NETMundial: a long way to go to combat mass surveillance

NETMundial: a long way to go to combat mass surveillance

NETMundial – a global conference initiated by the Brazilian government – has produced ‘The Multi-stakeholder Statement of São Paulo’, a Roadmap and Principles on internet governance that could herald new respect for the right to privacy online. However, the outcome document fails to adequately recognise the relationship between internet governance and mass surveillance, reflecting a larger problem that was present throughout the two-day meeting.

By the end of the conference, both the Principles and the Roadmap had been watered down from previous versions, after governments pushed to soften language pertaining to mass surveillance. This of course is an ironic outcome, given that the conference was called in response to the Snowden leaks detailing the global surveillance infrastructure operated by the Five Eyes.

Despite NETMundial being presented as having a “multi-stakeholder” approach, this was far from the truth, with participation entailing a replication of the backroom diplomatic shenanigans that occur at so many international conferences. The disregard for true civil society input can be seen in the weak language in the outcome documents on mass surveillance. However, the Statement still provides a useful tool to helping shape future debates around surveillance online.

Still, it is difficult not to feel disappointed that a meeting which held so much promise resulted in outcome documents with timid protections for the right to privacy around the world.

Internet Governance Principles and Roadmap

More than 800 people, representing an array of actors from civil society, academia, the technical community, the private sector and government, met in São Paulo last week to discuss internet governance, against the backdrop of the Snowden revelations and the spectre of mass surveillance. In opening the conference, Brazilian President, Dilma Roussef, set the scene, describing mass surveillance and the monitoring of world leaders as “an affront against the very nature of the Internet as a democratic, free, and pluralistic platform.”

Roussef characterised NETMundial as responding to a “yearning” to ensure human rights apply online as well as offline, sentiments that were echoed by a number of state, inter-governmental and civil society representatives. She observed:

“The Internet we want is only possible in a scenario where human rights are respected, particularly the right to privacy and to one's freedom of expression.”

Building off Rouseff’s statement, the Internet Governance Principles strongly affirm the importance of the right to privacy, stating:

“Privacy: The right to privacy must be protected. This includes not being subject to arbitrary or unlawful surveillance, collection, treatment and use of personal data. The right to the protection of the law against such interference should be ensured.”

Yet in a last-minute sop to US diplomatic pressure, the final text of the Principles was weakened to soften the language on mass surveillance: rather than condemn mass surveillance outright, the Principles instead call for a review of “[p]rocedures, practices and legislation regarding the surveillance of communications, their interception and collection of personal data, including mass surveillance, interception and collection”.

Similarly, whereas the draft Roadmap text contained strong language (“[m]ass and arbitrary surveillance undermines trust in the Internet and trust in the Internet governance ecosystem”) the final text omits any reference to mass surveillance. This disappointing outcome reflects the conservative approach preferred by states such as Sweden, which prevailed despite heavy lobbying by Brazil and Germany to focus discussion on mass surveillance and its connection to internet governance.

A civil society push to include reference to the International Principles on the Application of Human Rights to Communications Surveillance was also unsuccessful, despite their inclusion in the draft document.

Multi-stakeholderism – a failed experiment?

The idea of multi-stakeholderism, a bedrock principle in the determination of all internet governance issues, was highly touted but mostly ignored.

Initially, four coordination committees were established, representing civil society, academia/the technical community, the private sector and government respectively. Drafting committees then began work on the Principles and Roadmap respectively. In these committees the game of sly diplomacy began.

Despite officially being observers, lobbyists rapidly took over the discussions. The extensive experience of the private sector and government representatives in this arena came into play and civil society representatives found themselves locked out of key discussions and struggling to make an impact.

While the US, France and Brazil hailed the NETMundial multi-stakeholder process as a success, many civil society representatives have been left feeling sceptical and wanting further input into the rules of the multi-stakeholder game. The precedent of NETMundial means the multi-stakeholder approach to internet governance is here to stay; building more meaningful civil society participation is an important challenge to be taken up in this area.

The next steps

Where the Multi-stakeholder Statement of São Paulo will go is as yet unclear. Not all states were represented at NETMundial and crucial private sector organisations, such as Google and Facebook, maintained a low profile there. The Statement’s effect will largely depend on whether stakeholders take ownership of it and promote it in other fora, particularly in UN bodies.

NETMundial has left us with more questions than answers, but the Statement, in spite of its shortcomings, still provides us with another tool to fight for the protection of the right to privacy and against mass surveillance.