How quickly the Internet communities have gone from rallying behind the banner of Internet freedom last year, fresh from our victory in the defeat of SOPA and ACTA, to the position where now Byron Holland, the CEO of CIRA, the Canadian Internet Registration Authority, can proclaim "the Internet as we know it is dead".
How did this happen? The obvious answer is that this was a result of the PRISM revelations, but I think behind this lies a new awareness of how overconfident many of us were in the ability of the existing Internet governance regime, at national or global levels, to channel public interest concerns expressed by Internet user communities into policy processes. Especially in the very typical case where there is no democratic process to represent the interests of those whom those policy processes affect.
Other examples are not difficult to find - some of them in countries that are not regarded as free, such as Vietnam's clampdown on the online publication of reports of current events, but others, such as extra-judicial domain name seizures, in countries that had been the champions of so-called Internet freedom.
Human rights infringements of users who are not democratically represented are not limited to governments, but extend to transnational corporations also. Think of Microsoft, promising that its users' privacy was its top priority whilst at the same time knowingly putting in surveillance backdoors for the NSA. Think of Google's recent admission that Gmail users have no legitimate expectation that their emails will be kept private.
And who regulates the global activities of these companies? Again, national governments; thus the only protection that Internet users worldwide have that their rights will be respected is the extent to which national governments recognise and enforce them. Thus Facebook's latest terms of service revision, making it clear that users should expect to have their names and photos shown in association with third party companies without their consent, was only prompted because US authorities demanded it.
Since Facebook operates globally, why is it the US government alone that gets to say what its privacy policies should be? Or do we feel any better if 190 other countries should also be able to ask for changes to Facebook's privacy policies, so long as Facebook it has a presence in their jurisdictions?
It should, of course, not just be nation states or corporations, but the people - including non-state transnational networks of people - who have a say in the policies that apply to them. Although they may not be citizens of the countries or customers of the corporations who apply those policies, they nevertheless have human rights that those countries and corporations are obliged to respect.
Unfortunately the international human rights framework does not have the machinery to prevent the infringement of rights ex ante. The only way to do that is to have civil society human rights defenders participating in the development of policies that will affect Internet users worldwide. This can mean giving them a seat in all of those policy development processes, which does happen in some places, like the Brazilian Internet Steering Committee (CGI.br) and the OECD's Committee for Information, Computer and Communications Policy (ICCP).
But that doesn't scale. There are just too many possible venues and civil society's capacity is too limited. So rather than giving users a seat at every single level of every single government and company, an alternative is empower users to participate in the establishment of globally-applicable public policy principles, in collaboration with other actors in the Internet governance ecosystem including governments, corporations and technical community bodies, which those actors can draw upon in setting their own policies, and to establish a yardstick against which those actors can be held to account.
This is what many of us thought we would be getting eight years ago at WSIS: a multi-stakeholder forum, the IGF, that could develop policy recommendations in order to help institutions and actors to act in a coordinated and human rights-compliant way, along with a more formal mechanism of enhanced cooperation for governments, and perhaps others, to incorporate those recommendations into their policy processes.
But fast forward to 2013 and what do we have? Well the IGF has become of such central importance as a global governance institution that it was almost cancelled this year, because nobody was serious about funding it; the ITU has shut civil society out from its Council Working Group on international Internet-related public policy issues; the US government's position on Internet freedom at WCIT last year has now been revealed as hypocritical at best; and we are still arguing about what (if anything) enhanced cooperation even means, rather than making the changes needed to actually implement it.
So it's crunch time. As Byron Holland points out, the Internet as we know it is dead. The status quo is badly broken. We need to create a more globally democratic way of dealing with border-crossing Internet-related policy issues.
And thankfully this year we have the chance to do that, through the CSTD Working Group on Enhanced Cooperation. A joint civil society submission on this topic was sent to the CSTD last week, and I'm going to invite you all to endorse it, if you haven't already. You can read the text online, but here are some of the main points of the statement in brief (with apologies for any inaccuracies in my summation):
These ideas will be discussed further at the second two-day Best Bits meeting ahead of the global IGF in Bali this year, and again at the workshop Who governs the internet – how people can have a voice at the global IGF. This workshop at the Asia-Pacific Regional IGF is an important feeder into that global meeting and workshop. So I hope that we will have a rich discussion both within the panel and with the audience.
(The above is my presentation on Internet governance for human rights and democracy at the 2013 APrIGF.)