Up to whose standards?

| Niels Ten Oever

The society of the future will be built on the standards and technologies of today and tomorrow. This means that design choices of today can have serious ethical impacts in the future. This article examines approaches of integration human rights considerations in technical standards.

Atom Bomb There is a long history of scientists and engineers foregrounding the ethical aspects of their work, ranging from Einstein’s precautions about the atomic bomb to current day discussions about the lack of public availability of academic publications. But even where the impact of a new technology, such as a bomb, seems obvious – especially with hindsight – it hasn’t always been perceptible while the technology is still under development. In fact, only when the atomic bombs’ destructive power was unleashed on the world did physicists develop a culture of ethical responsibility towards research.

It’s been argued by cryptographer Phillip Rogaway that computer scientists and cryptographers are still only beginning to go down the path already travelled by physicists. To realize their impact on society, and to maintain, in light of this impact, a structured approach to assessing (in the best case even mitigating) effects of their research actions.

Somebody else’s problem? At this point some engineers might think: ‘but technology is neutral,’ or ‘is this really my job, can I not leave this to the lawyers?’

20th century historian of technology, Melvin Kranzberg, argued against such excuses. ‘Technology is neither good nor bad; nor is it neutral,’ is the first of Kranzberg’s laws of technology. It elegantly illustrates how technology in and of itself has no agency, but that it provides another ordering to reality, which in turn has a direct impact on people’s lives.

Lawyers can perhaps assess the legality of certain technologies, or the contracts governing their sale or use, but similarly to security considerations, ethical or human rights implications cannot be left to lawyers alone. Modern communications technologies are often layered and part of an otherwise complex system. We need enlightened engineers, so let’s delve into the starting points of enlightenment.

Ethics? Rights? Impacts?

Human rights have a long history which culminated in 1947 in the Universal Declaration of Human Rights. The declaration in turn is codified in international human rights treatieswhere treaties focus on obligations for states.here were also a set of instruments developed in the 1970s to analyze the applicability of human rights to the private sector.

By the year 2000, the United Nations (UN) Global Compact and Corporate Social Responsibility emerged as guiding principles for human rights. In 2001,further iterations led to the adoption of UN Guiding Principles for Business and Human Rights. Today, these principles are a de facto authoritative global standard for holding the private sector accountable for their impacts on human rights.

Choosing human rights as the moral framework is aligned with international developments and adopts a language for morality and ethics which is immediately recognizable to consumers and private persons. It is the most straight-forward, tried and tested and recognized framework to use for assessment.

The question still remains: How this could be done in practice? Luckily, there are examples.

Routing it right

The Internet Engineering Task Force (IETF) makes standards for networking protocols, ensuring that our data packets can be efficiently passed from one device to the other. In its sister organization the Internet Research Task Force (IRTF) there has been ample discussion on the impacts of networking protocols on human rights.

The Human Rights Protocol Considerations Research Group (HRPC) as well as plenary discussions have given rise to concrete a framework for human rights assessments. The document called RFC8280 outlines the relationship between Internet protocols and human rights, provides an overview of literature on the topic and illustrates the relation between specific rights, such as ‘freedom of expression’ or ‘privacy,’ and specific technological features, such as ‘internationalization’ (making a standard usable for individuals of many different linguistic backgrounds, including those that do not use latin alphabets).

RFC8280 illustrates the relationships between particular protocols and human rights, presenting specific assessments of IPv4, HTTP, XMPP, DNS, VPNs and ends with concrete Guidelines for Human Rights Considerations, a questionnaire with explanations and examples that allow standard developers to interrogate their technologies and their potential impacts.

The Guidelines for Human Rights Considerations aim to be general, but not too general, and specific, but not too specific. They build upon an already existing corpus of knowledge inside the IETF with respect to values enshrined in IETF technologies (see e.g. RFC3935), and previous, impactful documents with a narrower focus on ‘privacy’ (e.g. RFC6973).

To know and to show

Engineers often need to balance between different outcomes while they are optimizing their solutions. To get the right optimization it is important that all indicator values are known, or the experiments will lead to sub-optimization or simply no optimization at all. The work at the IETF stresses the importance of using human rights considerations as part of those indicators–mapping potential negative or positive impacts and documenting the design choices can significantly help address impacts that might arise.

Such mappings are also a selling point: as value chains become increasingly complex, consumer information is all the more important. Recognising your technical design choices for what they are, a way of influencing individuals and communities, makes the future safer and more relatable.

If we look at networking protocols again, a group of engineers is now structurally analyzing technical documents for their human rights impact and seeking to understand how negative impacts can be mitigated and positive impacts can be strengthened, using HRPC as their platform. This brings the end-user perspective closer to the development of technologies on lower layers in complex technologies.

The ability of scientists and engineers to analyze today’s technologies on their human rights impact will inevitably lead to a future in which rights and freedoms are more respected.


OHCHR, HR/PUB/11/04, Guiding Principles on Business and Human Rights.

Phillip Rogaway, The Moral Character of Cryptographic Work, Essay written to accompany an invited talk (the 2015 IACR Distinguished Lecture) given at Asiacrypt 2015 on December 2, 2015, in Auckland, New Zealand.

RFC8280, Research into Human Rights Protocol Considerations, https://tools.ietf.org/html/rfc8280

RFC6973, Privacy Considerations for Internet Protocols. https://tools.ietf.org/html/rfc6973

RFC3935, A Mission Statement for the IETF, https://tools.ietf.org/html/rfc3935

Niels ten Oever is a PhD candidate in the Datactive Research Group at the Media Studies department at the University of Amsterdam. His research focuses on the evolution of the notion of public interest in the Internet architecture.

His other research interest include global governance innovation and how invisible infrastructures provide a socio-technical and socio-technical ordering of our societies and how that might influence the distribution of wealth, power and possibilities.

Previously Niels has been Head of Digital for ARTICLE19 where he designed, fundraised, and set up the digital programme which covered the IETF, ICANN, IEEE and ITU. Before that Niels designed and implemented freedom of expression projects with Free Press Unlimited. He has a cum laude MA in Philosophy from the University of Amsterdam.