SOP Workshop 438: The Business of Human Rights: Corporate Responsibility and ICTs

Sixth Annual Meeting of the Internet Governance Forum

27 -30 September 2011

United Nations Office in Naiorbi, Nairobi, Kenya

September 28, 2011 - 14:30PM 

***

The following is the output of the real-time captioning taken during the Sixth Meeting of the IGF, in Nairobi, Kenya. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

***

 

>> DELE OLOJEDE: Good afternoon, everyone.  We'll get started in a few minutes, waiting for the last track rushing out for coffee.  In the meantime, to make this a little cozier, would you mind just moving closer to us so we can have a proper conversation, if you don't mind, please move closer into the inner circle. 

Thank you.  Thank you all for coming.  Please settle down so we can begin.  Thank you.  Good afternoon, my name is Dele Olojede.  I'm the Chair of the Advisory Council of the Global Network Initiative, GNI, and I will be guiding our conversation today regarding the business of human rights in the context of freedom and privacy on the web and the responsibility of players in the ICT sector. 

We have assembled an A‑grade panel that would help lead our conversation before, hopefully, you all joining, and lead us to a place where we can all gain a common understanding of the challenges and the opportunities that confront us.  And we have panelists from academia, from the private sector, from Government, and from civil society.

I would ask our panelists to introduce themselves.  It's always richer that way than me making it up.  So I'll start with Eduardo on the far left.

>> EDUARDO BERTONI: I'm Eduardo Bertoni, the director of the centre for studies of freedom of expression and access to information which is a research centre based in Palermo University School of Law in Buenos Aires, Argentina.  Usually when people link my last name Bertoni with Palermo, they say this guy is from Italy, no, I am from Argentine, we're based in Argentina and we're an academic research centre in Latin America.

>> DELE OLOJEDE:  Susan.

>> SUSAN MORGAN: Hi, I'm Susan Morgan, I'm executive director of the Global Network Initiative and I'll talk more about that later in the panel.

>> PEDRO LESS ANDRADE: Hello, my name is Pedro Less Andrade, I'm director of public policy and I work for Google Latin America and I'm also the coordinator of our IGF delegation here.

>> DAN BAER: And my name is Daniel Baer, I'm a deputy assistant secretary of state in the State Department in Washington in the Bureau of Democracy, Human Rights and Labor.

>> DELE OLOJEDE: Likely to be joined electronically by a World Wide Web audience as well as a panelist who will join us, we hope, by close circuit TV.  We also have a couple of [inaudible] who will help broaden the conversation and we shall get to them but first could I call on panelists one by one just to give a little synopsis of their views of the business of human rights in the ICT sector and the Internet in general.  Dan, you want to talk about the Government?

>> DAN BAER: Sure.  Thanks very much.  It's a pleasure to be here today, and thank you all for coming back from lunch and showing up.

For us ‑‑ and we are one of several Governments who have taken a kind of strong interest in recent years in the intersection of business and human rights issues and Internet freedom issues and for us many of you may have seen or heard Secretary Clinton's two major speeches on Internet freedom, she's also communicated through the department that she takes an interest in the developing field of business and human rights and how we should be engaging diplomatically in that field.  So this is the intersection of two core interests of our Secretary of State. 

More broadly, the Internet freedom policy area for us includes public diplomacy like her speeches, like speeches and Op‑Eds by our ambassadors around the world as well as bilateral diplomacy where we raise issues of concern, with Governments who have imprisoned bloggers, et cetera or raise issues of where we can partner with Governments who share our interest in this space as well as a fairly developed now set of programmes or grants that we make to people on the ground around the world to help train people in digital safety, what I call cyber self‑defense to help people evade censors and evade security services who may be trying to catch them for their political ‑‑ peaceful political activities, to help people circumvent technical blocks on the Internet.  So we have a range of ways in which we're engaging as a Government in Internet freedom.

But the topic of this panel is really an important one because I see this as a kind of emerging frontier still of the Internet freedom policy area.  We recognize the reason we're interested in Internet freedom is that we recognize that increasingly the experience of human rights for people around the world is an experience that unfolds online and that unfolds both on hard networks, hard infrastructure that is largely owned by the private sector as well as on soft networks through private sector owned intermediaries in terms of social networking sites or search engines, et cetera.  And so this is a conversation that necessarily includes the business community.

And to give out the conversation today, and we all agreed that we'd like to move as quickly as possible to discussion with the people here, it seems to me that there are kind of a nonexhaustive list but three questions that I'm interested in hearing everybody else's views on.  One is I think that the discussion about companies and their connection to human rights and their obligations with regard to human rights, it's one that more generally has advanced this year with the adoption, the ‑‑ by consensus, of the Ruggie Framework at the Human Rights Council on June 16th.  But within the Internet freedom area, I think there's a taxonomy of issues that relate to companies that's helpful to lay out because we talk about companies and Internet freedom and it seems like it's all glommed together but there's actually issues related to privacy, issues related to censorship, issues related to access, like shutdowns, et cetera, and then kind of underlying all of this there's this ongoing question of issues related to complicity or how companies may be knowingly helping, quote, unquote, bad Governments do bad things.  And I think figuring out ‑‑ disentangling ‑‑ and that's not a full taxonomy but disentangling the different kinds of places where human rights and corporate action seem to overlap is helpful in moving the debate forward.

The second area is of particular interest to me which is how should companies and Governments talk to each other.  There seems to be both a desire for Governments to engage companies in a conversation about human rights as well as I think many of us have a natural discomfort with the idea of endorsing the idea that companies and Governments should be on a regular basis kind of working together.  We would be concerned, rightfully, if companies were controlling Governments.  We also have concerns about when Governments control companies.  And so as a general rule I think we want decisions about justice questions and decisions about economic questions or ‑‑ or profit questions to be not made by the same people in a common room.  And yet many of the emerging threats to Internet freedom are ones that are first noticed by companies, companies can help Governments that are interested in protecting people by sharing information and many of the Governments that are interested in this space have a role to play and a positive contribution to make I think by convening those who are interested including companies in a conversation, so figuring out what the right way for Governments and companies to talk to each other.

And then the third is kind of whatever the substantive questions we have about privacy, about when it's okay to block, if ever, and when it's not, about when to work with Governments, et cetera, those debates aren't going to get resolved, there's never going to be a clear answer ‑‑ we're not going to get to the clear answer that applies in every situation and so how do we move from the substantive debates, while continuing them and recognizing that they will continue, how do we move from substance to process?  What can we talk about practically in terms of what companies should be doing in order to do their due diligence, in order to implement internal processes that help them recognize tough substantive issues when they arise, help them work through them in a responsible, credible way that is defensible to reasonable people, et cetera, so moving from the substantive question to the process question, moving from thought to action, I think that's the third area that I'd welcome people's thoughts and contributions on.

And I'm grateful to the GNI for hosting this.  The GNI I think fits well into that third question category in terms of having provided a forum and a forum that can grow ever stronger for companies to work through tough issues of substance and to identify the processes that will help them do that in a responsible way.

>> DELE OLOJEDE: Thank you, Dan.  Pedro, I think you're a natural leader from the sort of issues that Dan has just raised.  What does the business of human rights mean to a business like in Google which has to operate all over the world in different jurisdictions and different regulatory environments, what's the business of human rights, do no evil?

>> PEDRO LESS ANDRADE: Do no evil, of course, but also our goal, our mission is to basically organize more information and make it accessible and useful for everybody.  So this always will be tied with the expression.  As you mentioned, it's quite a challenge to run a service, which is global, and touches different jurisdictions and also that serve uses with different moral and cultural values.  So how we can operate the service in a way that suits every user's needs and also that challenges that suite the different legal systems where we operate.

So, as I mentioned in a prior workshop, we have been facing a lot of problems in different countries in terms of expression, and free expression has been one of our top priorities in terms of public policy for working around the world.  We detect that more or less 40‑plus Governments are in some way interfering with free expression and also interfering some with the Internet through different methods.  And, you know, usually the ‑‑ the option of these interventions are completely different, sometimes it's something very ‑‑ it's something related to politics, sometimes it's related to cultural values or more values.  Sometimes it has to do with an individual interest.  We, for example, now, we have ‑‑ we ‑‑ YouTube has been blocked, for example, in 17 countries in some way or another.  A partial block, a full block.  Nowadays YouTube is fully blocked in China, Iran, North Korea.  Well, of course there is, you know, our sad experience with running our search service in China that YouTube constant, increased censorship, we have to ‑‑ on several measures, also on the Internet, we have to decide to stop providing our search service from inside China. 

But, you know, this is not only ‑‑ this ‑‑ we can see this problem also in consolidated democracies and in different fronts.  It's not just a question of certain kinds of countries, we are seeing this everywhere.  So we are facing issues in Italy, for example.  And I don't know if you're familiar with a case the [inaudible] case where executives of Google are facing criminal charges because somebody uploaded video of another person that breached their rights.  This is total disregard, for example, with very important legislative provisions in the European electronic commerce but also with Italian law but we're working on that case right now. 

We're facing issues in France, for example, with some legislative attempts like Adobe that makes more important the protection on copyright, things that the protection of copyright is so important that an infringement serves as a connection from Internet.  We see the Internet as an enabler, as an enabler of human rights.  Now, with the Internet we can not only speak freely but also learn access to knowledge, access to information, work.  So denying access to someone to the Internet is really, really an extreme mission.  Even people that are in jail have some Internet access.

So these are the kinds of examples that we are facing around the world and, you know, there is no solution that fits all the problems, it's really difficult to find out a solution that would say we will be able to address this with this technical solution.  I'll give you an example.  For example, in Thailand, we were facing issues in terms of basically the ‑‑ we have to do an IP block on videos for ‑‑ on YouTube that won't be able to ‑‑ the Thailand people won't be able to see within the country because those videos were videos that basically ‑‑ make ‑‑ can't remember exactly what ‑‑ what it was the issue.  But basically denigrate their king.  This is something that is against the law in Thailand.  So what we did was just block that content for Thai people.  But that content was available on the rest of the service of YouTube elsewhere. 

And we were ‑‑ we have to comply with local law in order to operate in different countries.  But, for example, in the case of Turkey we have to ‑‑ we have similar complaints about videos where anti‑Antiturk, the father of the nation, and the Government asked us to block those videos everywhere in the world, not only the videos that are accessible to Turkish people who are accessing the videos in Turkey.  So in that case we decided not to do it and we face a lot of blockage in Turkey. 

When we have to make our judgment in terms of how we're going [inaudible] of issues, our focus has been on the side of things, users are first and his access to information is first.  We try to maximize expression and access.  We also work on transparency, we are publishing other requests, the numbers of the requests that we're receiving from the different countries in order that has to do with certain time, certain relation with censorship that are asking to remove, block content in some way.  There's a transparency report on that.  We also provide tools for our users to be able to navigate anonymous, to have a lot of security measures in the way they use different tools like e‑mail so we can provide different levels of security that has been used greatly by different groups of activists around the world.  We try to help the different stakeholders and to be able to speak out and share their views at different levels.

At the same time, you know, we take into account when we take those decisions the cultural factor.  Because something that could be completely normal in one country would not be the same in another.  So this is something that we also take in mind and we also take in mind the political impact.  For example, we have a policy in YouTube that says that we cannot publish shocking images.  But sometimes there are [inaudible] denouncing certain illegal activities, and I can give you ‑‑ or the image is a big ‑‑ very important political situation.  Let's remember the protests in Iran and the murder of one of the activists that has been uploaded to YouTube, that was a testament to what was an illegal repression.  Of course, it was shocking and everybody suffers to see that.  But this is something we have to take in mind.  Sometimes it's very difficult also to make that call.  And I know that not always everybody is happy with that.

In terms of free flow of information we have been facing very ‑‑ very complex issues in some countries.  One of the beauties of the Internet is it's open architecture.  Doesn't matter where we are, doesn't matter where the content is, everybody can access where they are.  Some have requirements, in order to provide certain services, in order to have a Web site, in order to have a URL to have physically ‑‑ to have your service physically located in a given territory, this is put ‑‑ this is equivalent to put walls to the Internet.  And we face that not very ‑‑ not long time ago in Kazakhstan, for example.  In the end what we have been forced to do is our domain that was related to Kazakhstan we were not able to provide it because we have a request from the network situation of Kazakhstan that says you cannot have the Google.kc if you don't have servers in the country.  Fortunately, then, the Government realized that was a great loss for the citizens and they changed those rules.

So there are a lot of challenges and some of them comes in the forms of cyber security or cyber terrorism so rules in order to protect the citizens against cyber crime or against cyber terrorism.  And I will just ‑‑ it's an immersion issue that just happened a couple of days ago that is a proposal presented by the permanent representatives of China, Russia, Tajikistan and Uzbekistan to the U.N. secretary‑general in order to be at the General Assembly that's taking place from ‑‑ in these weeks.  And it's a ‑‑ basically a proposal of the code of conduct for information security and for informational security.  And they are willing to discuss this in the framework of the United Nations.  We find some wording in this proposal that we think that needs to be analyzed under freedom of expression standards.  We have seen wording like informational weakness.  So it's really interesting to understand what that means and which are the consequence so this is something very interesting to debate during the session so thank you very much.

>> DELE OLOJEDE: Thank you, Pedro.  We can begin to imagine the business of human rights is very complex business.  I wouldn't want to be in your shoes directly there.  And Eduardo, Pedro is sort of the [inaudible] every day but you have a bit more perspective as an academic.  What do you make of this?

>> EDUARDO BERTONI: Well, if ‑‑ yes, I ‑‑ of course, the kind of ‑‑ my kind of world is different but I think the goals are the same.  We are working on research that we would like to be applicable and useful for public policies.  Let me start saying a little.

>> DELE OLOJEDE: Can everyone hear Eduardo very well?  He has a bedroom voice, I think.

>> EDUARDO BERTONI: I can scream.  I would like to start telling you a little about the centre and what we are doing and then what are the challenges that we are seeing from an academic perspective.  The Centre for Studies for Freedom of Expression and Access to Information was founded in 2009 at the Palermo University School of Law in Buenos Aires, Argentina, as I said in the beginning, with the objective to provide rigorous research and studies in the sectors of civil society, journalists, Government, institutions, academic community that are dedicated to the promotion of freedom of expression primarily in Latin America.

As part of our academic work, we just finished a survey in Latin America about regulations, case law and policy related to topics such as Internet access, Internet counter‑regulations, blocking filtering and content removing, licensing requirements and liability of Internet service provider.  The survey was similar to the one did and recently presented by the OSEE representatives of freedom of the media on Internet regulation in OSEE Member States.  It's important for studies in friends in regulation and case law and issues as well as to compare the Latin American solution with those of North America and Europe where the Internet is more regulated.  Let me mention briefly 10 preliminary conclusions of our research.  Number one, our study has found that for most countries in the region special laws for the Internet space with not been passed.  Generally law is applied as is to Internet activity.  Different areas of the law that affected communication economy, criminal, civil, property law often treat the Internet in the same way as traditional ways as print or television media.  This results in [inaudible] decisions and excessive judicial discretion.  Two, there is a lack of clear guidelines as to the consequences of Internet speech for Internet users and providers of Internet services.  The study of judicial centres is dealing with privacy and information in the region and demonstrate the lack of understanding by judges on the complexities of Internet speech and it's possible ‑‑ its possible negative consequences on the right to freedom of special.  The lack of understanding must be addressed through policy efforts.  Three, Latin America has not contributed significantly to some of the debates that are taking place institute regarding the Internet such as discussion on Internet governance and the role of ITU, such as IP addresses and the role that Governments should have in this process, the protection and the new privacy threats.  A more thorough engagement of the academic sector in the region is desirable.  Four, in most countries in the region telecommunication laws often do not regular the Internet specifically.  However, in some instances goods or regulatory bodies interpret the law as including the Internet within the definition of communication media thereby including it in its scope.  Five, in criminal codes the Internet is for most regulations treated as only one more way in which content is displayed or transmitted.  In some instances the fact of distribution itself through the Internet or other communications media aggravates the crimes.  In the region, Internet uses have been detained for publishing content on social network that is usually considered to be political criticism that should be tolerated.  Serve, in information cases courts have interpreted the Internet as one more way the Leslie offensive content could be distributed.  Eight, there have been instances of defamation litigation that have been with the most stringent laws.  The problem has not been adequately addressed by courts in the region.  Nine, most of Latin America has not regulated on ISP or other intermediaries liability.  However, a trend seems to be emerging, a trend seems to be emerging that follows the rule of judicial notice and take‑down.  It will be important to see how these areas develops with the treatment of bills that are under consideration in Latin America.  10, in most countries in the region, specifically intellectual property regulation that refers to Internet activity has not been adopted and generally the existing regulation is applicable to Internet activity. 

I would like to finish giving a few words about the challenges and the role of the academic sector in the future.  There are many regions in the future that would be benefited by more research to help to understand the problems and to develop solutions.  Most of the problems are the ones that I just mentioned.  Looking for good practices in the region are something that the academic sector could contribute.  But it would be fundamental that the research made by the academia has an impact in the design of public policies.  For that reason it is essential to work together with different sectors like Government and focus groups, business and other ‑‑ and other stakeholders. 

Finally, the academia has also the challenge to impose some changes in educational matters and also to help in the development of programmes for the capacity of judges, prosecutors, and other relevant actors that work in the regulatory realm.  Thank you.

>> DELE OLOJEDE: Thank you very much, Eduardo.  I would move us quickly to the rest of the room by asking one of the lead discussions to jump in at this point.  My apologies, Susan.  I was too anxious to hear what you have to say.

>> SUSAN MORGAN: No reflection on the value of what I'm going to say.

[LAUGHTER]

>> DELE OLOJEDE: Susan Morgan executive director of the Global Network Initiative.

>> SUSAN MORGAN: I'll be brief.

[LAUGHTER]

>> DELE OLOJEDE: This is not a reflection of my gender bias as an African male.

[LAUGHTER]

>> SUSAN MORGAN: So the Global Network Initiative is ‑‑ we're an initiative that has companies, human rights groups and academics working together and we came about really as a group of people trying to look at how to protect the freedom of expression and privacy rights of users around the world and we were formed several years ago when I think these kinds of issues that we've just heard articulated by other members of the panel, when they were really starting to emerge kind of three or four years ago.  The first really huge piece of work that was carried out was the creation of a set of principles and implementation guidelines really to help companies think through when they're facing questions where they're getting requests from Governments that might impact the freedom of expression and privacy rights of their users, how do they make responsible decision in those positions so that really relates to the technology that companies are developing, the products and services that they're selling and the markets  that they're operating in.  And I think in the last three or four years what they've seen is something that started off as affecting a relatively small number of companies in a relatively small number of countries really growing into a much bigger, a much more Internet problem.  The work of GNI, in addition to providing a set of principles and guidelines, we also, companies, when they join GNI, commit to really a process of kind of assessment of the way in which they're implementing the principles within their organization.  And then other key aspects of our group are really to provide both an opportunity for policy engagement with a number of Governments around the world where we have not only companies but also companies speaking with human rights organizations, investors and academics to try to move the policy debate forward.  And then finally we provide what we call is kind of a safe space for learning to talk through in a confidential way these complex issues.

There's three other points that I'd make.  The first one is this type of initiative is not new but it's new to the ICT sector so if we look at initiatives in the extractors industry, apparel and diamonds industry these type of initiatives have all emerged at the centre point between the interest of business and human rights.  I would see GNI very much in that category but came along much more recently than the initiatives in those sectors.  I think the second point is really just on the role of business.  We all know that the Internet is playing an increasingly important role in people's economic, political and social lives and what we also know is that often it will be private companies that are providing the networks and services that enable that to happen.  So what we're seeing with growing Government interest in this area is that actually the decisions that companies make around where they store data centres and when they corporate with Governments really do matter to a tremendous number of users around the world.  And I think the final point that I'd make, and I'm hoping we ‑‑ we may have a remote panelist who will talk specifically about the user perspective but I just wanted to end on that really and just sort of highlight the huge gap that there is at the moment between what users need to know and understand about these types of issues and the issues that are being faced and also to help them really be in a position to make decisions as sort of educated consumers.  So I think in the future what we're going to see is an increasing trend towards not only the importance of educating consumers about these issues but also increasing amount of transparency and accountability about the relationship between Governments and customers.  Sorry, Governments and companies.  I will end there before my time runs out.  Thank you.

>> DELE OLOJEDE: Thank you, Susan.  You'll soon find that I'm coachable.

We'll take ‑‑ we'll try to go to our panelist who is joining us remotely, if we can find him.  Bret, do we have Bret?

>> Bret, can you hear us?

>> If not, do we have somebody who can speak in an Australian accent?

[LAUGHTER]

>> DELE OLOJEDE: While we're trying to get Bret, we'll go to our lead discussions and then we'll go to the wider audience.  Joey Lee is from Human Rights in China.

>> JOEY LEE:  Thanks, yes, my name is Joey Lee (phonetic),  I'm with Human Rights in China which is an NGO that has been a participating member in the Global Network Initiative since its inception.  And I just want to thank GNI and the panelists for being together these perspectives, and I hope we can get Bret in eventually as well because I'd love to hear his thoughts. 

I think I might take Pedro's suggestion to talk about this new proposed code of conduct for information security that has been put forth by Uzbekistan, Russia, Tajikistan and China which I believe may possibly be up for discussion at the General Assembly as early as next week. 

Just I guess a quick comment and then a question.  The comment is in terms of context, I think it's one way of looking at this proposal is as a next step or the latest example in a growing cooperation and collaboration among some states, including those who sponsored this proposal to both in practice and policy use, information control ‑‑ control of access dissemination and content to fight not only terrorism for which there is a rich and robust discussion going on internationally in terms of how to protect human rights in that context but fight other things.  If you look at the code of conduct itself those other things include political, economic and social instability as well as spiritual and cultural environments, things that present a much greater challenge to the idea of being consistent with international human rights framework.  To bring it back to my question and also to the panelists.  For those who haven't seen it the code also includes an obligation on countries to kind of lead the private sector and shepherd the private sector including the kind of ICT supply chain in building the foundation for what could be these new norms in information security.  And I think it would be interesting to hear the thoughts of the panelists and anyone else in the room of how businesses in the private sector can not only try to incorporate human rights accountability into their operations but kind of navigate through these different emerging standards and kind of norms both nationally, regionally and internationally.

>> DELE OLOJEDE: Thank you, Joey.  Before I ask our panelists or any member of the audience to jump in just a couple of quick rules.  If you have a comment or a question, please just raise your hand and once we recognize you state your name and your affiliation, or lack thereof.  We will not hold it against you.  And the questions may be directed at specific members of the panel or just throw it out there for anyone who wants to engage it.

Any one of you want to take the issue that Joey just raised about how businesses integrate human rights into their everyday functioning, operations, does that capture it, more or less?

>> Joey:  Going one step beyond, not incorporating human rights but understanding and grappling with new proposals for what human rights mean including what might invoke the language of international human rights but not necessarily the spirit.

>> DELE OLOJEDE: Pedro, you're dealing with this every day, right?

>> PEDRO LESS ANDRADE: Yes, I don't know if someone from the audience would like to jump in on this.  I'm happy to share.

>> Let's try one more time with Bret if that's okay who I think is on the line.  Bret, if...

>> DELE OLOJEDE: Let's finish this.

>> Okay.

>> PEDRO LESS ANDRADE: Of course it's always quite a challenge and when we learn about this proposal, first we are true believers of multistakeholder approaches, so we start to join the rest of the rest of the stakeholders and try to exchange ideas about what is this, which is its purpose and how we can coordinate these kind of proposals with real protection of human rights.  It's always a challenge for a business to establish an operation in a given country and we made an analysis before we decided to provide some kind of services, and how the different countries deal with human rights is also a big issue for us and this is also a driver of why we, for example, we have people on the ground, we will have equipment on the ground, or in certain instances we will be, for example, localized in a given country.  And there are many drivers for that ‑‑ for those decisions, some of them are market‑related, but others has to do with how the human rights system is active in a country. 

So in terms of not only ‑‑ I know that ‑‑ this might sound like a weird combination but for countries who want to develop information society services, the good treatment of human rights it's also a magnet for investment.  This is also something important.  Because if you don't have a real good framework of protection, many businesses won't want to provide services from those countries.  And even the nature of the Internet is not given to ‑‑ to a given territory, it's getting the content closer to the user.  For example, use network access points in order to improve the way the traffic goes also depends on a very good regulatory framework in terms of protection on human rights on freedom of expression, protection of Internet use in the country.

>> DELE OLOJEDE: Thank you.  I give you indulgence to press the pause button so as to bring in Bret.  Do we have Bret?

>> I don't think it's going to work, sorry.

>> DELE OLOJEDE: All right, we'll move on, now, to the audience.  I'll just cheat and start from here.

>> IAN FISH:  Thank you, my name is Ian Fish (phonetic), I'm from BCS, the Chatham (phonetic) Institute of IT in the U.K.  I'm not an expert in the field, I'm taking the advice of the newcomers session at the beginning to go to ones which are in areas where I'm not really knowledgeable.  And seeing the title of this corporate social responsibility, presumably there's already at least one, I think there's probably more from my little knowledge, sets of norms and in that space, in the corporate social responsibility space in general.  What you seem to be saying here, and I'm probably completely wrong but worth bringing out I think is this requires something a lot more rather than just something added to that corporate social responsibility set of norms.  I have one question directly for Susan if that's okay, and at the end I'm a bit puzzled because she said there's a huge gap between what users need to know and understand but she didn't say what the gap was with or at least I didn't understand what the gap was with so I've got those two things.

>> SUSAN MORGAN: So I think on your first point, I think you're right, there's a number of CSR standards out there from global reporting initiative and a whole bunch of other standards.  I think they tend to look at corporate responsibility in the round so they look at environmental issues, social issues, economic issues, and we'll cover a whole ‑‑ will cover a whole range of issues very broadly.  I think what we're seeing in a number of sectors and I think what we're looking to do here is really to create through GNI a corporate responsibility standard that's looking very specifically at these issues.  So in the way that the extractors industry, transparency initiative is doing not in the extractors industry, the way in which there are a number of voluntary codes in the apparel industry around sort of supply chain rights.  So it's looking at putting much more sort of detail and emphasis on the issues and providing also, I think, critically some kind of public accountability in terms of the way companies are responding to the issues.  So that's the first question.

And the second question, in terms of the knowledge gap.  And I was hurrying through my presentation so my apologies.  I think the knowledge gap really is in the basic understanding of users of these types of issues of where data restored, what the risks might be for them, how they're communicating and whether their data was encrypted or not and also, you know, so I think in terms of helping users understand the complexity of the issues, there's a long way to go and I think the industry, along with others, has a really critical role to play in helping to educate users and bridge that gap.  I hope that makes it clearer.

>> DELE OLOJEDE: Thank you, Susan.

>> Just sum what you said at the end there as reality the gap between users and knowledge.

>> DELE OLOJEDE: Thank you, the lady.

>> Thank you, Joy Lidicoat (phonetic) from APC.  A couple of comments and then perhaps a question for panelists to respond to.  The first in relation to action on any of business.  Thank you for that.  I think by way of comment I think it's important to add that civil society also has a critical role in the action on any as between the private sector and Government and not only because Governments and the human rights framework designated duty bureaus to the citizens they're there to serve but also because increasingly civil society groups are working with private sector in their own right.  So that's the first point. 

The second point is that there is this tension I think in the business and human rights framework around the role that businesses increasingly are being asked to play as a human rights defender, upholding and protecting and defending our rights online, and thank you, Pedro, for the point that you've raised and the work that you've been doing but at the same time increasingly being asked by Governments to violate those rights through trade agreements between Intellectual Property rights and other knowledge.  The case of Vodafone in Egypt, for example, complying with Government requests to test blockage of services, legitimate services, commercial interests, and those tensions I think will only continue to emerge.  So in terms of the Respect, Protect, and Remedy framework we think the IGF provides something to that framework because it is actually a truly multistakeholder forum.  And in fact, the General Assembly, which is considering the various resolutions that are under discussion it not a truly multistakeholder forum in the same way although it has its own role, of course.  So I guess the question that we would have is how can we measure the various proposals that are under discussion, not only the Chinese but also the IPSA for these core principles of multistakeholderism where neither of the current proposals on the table, for example, mentions multistakeholderism and human rights.  So my question I guess to you in that context is how can we work to get the framework and the multistakeholder ways to pursue those areas of mutual interest?

>> DELE OLOJEDE: Thank you very much for your question.  We, of course, always appreciate shorter questions, so gather around the room, Dan, do you want to take a stab at that?

>> DAN BAER: First let me address the taxonomy point which I completely agree with.  I was meaning that for benefit of conversations like that sometimes it's helpful to lay out the different kinds of human rights challenges that businesses encounter in their work but I also think there's a parallel taxonomy of solutions and how you address those and obviously sometimes we address those through regulations, through law, sometimes we address them through voluntary codes of conduct, sometimes we address them through ongoing multistakeholder institutions like the GNI and society is playing a critical role in those.  As for your second question and touching a bit on what you raised as well Joey I think you're both, right to raise the issue of, you know, we have universal principles, human rights issues aren't something that we made up, they exist in international law, been around for 60 years, they're in agreement and Article 19 looks remarkably prescient now by any media regardless of frontiers, right?  We don't have to reinvent that wheel and we can use that as an evaluative substantive framework to look at any proposals that come forward.  I think the multistakeholder process is something we try to engage as much as possible and obviously there are certain institution that are more permissive than others but even in the cases where he is it's not permissive the United States Government, I meet with NGOs on this topic all the time and the topics I get out of the round tables, I did one at the General Assembly last Friday in New York on the margins of that, I met with 20NGOs including the Russia‑China proposal on the Internet to hear about folks' opinions and interests and concerns with those proposals and that does feed into our opinion, the official opinion that gets delivered on the General Assembly floor.  So I think it's important to recognize that there are sometimes informal ways for civil society to be integrated in a multi‑‑ even things that don't appear multistakeholder that they are multistakeholder.  That's a safeguard, right.  Way to appear that Governments that are supposed to be acting on are being represented in that kind of process.  I agree with your points.

>> Hello, my name is (saying name), I come from Egypt.  I think that we're missing a point here which I expected to hear corporations saying how we can serve human rights more, how can ‑‑ and Governments asking how it can because what I'm hearing, again, is we're doing our best.  Which I think if that's the case then there's much more to be done.  The example is giving I'm sorry to get back at Google but you're the one here, but the example by Google about blocking content from Turkey, not from the whole web, well actually violated the rights of Turkish people and you haven't put that with the Turkish people to fight the law that prohibits figures against Antiturk in Turkey and you haven't traced that.  You said corporates in general would say we need to work in this country.  Well, we need to revisit that, we should not be working in countries that violate human rights, I'm not saying Turkey is but this law specifically is.  The problem is that these actions, by really abiding by the law even if it's an unjust law or a law that does not recognize or respect freedom of expression and by corporations taking the excuse of we are abiding by the law, they are helping oppressive regimes.  In the case of shutting down the Internet in Egypt which was not only Vodafone, it was the three ‑‑ they were actually abiding by the communication law that was passed under the Government with the threat of actually arrests to the operators to the actual engineers if they didn't comply.  But the passing of the law wasn't really taken by the corporations in 2003 and 2004 when it first appeared.  And this was a fight that we were willing as activists and as civil society to go through the fight. 

My issue here is that what happens in any country affects every country by accepting to block content in Turkey are actually affecting me in Egypt and you are allowing the Egypt Government to enact a local law that will eventually block content from Egypt and the same about shutting down the service, when they are discussing shutting down Twitter in the U.K., that affects us because now our Government or future Governments would say, well, it's a legitimate act for some reasons to shut down communication.  I think you have to be more consulting and seeing how we can do better rather than simply saying, oh, we're doing our best.  Thank you.

>> DELE OLOJEDE:  Thank you, I think you've raised actually the issue subject that's central in the conversation.  It's actually the elephant in the room.  Because you're essentially asking a business to put itself in the position of violating the laws of the country which is a very difficult issue to grapple with.  It's at the very core of the tension that exists when we talk about the business of human rights in this environment.  So I would actually like to ask you, save Pedro the aggravation of taking all the questions himself, let's have a conversation for five minutes around that particular issue.  Does anyone have the perspective as to the responsibility of a business in a national environment, regulatory environment where you're required to obey the law.  Yes, sir.

>> Thank you for that, my name is Hussein (saying name) and I work for NokiaSiemens Networks.

>> DELE OLOJEDE: Please repeat that.

>> My name is Hussein (saying name) and I work for NokiaSiemens Networks.  And we actually have faced this exact same issue in a number of operations we have across the globe.  The problem we have is actually very ‑‑ perhaps Google faces the same issue.  We cannot be the arbiter of which Government is repressive and which one is not.  So what you're asking us as a business is not to cooperate with repressive Governments.  I ask you which is the repressive Government, in the view of some the U.S. Government may be repressive.  In the views of others it might be the former Egyptian Government.  We as business cannot make that judgment.  We have to abide by the laws of the land.  This is our only guiding principle.  So what would be wonderful is if we had this guideline from institutes like United Nations to tell us, yes, this is not possible, that is possible, this Government is not good, that Government is good.  We cannot make up that list ourselves.

>> DELE OLOJEDE: Thank you.  So we're now entering the realm of the principle of unjust laws and whether one can resist them.  And, of course, if you decide to disobey an unjust law it also presumes you're willing to accept the consequences, this is whether business would be willing to accept those consequences.  The lady up front.

>> I'm Merriam (saying name) and I'm director of a programme called (saying name) it's an e‑learning project for Iran.  NokiaSiemens as I think many people know was instrumental in the crackdown on civic activists in Iran following the 2009 election.  Speaking not just for Iran, I think it's highly irresponsible for a forum like this and say that you cannot choose or you cannot decide, you cannot be held responsible for knowing the difference between a repressive regime and a regime that's free.  I don't think it helps the debate, I don't think it helps your image, frankly, to after ‑‑ after such an incident in which you've acknowledged responsibility to say that you can't know the difference between a context like Iran and a context like the United States.  Thank you.

>> DELE OLOJEDE: Thank you for that comment.  Yes, please.

>> Thanks, my name is (saying name) I work for the Dutch Government in our freedom of expression issues.  In our propose to freedom there are a few things we can do in engaging with companies which we think is key, we think.  Of course we've been saying joining code of conduct like GNI is a good idea.  There's a lot of to win in Europe in this regard.  There are many companies in Europe that do not have any kind of serious code of that, we believe could help them in building a structural framework in which to work.  At the same time we don't think it's wise to also exclude other possibilities that are a bit more restrictive, if you will.  So what we've been doing is exploring within the European Union, for example, where there are ‑‑ is the due use regulation to see if it would be possible to place certain types of technology that can be used present measures like places like Iran that would be subject to a licensing system within the European Union.  We're trying to explore what's possible there, it's difficult, dual use technologies is always extremely hard to see over time if it's going to be abused or not.  At the same time we believe we should not shy away from that chapter and engage at least with the European Union with other members as soon as possible.

>> DELE OLOJEDE: Thank you.  I'll come quickly back to our panelists and then get back to the audience.  Eduardo you alluded to a particular issue that I sort of made a note to myself on Iran when you talked about the environment in which there is as much of a challenge from the lack of regulation as there is from regulation.  So you have businesses trying to deal with the complexity of [inaudible] in many regulatory regimes, in many countries as well as actually trying to find ways around the regulations that do exist, so it's not just one thing actually, it could also be a lack of regulation that leads to opacity and therefore the possibility for falling into some kind of problem that you did not previously anticipate.  How does a business tackle such an environment?

>> EDUARDO BERTONI: Well, my first reaction to that question is I don't know.  But what is very ‑‑ I mean, in some way I agree with you that sometimes regulations are the problems and sometimes the lack of regulation is the problem.  So when I was, you know, mentioned in some of the challenges from the academic sector is try to put some light on that opacity and help not only the business sector but help the civil society, the people, their Governments, in highlighting where are the problems and what would be the solutions.  But hearing some of the debate here, it's ‑‑ I mean, it is clear for me that there are some things that it is not possible to ask to the business sector in the same way that it's not possible to ask to an Internet [inaudible] of an organization.  Frankly I'm not seeing the U.N. or organization of the United States that have been working for a while putting on a list, a concrete list of repressive countries.  I mean, there were some ideas in the U.N ‑‑ Human Rights Council to do something like that, but at the end of the day this is not going to work.  So asking the business sector to say who is the violator of human rights according to what the intergovernmental organizations are saying is not realistic.  But, on the other hand, it is clear that NGOs usually do this job, put in or say who they consider a violator of human rights.  Sometimes they are right, sometimes they are wrong, sometimes most people agree, sometimes most people disagree.  So what I'm trying to say is this is a complex issue that requires complex solution and it's an issue that needs to be addressed by different sectors.  My last point, the whole strategy in the human rights environment was naming and shaming, okay?  The human rights activists know this very well.  By naming who is a human rights violator you put it in the international arena, it's a shame to be ‑‑ the same could be in the business world, naming and shaming in the business sector.  But the environment with the Internet issue is more ‑‑ is more complex.  It's not just naming and shaming the Governments.  You can name and shame also the business sector and that could, you know, push some people in the business sector to change the way that they are doing things.  In the same way that some countries have changed in the past.

>> DELE OLOJEDE: Thank you.  Susan?

>> SUSAN MORGAN: So I think we've had a really good discussion about the roles and the responsibilities of business.  And I think I just wanted to turn it on to the roles and responsibilities of Government for a while.  So looking at the Ruggie framework that he mentioned earlier, the Protect, Respect and Remedy Framework, it's very clearly focused on the primary duty of states is to protect rights, it's the duty of companies to respect rights, and then there's a need to provide an access to remedy when things go wrong as things inevitably seem to. 

So I think there's a question about is there, you know, is there a role for Governments who are of a like mind and supportive of the free expression and privacy agenda to try and work and try and push that agenda from a Government perspective as well as the initiatives that they're trying to do it from a business perspective.

>> PEDRO LESS ANDRADE: Yeah, I'll come to you, just very brief comments, I'm particularly interested in this issue that you just raised, Susan, on the role of Government.  I think the question of my friend from Egypt, it's a ‑‑ maybe I didn't explain what my team does around the world, the public policy team.  My day job is to deal with regulators, legislators and policymakers around the world to change these things, to really address these issues, the different levels of regional, national, international levels.  I started in Google four years ago, I'm a professor, I have been an activist.  When we started we were like 12 people.  Now we are 18.  We are having a team working in the different countries trying to change the laws that are restrictive of expression and this is one of our core issues right now.  From a company standpoint, we always challenge.  We always challenge every regulation, legislation or decision that is against our.  We have a limit, we have a limit of putting people at risk.  In each country, our assets, and we have been facing that and when the situation gets so bad sometimes we have to take the decision to maybe leave that country.  This is something that we always analyze when we have to take this decision.  So if it's a legal ruling we challenge it.  If it's a law we say this law was created in an environment not meant for the Internet.  And also we evangel lies and advocate, judges, policymakers on how technology works.  We partner, we partner with the technical community, with civil society, with academia in order to ‑‑ ultimate ultimately to Friday to address the issue, otherwise it looks like we're complying with what the Government says.  From a business point of view that would be the easy way.  That's okay, I'll just shut down the content, I'll block something and I don't tell anybody that I do that.  And this is what's happening.  Usually what we do is [inaudible] first because we have that ‑‑ this is a duty that we had for our uses, our uses needs to know when something are not accessible.  Otherwise it's not transferable for our uses.  And need to get the attention of this.  Has a lot to do with the different approaches of different companies.  Some companies if they have a problem, they don't want to be an issue.  And maybe they don't want to tell they received a request to block the content.  We speak up on that and tell the world what happened.  I think niece are the things that differentiate good practice from bad practice on this as well.

>> DELE OLOJEDE: Thank you.  A brief comment from Dan and then we'll take a couple of questions from the Internet audience, to you in the back of the room.  Thanks for your patience.

>> I just had one comment from Bret Soloman, our remote panelist we weren't able to get the audio, but he notes that the NokiaSiemens employee should read NokiaSiemens' own human rights policy ‑‑ and I'm reading directly from Bret's statement ‑‑ direct contravention of what he has just stated.  Of course, it is the responsibility of the corporations to ensure that their technologies are not used to detain and torture as has happened in Iran.  Even NokiaSiemens has agreed to that themselves and their comments are a major step backward, but also adds that his organization, Access knows people in jail because of the technology provided by NokiaSiemens.

>> I need to respond to that.  Okay.  First of all, it's apparent that Bret does not know who I am because I was a major contributor to this statement.  Step one. 

Step two, it was actually our equipment used by the Iranian operators who led to this event.  So we're one step removed.  Three, we do acknowledge that our equipment was used in this repressive manner.  My question, however, was far more broad than that and it is about who is to decide what is repressive and what is not repressive.  Are you going to give it to business or are you going to give it to NGO or multistakeholder forums like today's and that's where I need some guidance because we want to do the right thing.  So we need the guidance and that's what we're seeking as business from Government policies to make sure we get the right guidance.

The other thing I'd like to warn you when we sold the equipment to the Iranian operators this was not only legal but was encouraged by people across the world.  Why?  Because communication is a two‑way ‑‑ and double‑edged SWORD.  It was used for its primary purpose of enhancing communication.  However, what happened later was that it was used as the other edge of the SWORD for finding out someone in ‑‑ who was hiding from the authorities and that is where the issue became.  So in reality what we're saying is, technology is a double‑edged SWORD.  Make sure you have the right policies and don't leave it to business to judge what is right and what is wrong.

>> DELE OLOJEDE: Thank you.  I think we probably have flogged that issue enough so we don't personalize this.  What we're trying to arise at a common understanding to the extent possible of how we handle the business of human rights in this environment.  Do you still have a brief comment or leave it to the answer.  The gray haired gentleman the only one gray haired more than I am.

>> Hi, I'm (saying name) I'm at the international diplomatic academy.  I want to make one distinction that may be useful for the debate.  There's a distinction between equipment and services.  One of the reasons is that equipment is actual a physical good that is concretely sold and implemented in a particular space where else online services can be accessed in a given Government even if they're implemented from completely somewhere else.  In the case of equipment there is a challenge for businesses as was explained regarding what is legal, what is not legal and the nature of the regime.  However, the fact that some technologies are dual use lead to a natural corporate decision that weighs the risk of reputation that is attached to the potential dual use and the potential misuse and so in that case there is a sort of scale between things that are connectivity equipment, pure connectivity equipment that do help connectivity in that country.  Very dual use equipment that can be used in a bad manner and a third layer that is additional services that can be contracted by the country in Russia to help their bad use.  And in that respect I think the best information that the corporations can get is the kind of ranking that entities like freedom house or others are doing in terms of ranking and this is an evaluation that I'm sure that they're using in terms of evaluating whether they do or they don't.

Quickly, the second point I wanted to make is there is a problem that corporations that are on the service side have which is the conflict with national jurisdiction and the problem is not only is there a conflict with national law but now we're getting more and more difficulties and conflicts with subnational levels.  Without getting into details, things like the province of Alberta considering that the the groupon coupons are not compatible with the Albert local law for vouchers has nothing to do with freedom of expression, but it's bringing the problem to a level that is making it intractable and in that respect I'd like to build on the notion of sovereignty and national laws because Governments are concerned about things that are attacking their sovereignty.  And the great argument that comes in is that because the action of some Governments can have an impact on another Government, every single Government official should be concerned that the national laws do not have a ripple effect on their own citizens.  And this is an argument that can be used by every actor that is in the freedom of expression defense because it is a legal argument that is of concern for Governments and it's a way to conduct the argument that doesn't even mention the ulterior motive but it is based on legal facts.

>> DELE OLOJEDE: Thank you very much.  I'll come to the gentleman in the olive green shirt but I want to bring in ‑‑ I'm sorry, I want to bring Joey in because it's pertinent to the work that you do because China seems to be ground zero for a lot of the issues that have been discussed and I want you to go briefly to how you engage with businesses on how to navigate that kind of environment and after that we'll come straight to you.

>> Joey Lee:  I can mention it very briefly because it is a kind of complicated question.  Certainly one way that we do it, as I mentioned, is that we engage in multistakeholder question including GNI of which we were a founding participant and I think to answer it more completely one of the reasons why GNI I think is helpful and contributes here is because it's a prolonged discussion.  It's not a one‑off kind of one‑hit discussion on one particular issue where everybody moves on.  By definition I think GNI is a longer process that invites its participants to speak, frankly, and thoroughly in order to have a robust framework.  And it's not a quick answer and it's not a quick solution.  And I think that's the kind of engagement that is necessary for dealing with a country as difficult as China.

>> DELE OLOJEDE: We have just about 10 minutes left so I will just take a few more questions, yes, sir.

>> Excuse my breath.  I think we are missing a serious fact.  I'm not sure if this articulates, Bret, what you're saying but there is a model for Government enforcement of good practices.  That is to say, for example, the U.S. law against companies operating abroad, bribing ‑‑ there is the NATO sanctions list against sale of armaments to certain regimes.  There's U.N. sanctions for sales of arms.  Instead of asking individual corporations to be carrying the burden of respecting human rights, maybe we should be asking those same companies to go to their chamber of commerces to pressure their Governments for bidding them to do things like what Yahoo did in China so that when Yahoo is confronted with a demand by the Chinese Government, it's able to say, you're asking me to do something that would cause me serious legal difficulties in my own country and I therefore cannot comply.  And I think in that sense perhaps we have not sought a good enough or close enough cooperation on human rights, sanctions enforcement in the past and that the GNI approach is fine and I'm all for it, but maybe it can be broadened with a different approach.

>> DELE OLOJEDE: Thank you, thank you for your contribution.  I'm glad I didn't miss that one.  Actually, I think the U.K. Government also just introduced a law that became effective in July, 1st of July, that holds not just their companies but any affiliate that engages in some of these activities around corruption and so on.

>> Thank you, general, I would like to provide an outline for companies to identify when it's a [inaudible] regime and when the companies should not.

>> DELE OLOJEDE: Please introduce yourself.

>> My name is (saying name) Rodriguez.  I work for electronic frontier corporation EFF.  For companies who do that, we hope those companies who support the various technologies for certain regimes should take into account, companies should review human rights records provided by the U.S. department or the United Nations reports of which countries are ‑‑ which are the records of human rights violations in those countries but they should not, as others have said, only focus on those officials.  They could also go farther and try to read the documents produced for by human rights watch or other serious NGO working in the area.  Also the company might be able to look at the national level how those ‑‑ how the Government plans to use the technology and trying to have one person or a place or a process inside the organization who is able to rate all these issues at the stakes, before they can engage in selling surveillance technology to support human rights violations.  There are many things they should do before they engage in and I hope that not only we could brought up this discussion, have this discussion more broader and try to evaluate if this could be not only as a self‑voluntary model but maybe explore the possibility of having something in the law, thank you.

>> DELE OLOJEDE: Thank you. Sir.

>> Thank you very much, Johan Hallenberg (phonetic), Swedish Government.  Thank you very much for your presentations, I'd like to ask Susan about the GNI.  I think we as the Swedish Government we really appreciate the work that you're doing and we happy to see also the Swedish companies are coming on board but we also acknowledge that it would be, of course, even better if you had more companies joining.  So would you please just dwell a little on that, how you plan to engage more companies?  Particularly in Europe, from Europe, into ‑‑ into join the GNI and what are the main problems and would there be any possibility to negotiate to get more companies on board?  Thanks.

>> SUSAN MORGAN: I'll try and be brief.  It's a broad topic.  I think your ‑‑ I think there's a number of things.  I think firstly, in comparison to other types of initiatives like GNI and other sectors where we're in a very early stage in our development.  So we currently have four companies who are numbers of GNI.  Google, Microsoft and Yahoo who joined at the beginning and a startup company called Evoka (phonetic) who have joined recently.  In terms of the engagement that we're doing with other parts of the sector now, we continue to have conversations with a number of different companies in different parts of the ICT sector and we think that over time we can develop something that is relevant to the whole sector but we know that from conversations that we've had that there are some issues that we need to address so there are issues of business model differences to the companies that we currently have around the table, operational risks in terms of having lots of people on the ground, and I think there are also issues as we've talked about in terms of dual‑use technology and issues that we might need to address there. 

So in terms of sort of practical test steps, whilst we continue our discussions, we're also looking at ways in which our guidelines may need to be adapted to take into account those different operational issues in different parts of the sector.  It's something that is absolutely enshrined within our Government's charter that we were able to do.  It was always our intention as we saw new issues emerging and as we had feedback from stakeholders that we would be able to do that and it's something that we're definitely actively engaged in in the moment and clearly we hope the end result of that will be that more companies will commit to joining GNI.

>> DELE OLOJEDE: Thank you, Susan.  Yes, sir.

>> Hi, my name is (saying name) and I work with Access and Bret Soloman on human rights and user rights issues specifically, I would like to thank you all for your comments and I would like to add a few to them and specifically focusing on user rights. 

First of all, I don't think that it's an issues that companies should make a list of which countries are [inaudible] or not, but companies do have a very clear responsibility to make sure that whatever they do does not violate human rights especially when they're working with products which have such implications which carry such big risks for human rights of individuals in certain countries.  The human rights risks that are involved with technology do not restrict themselves to authoritarian regimes, obviously.   So that's another thing to keep into consideration, that's not something we haven't heard that much during this conversation, unfortunately, but every user of the Internet faces specific privacy and security risks which are only exacerbated by policies of certain companies. 

One thing that's also needs to be reminded is the way that services operate is very different from let's say if I go to a store an buy a DVD of "West Side Story," it's a one‑time transaction.  When you're in a service you're sort of giving off ‑‑ you're handing off private information that a company can keep eternally, you do not control that anymore.  So whatever companies do, there need to be specific principles which they need to keep in mind with their actions, so in terms of privacy there needs to be user awareness, there needs to be user consent to storing that information, there needs to be user control about what to do exactly with that information. 

Now, when we talk about security issues, there is a wide range of issues involving that.  For example, when you look at data breach notification, which again a lot of companies do not follow these rules that they should be clear and they should be extremely transparent about whenever there's a data breach.  We've had issues with a certificate authority being hacked into a few months ago in the Netherlands which means that users do no longer have the opportunity to verify whether the connection they have to specific Web sites can be trusted or not.  That's extremely serious. 

So there are a wide range of issues like that that involve the nexus between businesses and ICTs and which need to focus on exactly the interests of the users.  The users are the ones that these companies exist and that should be the primary focus.  Access is organizing a panel on this or a conference, a human rights conference at the end of October where this conversation will continue where many [inaudible] and other tech companies are participating so that would be a good venue to keep on top of these issues and we welcome efforts like [inaudible] and Google's report to make sure there is mitigation of the negative effects involved with what the company ought to do.

>> DELE OLOJEDE: And with that we come to the conclusion of our conversation this afternoon.  It's been a very spirited one.  And I think that we all take it in the spirit in which it was discussed and a few things did come out of this.  One is that in order to solve this seemingly intractable problems, that there is a clear need for stakeholders to get together, to talk through them and to negotiate some kind of rule of the road by which they conduct themselves in these environments.  I also think I heard something that was particularly striking to me which is that it is primarily unrealistic to expect that an individual company would be able to confront these challenges by itself.  But rather, there needs to be some kind of framework that guides the work of businesses as they engage with the business of human rights.  A few of the speakers have talked about the sort of role that GNI is playing and I'm sure that there are other organizations trying to do the same.  This kind of trend would be the one that leads us hopefully to the promise land which we may never arrive at but if we get closer to it I think that will be progress so I would like to thank all of you for participating so ‑‑ so intensely and so intelligently this afternoon and in particular our panelists, Dan, Pedro, Susan and Eduardo who have helped to guide our conversations.  Very sorry that we couldn't get Bret to join us.  But we did hear your comment and it was very helpful.  Have a wonderful afternoon, everybody. 

***