
law in cross-border communication is more or less left in limbo and we 
lack effective means to enforce it.

Data protection experts now call for globally applicable and enforceable 
data protection standards that
•	would give citizens control over their data and
•	be mandatory for both, governments And companies.

Likewise, the new UN special rapporteur on the right to privacy, Joseph 
Cannataci, has expressed the need for a universal law that would address 
state surveillance AND the business models of Internet companies.

If we assess these proposals against the multi-stakeholder philosophy 
that has characterized Internet governance since the end of WSIS, these 
proposals touch on two taboos:

1. The first taboo concerns the integration of national cyber security 
competences into a human rights based policy framework for the Internet 
that would be anchored in a multi stakeholder regime
2. The second taboo concerns establishing binding rules for the global 
business of mining personal data

It is my belief that by breaking these taboos we increase the range of 
policy options we have for collectively determining the future of 
Internet governance.

I'd like to end my intervention with an allegory:

We owe to the French revolution the insight that revolutions can turn 
into monster, which devour their own young.

We owe to whistle blowers such as Edward Snowden the empirical evidence 
that the digital revolution has the potential to not only destroy itself 
but also to undermine basic democratic principles.

In this room there are many people who can play a crucial role in 
preventing the digital revolution from going down this path.

jeanette