You are here

IGF 2018 - Day 3 - Salle VIII - WS349 A Multistakeholder Approach to HRIAs: Lessons from ICANN

The following are the outputs of the real-time captioning taken during the Thirteenth Annual Meeting of the Internet Governance Forum (IGF) in Paris, France, from 12 to 14 November 2018. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 

***

>> BRUNA SANTOS:  Good morning, everyone.

     We still have seats available at the main table.  If you guys want to join us here?

     (Standing by.)

     >> BRUNA SANTOS:  Good morning, everyone, again.  My name is Bruna Santos, and I'll be your moderator for the next hour.  Thank you very much for joining us. 

      This is a joint panel initiative by two parts of the ICANN community, the cross-party Human Rights and also the Gender & Youth Constituency.  This will address A Multistakeholder Approach to HRIAs and also the Lessons From ICANN. 

      Moving on to our subject, the Human Rights Impact Assessments are a useful and widespread tool to inform private actors of the potential negative impacts of their policies and to help mitigate the consequences.  Our plan here today is to welcome the panelists and shed light on the subject, looking at origins, influences, and progress of the multi-stakeholder HRIAs, covering social compatibility, the importance of achieving, benefits of implementation of the multi-stakeholder impact assessment and what challenges we have to overcome in order to fully apply them to the ICANN community.

     The following workshop will be divided into five segments, four with the panelists and followed by a short Q&A session for the audience.  And we will have the last segment for ten minutes on Q&A between the panelists and the audience.  The idea here is to be really a roundtable and welcome everyone.

     I will do a short introduction of the panelists to make it easier for us to give the floor to each of them.  So the first part of the workshop will start with, it's called origins and drivers of HRIAs in the ICANN context.  Our lead panelist will be Jorge Cancio from the Swiss Federal Office of Communication. 

      Second part, how can we assess methodologies with Tulika Bansal from the Danish Department of Human Rights. 

      Next, multi-stakeholder HRIAs with Michele Neylon.  And then we will welcome Collin Kurre from Article 19. 

      Starting out with Part 1, I give the floor to Jorge.  And the leading question for him was:  When did human rights enter the discussions at ICANN?  And how have discussions progressed since then?

     >> JORGE CANCIO:  Hello.  Good afternoon already, everybody.  As said by Bruna, my name is Jorge Cancio.  I work for the Swiss Federal Office of Communications.  One of my issues or dossiers is to represent the GAC, the Governmental Advisory Committee of ICANN and also in the wider ICANN environment.  So we also participate or try to actively participate in different cross community efforts therein.

     So I think this is a very pertinent question.  I will try to stick to the time.  I don't know how many of you are really aware of what ICANN is and what ICANN does.

     Could I call for a show of hands of how many of you are more or less aware of what ICANN is?

     (Laughter.)

     >> JORGE CANCIO:  Okay!  So we are very ICANN-ish group of people.  I will spare you the details.  And I have some notes, but I will only glance over them.

     So this is not really an academic effort because I didn't have the time and I don't think it makes too much of a sense.

     We have, for instance, a very good and interesting article from last June by Neilston Uber whom many of you may know who wrote about this subject, how from his point of view, of course, civil society brought the question of human rights into the ICANN discussions.

     Probably I have a complementary point of view.  I digged a little bit into the history of what a remember, a list of ICANN in the last years.  And the first thing, of course, is according to the Articles of Incorporation and the Bylaws of ICANN, ICANN is subject to relevant principles of international law; also of applicable local law.

     So you can make the inference that already covered to a certain extent human rights because, of course, human rights are at the core of international law and are binding for states.  So if ICANN had to follow the principles, relevant principles of international law that should be included somehow.

     A second question is, well, when did the universal declaration of human rights first appear in one ICANN document?  At least where I first found it is in the principles that the Governmental Advisory Committee issued in 2007 about the new gTLD process.  That is really way back in the history of ICANN more than 11 years ago.

     But to be honest, I think that for both the technical community in ICANN and also the business community and the government community, human rights was kind of cloudier concept.  We didn't really look into that so much during those years.  I mean, 2007 onwards.  But there were some issues, of course, that had human rights implications.

     From the very beginning and one of the first policies of ICANN was a trademark protection.  Of course, trademark protection has implications as all of you know, because there is some balancing also with free expression, with other rights that are out there.  And the DD Republic existed from the very start.

     Another issue, which is now in the mind of everyone, well, the European countries put the focus on privacy and data protection from the very start, let's say, in the early 2000s.  But it was still seen as something that was a bit far away at least for those actors and stakeholders in ICANN that were not based in the European Union or in European countries which fell under the European Council Convention 108 on data protection and privacy.

     I see that I always, I already covered a lot of minutes.  But I think that that juncture in 2012 with the new dTLD process we increasingly became aware in the ICANN community that there is an intersection between activities of ICANN, especially new gTLDs and human rights, different human rights, freedom of expression, democratic rights, right to assembly and so on and so forth.

     There was a study in 2014 that was commissioned by the Council of Europe which looked at this very, very focusedly.  And gave an overview of human rights implications.

     At the same time you know that we have the Snowden revelations.  We had the transition process.  When we started with accountability discussions, the improvement of ICANN accountability and Leon, who is sitting there in the other row, knows very well when we were discussing in Work Stream 1 there, there was a push by some from civil society and also from some governments and ICANN talked me into that row, that we should include a core value or a commitment in a nonlegal terms that ICANN should abide by human rights in the sense of broadly speaking of the UN Principles on Business and Human Rights. 

      So in this respect protect, redress framework, it was a long process to get to that core value and in ICANN there were different viewpoints, different interests and of course Neilston Uber can tell you a long story about that because he looked over the will second part of that process.  Finally we had the core value included when the transition was made effective in October 2016 and then we had this very long discussion on the so-called framework of interpretation an considerations which tried to give an explanation of the meaning of what is in the bylaw on human rights.

     I think that perhaps it might make sense to project the bylaw somewhere so that those who are not privy to the details know all the different nuances that were included there as a result of this multi-stakeholder compromise.

     So I will leave it by that and only to say that now this part of the process is before the board and as long as the board does not endorse this framework of interpretation, the bylaw is not effective.  So I don't know if our friends from the board who are present here want to say something on that.

     >> LOUISE MARIE HUREL:  Hi, everyone.  I'm Louise Marie Hurel, also with CNC.  I'm the time keeper.  If you see me waving, making bad, angry faces to you, that means time's up.  Don't take it personally.  Cheers!

     >> BRUNA SANTOS:  Thank you very much, Jorge and Louise.  We have three minutes for Q&A if anyone wants to direct to Jorge a question.  Is there a question?  No?  No?

     >> COLLIN KURRE:  I have a question.  Hi, Jorge, thank you very much.  Could you please tell us the role of the International Human Rights Law Working Group within the Governmental Advisory Committee?  I think that you still chair it.  I was wondering if you could tell us what the articulation is between that Working Group and the Governmental Advisory Committee.

     >> JORGE CANCIO:  Sure, Collin.  Thank you for the question.  Basically it is a Working Group of the GAC, the Governmental Advisory Committee.  We established that Working Group in early 2015.  There was a lot of debate on the terms of reference because there was this, let's say this rift between those who still thought ICANN is just a technical organisation.  It has nothing to do with human rights.  Those of us who thought no, well, it has human rights implications.  We need a Working Group on this.

     And finally, we reached an agreement and basically it was this Working Group that is to assemble those GAC members who are most interested in this topic.  And we have been basically following during the last years this evolution of the discussions on the first the core value and then the framework of interpretation and now we are beginning to discuss on the implementation provided that the by law and the framework enter into force finally.  That's it basically.

     >> BRUNA SANTOS:  Thank you very much.  Another follow-up question.

     >> People raised their hands knowing something about ICANN but I don't know how involved everyone is in ICANN.  I wanted to ask, now it sounds like it was a little bit of a seamless process of getting human rights in and the chronological process was pretty straightforward, but it might be that that was not necessarily the case and there was a lot of discussions.

     Do you think there are lessons learned?  ICANN is a very particular community, but other kind of multi-stakeholder types of organisations that they can learn from the process you went through?  In actually getting human rights in there somehow?  And yeah, basically that is what I want to know.  Is there any benefit of working with human rights in this regard?  Because it provides some sort of structure.

     >> JORGE CANCIO:  Okay, that's a question for me?

     (Laughter.)

     >> JORGE CANCIO:  I think it is a question for the whole room to respond.

     I think we had a very principled approach, at least from the Swiss government perspective because we have been really sponsoring the framework, the so-called rugged principles on the international level.  We start and we believe that we had in this transition to make sure that even if ICANN is a technical organisation within narrow mission, that the human rights should be in the core values at least of this organisation.  Lessons learned, it depends very much on what kind of multi-stakeholder organisation you are in.

     I think that ICANN is a very special animal in that it is an operational multi-stakeholder organisation.  You don't have so many of that kind.  You have many discussion fora.  You have, for instance, the IGF, but that is a more of a programme setting committee, what you have in the MAG and within the consultations.

     But this special animal which is ICANN, where all the different parts of the community give their ingredients to cook the results which are the policies that come out of the different processes.  It is very special.

     But of course, at least for me personally, it was an experience.  The human rights discussions were one part of all the accountability and transition discussions which for those who took an active role in it, it was really a learning experience.  Learning other ways of behaving, other ways of negotiating.  Other cultures, not only in the national sense but also in the stakeholder sense.

     >> BRUNA SANTOS:  Thank you very much, Jorge.  Moving on to the second segment, we are welcoming Tulika Bansal.  How does the industry feed into the wider context of business and human rights?  And what type of impact assessments might be applicable?

     >> TULIKA BANSAL:  I'm Tulika Bansal.  I work for the Danish Institute for Human Rights, which is Denmark's Human Rights Commission.  I have a terrible voice because I'm not feeling so well.  Sorry.

     So let me tell you how the Internet community fits in this framework of business and human rights.  As Jorge mentioned the UN guiding principles on business and human rights, they are the authoritative framework on business and human rights that guide states and companies on how they should respect human rights.

     And this framework, the UN GPs as we call them, very clearly set out what the duty of governments are and what the responsibility of companies are.  This, of course, also includes Internet companies.  The framework really clearly says it doesn't matter how big a company is, how small it is, where it is based.  As a business you have a responsibility to respect human rights.

     That's where the Internet community fits in.  It also means that governments have the duty to ensure that companies respect human rights.  The framework sets out a few steps of what a company should do.  These steps are so-called human rights due diligence.  It first starts with developing a policy on human rights.  The next steps is assessing and addressing human rights.

     The framework doesn't specifically talk about conducting a human rights impact assessment, as we are talking about today in this session, but it says that companies should assess and address rights.  After a human rights impact assessment is one tool that companies can use.  It is a process where companies either work with an independent organisation, a consultancy, it is the type of work that we at the Danish Institute for Human Rights also do to conduct an assessment of the negative human rights impacts of a business.  It can be the operations of the company itself.  It could be in lab racial with joint venture partners.  It could be the impacts in the supply chain, et cetera.

     For companies operating in the Internet space, this becomes a little bit different.  When we are talking about a physical company, you think of workers in the supply chain.  You think people working in a factory or a plantation.  When it comes to the Internet, who are the people that are affected?  So this is one of the challenges that we are seeing.  Who is your community?  It is all the Internet users.  So this is one of the things that we have to take into consideration.

     There is different types of impact assessments that can be undertaken.  One is that we call company-led impact assessments.  A company comes to us or other organisations and asks an independent entity to conduct an impact assessment.  This is often seen as an independent appraisal or review of what the company is doing.  As part of this process, the independent organisation engages with company representatives, affected persons which we call rights-holders, human rights experts, academia, et cetera, to understand the negative impacts that the company has.  That will clearly distinguish between the impacts on the company which we are not looking at, and impacts on affected persons.

     Another type of impact assessment that exists is community-led impact assessments.  These assessments are driven by NGOs or civil society and they are often undertaken in sort of large scale development projects.

     The idea of these types of assessments is that they are really taking the voice of those who are affected into consideration.

     And when we are talking about these two types of assessments, usually the counterpart doesn't accept the outcomes of the assessments.  When an assessment is carried out by company, affected people will say this assessment is not independent enough.  It is not taking our viewpoints into consideration, and vice versa.  When a community-led assessment is carried out you often hear companies criticizing the outcome saying this is not taking the reality of the company into consideration.

     So what the Danish Institute together with two other organisations, Colombia Centre for Sustainable Investment and Ciasco Law School developed and idea of a multi-stakeholder impact assessment.  The proposal that we have come up with is designing a human rights impact assessment approach where a company collaborates from the outset with the civil society organisation and possibly also the involvement of governments.  Together you design the full human rights impact assessment process.  What is going to be the scope of the assessment?  What are the issues that you are going to look at.  The idea of such a process is that you take away the power imbalances that you may find in a company-led assessment.  It is also a tool to build better relationships between the different parties involved.  First of all, governments have to take their responsibility.  And companies have to take their responsibility.

     While this multi-stakeholder impact assessment approach doesn't exist yet, we think that this is a powerful method to take on and I think that the presentation that Michele will give is an example of a suggested approach where different actors can be involved in assessing human rights impacts.  Thank you.

     >> BRUNA SANTOS:  Thank you very much, Tulika.  Do we have any questions?  Okay.

     No one?  Okay.  Go ahead.

     >> AUDIENCE:  Yeah.  Thank you so much.  I am from the European Opportunities Foundation, acting as a MAG Member for Internet Society.

     I can't help but think you have showed us the incompatibility in acceptance for these two types of impact assessments coming from the community on the one hand or industry or business from the other hand.

     I'm wondering as I'm working as a children's rights activists whether children's rights have been given attention in terms of the assessments as far as you have knowledge about that.  Thank you.

     >> TULIKA BANSAL:  Thank you for the question.  Yes, there is actually quite a lot of work that is being done by UNICEF.  They have conducted children's rights impact assessments.  Where the focus of the assessment is really looking at impacts on children.  It is not as much in the ICT or Internet or technology space, but in a number of other sectors.  But I'm happy to share a little bit more after this session with you.

     >> AUDIENCE:  I'm especially interested in regard to ICT, of course.  Also whether the impact of the domain name system has ever been assessed in regard of children's rights.  Thank you.

     >> BRUNA SANTOS:  Thanks again.  Moving on to our third segment, we are welcoming, give the floor to Michelle Neylon.  Your kick off, what is your experience collaborating with civil society on a multi-stakeholder human rights assessment.  You have the floor.

     >> MICHELE NEYLON:  Thanks, good morning.  So I suppose the short answer is it was a positive experience.  And I could just kind of wrap up there and leave.  But that would be a bit of a waste of a flight.

     So the, I suppose first off I should explain exactly what we do as a company to give you some kind of context.  Collin and others working on the human rights impact stuff in the context of ICANN.  There has been a focus there, I suppose, more on those kind of registrars, registries, et cetera.  A company such as my own while we are a registrar, a lot of our business is in hosting an providing other services to individuals, small businesses, multinational corporations, et cetera, et cetera.  It is not purely here is a domain name, go play.  We provide other services.

     Within that context we work, we are aware of what was going on with Article 19 and to a lesser extent would be with the Danish colleagues and saw this study that would have been done about 18 months ago, I think it was.  I think Collin approached me and kind of cornered me and bullied me into doing things.  I was like okay, fine, I'm not going to argue with her.

     No, but I think being more serious, I thought it was an interesting opportunity for us to explore and so we worked with Collin and Emile remotely initially going through our internal policies and external policies.  And then we finally had a kind of day-long intense session at our headquarters.  And then after that they sent us a very nice detailed report telling us all the things we were doing wrong.  Great!

     And I mean, I think one of the things that Tulika mentioned that is important, there can be a tension between what a company, an organisation should be doing versus what the company is comfortable doing.  And for us as a provider, we provide services to companies, individuals around the world.  Not all of our clients are saints.  And sometimes we will have to take action against them.  Also we have other kind of internal, how can I put it?  Tensions, I'll say.  One we have been working on is, I think it is a whistle blower policy because if our HR team are like, okay, if someone wants to lodge a complaint against another member of staff, then in order for us to be able to follow the proper human resources process, et cetera, et cetera, you have to be able to name that person.  The counter is that goes against our whistle blower type scenario.  How do you get take balance right and how do you narrow it in such a way where you don't end up where people are abusing what is meant to be a positive and turning it into a negative.

     The experience for us, I think, was interesting because it was very collaborative.  We are not a huge company with massive resources.  So the conversations we had when we met in Carlo were pragmatic.  This would be the ideal thing for you to do.  Face it, you are not going to hire a person specifically for this because you have 40 staff.  You don't have 40,000.

     You know, it might be a best practice for a larger organisation to have some external arbiter for certain types of things.  Again, considering the size of your organisation, that might not work.

     And then kind of thing where it is an iterative, collaborative conversation about how can you improve things but how can you do so in such a way that essentially it doesn't put us out of business.  There is no point having a company that is doing the right thing in terms of human rights but has gone bankrupt in the process.  That is counter intuitive.

     So I mean, Jorge's points as well about for those of us in the technology industry kind of grappling with some of these concepts about lights, it is a new thing for many of us.  There may be certain things that we are obliged to do through national legislation, but it is not framed for us as being human rights specifically because it would be employment law has -- it is going to enshrine those but it is presented to you as employment law and not human rights.  A lot of us in ICANN were scratching our heads, what does this have to do with us?  Some people come into the arena and start talking in broad sweeping interpreters and everybody then goes to run and hide.

     Overall it has been an interesting experience and one we are still working on trying to implement as much of the recommendations as we got from that report.

     Some of it is done.  Some of it is being done.  Some of it will be done.  Hopefully all of it eventually.  Next time Collin corners me somewhere, I can say it's all done.

     I think I'm all done.

      >> BRUNA SANTOS:  You have one more minute.

     >> MICHELE NEYLON:  You're giving an Irish man an extra minute, that's dangerous.

     The other thought fits with my company's ethos about being transparent and how we handle things.  Some people seem to think that by being respectful towards human rights and having these policies in place, that means we are going to allow just about any form of activity and that we are going to take that to a crazy place from a business perspective.

     But I think it's more, the reality is it is more to do with us actually having those policies and processes so there is that concept of due process and certain degree of transparency.

     >> BRUNA SANTOS:  Thank you very much, Michele.  Do we have any questions from the audience?

     >> AUDIENCE:  It is again me, but I do think it refers directly to what you said before about having legislation or having recommendations in regard of that.  I don't know, I've learned now you come from an Irish company?  So that's in Europe?

     >> MICHELE NEYLON:  Yes, very much so, very European.  Not going anywhere!  Not going anywhere!

     (Laughter.)

     >> MICHELE NEYLON:  If you're from an English speaking company, talk to us.

     >> AUDIENCE:  Yes, because I want to talk about something that the Council of Europe issued this July that is the Guidelines to Protect and Fulfill the Rights of the Child.  It addresses directly children's rights in regard of domain names.  I'm just going to read out the respective article because I do think the wording is important.

     When awarding a contract or license to any entity to become a registry for a country code top level domain, states should include clear Ritz to have due regard to the best interests of children.  Such requirements should cover, for example, a clear prohibition by the registry of the registration or use of any domain name which advertises or suggests that child sexual abuse material may be available in any domain within the registry's purview and the establishment by the registry of mechanisms to ensure that this policy is enforced including by registrars and registrants.

     The same requirements should apply to the registration of generic top level domains.  I think this is a very clear recommendation and it is adopted by all the Council of Europe Ministers.  So it has become national law in respective countries.  I would like to hear from you, would you see -- I heard you said some of these recommendations might be possible for all companies that have 40,000 people on staff but not 40.  Do you think it would be feasible for you to adhere to that guidelines?

     >> MICHELE NEYLON:  We already do.  Child abuse material is something that nobody that I know of within the infrastructure industry supports.  I'm changing hats.  I'm now speaking to you as chair of the Internet infrastructure coalition which represents the interests of some of the largest infrastructure companies in the world.  Our members include companies such as Google, VeriSign, Affilias, C-Panel, my own company, and we work with Eco, who you may be familiar with.  Lars is sitting over there behind us.

     My own companies and others, we have a zero tolerance on child abuse material.  Now, you're the, the language that you are referencing there is expect to the awarding of contracts for registry operators, which is not something that we would be directly involved with.

     >> AUDIENCE:  Registrars and --

     (Overlapping speakers.)

     >> MICHELE NEYLON:  So the thing is, if it's a question of child abuse material, then none of us want that.  If we're aware of it, I think most of us would take action as quickly as humanly possible.

     In terms of trying to make some kind of assessment on the actual string itself, that is registered in the domain name, that is a much more problematic issue.  If you want to discuss that further I'm happy to take it offline, we could be stuck here for hours.  I don't think that is going to help us.

     >> AUDIENCE:  I wanted to initiate --

     >> MICHELE NEYLON:  No, no, generally speaking --

     >> BRUNA SANTOS:  We have a couple more questions.

     >> AUDIENCE:  My name is Austin, a Ph.D. researcher at the UN University.  My question for you is about ICANN or people are sort of implementing within ICANN as well.  That is about ongoing impact assessments.  Rather than a one-time organisational assessment, do you have plans to sort of analyze every policy that is developed within your HR department?  Or is that something that you consider too small?

     If there are any ideas, I don't know.  That's something we are trying to work on as new policy development processes come up, how do we look at that kind of continuously rather than a one-time assessment.  Did you do that or are you going to do that?

     >> MICHELE NEYLON:  There are two parts to that.  Let's not conflate what ICANN might be doing in its little space over there and what my own company might do.  So within our own company with things like ISO you have to revise policies every time.  So putting any of the human rights ones into that mix means they are going to be revised.  So yes.  I have been given a warning on time.  I'll shut up now.

     >> BRUNA SANTOS:  Did you have another question?

     >> AUDIENCE:  Yes.  Jean Christoff.  In that vein, you are representing one of the registry operators, YNI Registry.  I wanted to come back to the lady's question over there and then back to you, Michele, which what is you've described is really great, but there seems to be an awareness issue since those questions still top-up.  Do we support or don't we support child abuse?  Obviously we don't, none of us do.

     Yet you have done in your company a lot more than others have done by going through this process.  Still we are struggling with those questions.  So isn't there an issue of leading by example?  And how do you talk about it?  Should not the whole community be more aware of what can be done, what you are doing and how it can be reconciled with as you said business needs.

     If it is to go against you are not doing enough against child abuse for the 100th time in 70 years, it is frustrating.

     >> MICHELE NEYLON:  Thank you, Jean Christoff.  There is no short answer to that.  It is up to individual companies to make the public aware of what they are doing and bring the industry in general to kind of raise that awareness.  The tension within the ICANN context is that any time several of us come together and do anything, there is an inherent fear that you are going to end up with an extra contractual organisation and the devil is in the details, et cetera, et cetera.

     This more loose, collaborative type scenarios tend to work better.  I totally agree.  It is the same with infrastructural abuse and other abuses of the DNS.  There are many companies that are taking proactive measures or many companies that are investing heavily in getting this stuff down as quickly as possible.  But the headline stories are usually:  Oh, my God! Oh, my God!  There's one domain name in one particular country code that has some kind of terrible abuse.  It is not that that abuse isn't bad.  We are not defending that.  But it is that, it is the negative story that gets the headlines.  The positive stories we don't hear enough about.  That I think is sad, unfortunate reality.

     I don't have a solution for it.

     >> BRUNA SANTOS:  Thank you very much, Michele.  Our fourth segment we will welcome, give the floor to Collin Kurre from Article 19.  And the kick-off question:  What progress has been made towards developing impact assessments for the ICANN community?  And what remains to be done?

     >> COLLIN KURRE:  Thank you.  So we've actually made quite a lot of progress.  In kind of building off of what Jorge mentioned, in getting human rights on the agenda, first and foremost.  That was kind of step one.

     And then we've also had some recent successes in getting human rights impact assessments as a concept more socialize the within ICANN.

     This was really on clear display in the last ICANN meeting in Barcelona two weeks ago where ICANN CEO in his opening remarks referenced the company-led human rights impact assessment that ICANN org is carrying out.  He cited the community's success inputting that on the agenda and really creating demand for this to happen.

     So I think that is evidence of progress.

     But here it is important to distinguish between ICANN the organisation and ICANN the community.  Because ICANN the organisation is actually not responsible for generating these bottom-up consensus policies that result in global DNS effects applied around the world.

     What do we do about nongovernments and non-companies that make policy?  In the Internet Governance space this is becoming an increasingly relevant question.

     So we were looking back at this kind of hybrid approach, this multi-stakeholder approach to impact assessments.  But beyond that, and that is something that we are doing within the cross-community Working Party on ICANN and human rights.  I will discuss that model in just a second.

     In addition to that in terms of progress, we've also had some instances of not necessarily human rights impact assessments but different impact assessments such as privacy impact assessments or data protection impact assessments being invoked within different policy development processes as empirical evidence that could inform the decision making process.  That is another evidence of progress.

     In terms of this will multi-stakeholder human rights impact assessment model that we are trying to build for the ICANN community, I think that it is important to say that we are not starting from scratch.  There has been a lot of literature in other sectors about human rights impact assessments or even sector-wide impact assessments which is something novel that human rights institutes and human rights impact assessment practitioners are carrying out in other spaces.

     We've also built on collaborations that in my day job with Article 19 we've carried out with companies like BlackKnight, like SIDN, which is the Dutch ccTLD manager.

     Also experience doing impact assessments on RFCs in the IETF community.

     So drawing from lessons learned and feedback that we've gotten during community discussions in last year's IGF and the last rights conference where we got a lot of feedback from companies and civil society as like, we put together the methodology and model that is tailored to the ICANN context.  It is something take builds on work done in Work Stream 1 and 2 in the cross-community     Working Group on enhancing ICANN accountability.  Specifically efforts there to identify the salient rights to could be impacted by DNS policy and research from the cross community Working Party on more specifically which elements of the ICANN community have concrete impacts on these rights that have been identified.

     So the methodology over the past year, we have been waiting for the ICANN human rights bylaw to come into effect.  We've made use of this, what would otherwise be a lull to carry out consultations with the different supporting organisations and advisory Committees that make up the ICANN community, trying to ask them, you know, how would this be useful for you?  How could this fit into your decision making processes?  And we've tried to be very iterative and responsive in our modeling in reaction to the feedback that we receive.

     So the process, based on that feedback, the process of carrying out an impact assessment which looks a lot like a questionnaire or something to be included in a policy development process has been designed to be while thorough, not necessarily too time intensive or resource intensive.  That was one of the biggest feedback, elements of feedback that we got from the community.  There is volunteer fatigue and we might need to start smaller and beef it up as we continue down this path of human rights due diligence.

     The process is also designed to be inclusive for not only ICANN old-timers but for other human rights practitioners, researchers or others interested in DNS policy but who might not be accustomed with the very complex and acronym-riddled ecosystem that ICANN is.

     So we have posted both the proposed methodology and the model on our website which is ICANNhumanrights.net if you want to have the look.

     Moving to the opportunities.  What this project and this initiative within the ICANN community, the opportunities it press.  Not only does it involve meaningful inclusion and engagement throughout the process seeking to overcome this company community divide that results in mistrust on both sides and perhaps it could serve to undermine outcomes of the process.  It is a move towards an accountable and transparent process.  This, of course, benefits from the very high standards of transparency that are in place in the ICANN community, having things recorded, translated, having that infrastructure to be able to carry this out in an inclusive and transparent way is worth mentioning.

     So this is also a step towards assessing the human rights impacts of technology on a global scale, which as Tulika mentioned is becoming more and more important.  These companies aren't necessarily bound by geography.  And the tools an lessons learned from ICANN can be applied in other spaces and sectors which would help to contribute to thought leadership and the ongoing attempts to embed human rights commitment in multi-stakeholder governance processes.

     So the challenges.  There are three main challenges.  First, defining rights-holders and conducting outreach to them.  As Tulika mentioned, when your rights-holders are Internet users, 4 billion of them, it's hard to identify who to reach out to and how.

     The second challenge, continuing to look at the concept and need for human rights assessments.  Using Jorge's words, people in the community do not think that ICANN's mission includes any obligation to, well -- it does now include a requirement that we act on human rights but how we act on it is up to debate.

     Human rights impact assessments can be a tool for risk management and self regulation.  Maybe we could find some new allies in trying to re sis further fragmentation through legislation.

     And the third big challenge is getting people involved in the process.  Like I said we have a lot of volunteer fatigue in the ICANN community.  It is a very niche space and the people involved there are very involved and often times over committed and don't have time to jump on board.  Making processes and new initiatives that are he kind of new by friendly is a challenge and something that we are trying to do so that we can have human rights experts and people familiar with other fields come and need into the processes and bring their knowledge to apply to the multi-stakeholder governance initiative.

     And then in CCWP continues to generate resources to highlight the human rights impacts of the DNS.  It is not just privacy and freedom of expression, access to information.  We heard that children's rights is important to the -- there are freedom of association, nondiscrimination, et cetera.

     So continuing to try to generate support and interest in this so that we can get people into the community and contributing to these processes and asking questions and furthering the conversation is a big challenge.  Thanks.

     >> BRUNA SANTOS:  Thank you very much, Collin.  Any questions from the audience?  We have the last six minutes of the panel.  We can do this for any panelist who has joined us so far.  Do we have any questions?

     >> JORGE CANCIO:  Yes, thank you.  Jorge Cancio, for the record.  This is a question more to Collin and, well, to the rest of you also.  How do you imagine this conversation going forward on the human rights impact assessment in the ICANN community?  Could we expect, for instance, in Kobe a cross-community session on this?  Something like that?  It would be good to focus on this and have everyone on board so that we can avoid a parallel processes, parallel discussions.

     >> COLLIN KURRE:  Thanks for the question.  Right now we are in the process of trying to decide which ongoing policy development process will be the target of our first trial HRIA.  That should be done in the next month or two. Hopefully we will have, if not completed one but maybe multiple iterations of trial HRIAs before March which is the next ICANN meeting.  I think that trying to form some sort of cross-community working session, if you would like to team up on that, that would be great because I am anticipating that by the time the human rights bylaw comes into effect which maybe our bore members could shed light on the timeline there?  We will have at least learned some lessons and trials, had the rubber meet the road on these models that we have been talking about for the past six months. 

      Yes, I think there's absolutely a possibility to be able to show not only a demo of what we've done but also perhaps have lessons learned and be able to socialize it even more so we can have it go beyond the supporting name of the organisation and hopefully to other parts of the communities.  Thanks.

     >> AUDIENCE:  Matthew Shears, ICANN Board.  Sadly, I can't give you any light on that particular question but I'm happy to take that away and find out.  I apologize for coming late.  I wanted to say that I was one of those along with Jorge who really pushed to have human rights on the agenda when I was part of the community.  And then I went on to the board.  I have not paid as much attention to it since being on the board but you are raising it in my mind as an important issue.  I would just like to congratulate you and the efforts of the CCWP for bringing this forward and continuing to work on this.  It is a real achievement.  Thanks.

     >> AUDIENCE:  I can add that the issue I have raised in terms of children safety has been worked in the public safety Working Group.  I'm a nongovernmental member of the PSWG.  I do think this could go very well together with the human rights impact assessments.

     >> If I can also make a remark, especially in relation to the maybe volunteer fatigue or other kinds of fatigue or just, I haven't been involved at all in ICANN but it seems like there are --

     >> Come join the party! 

      (Chuckling.)

     >> -- kind of activities taking place.  I feel like one benefit of this framework as well, actually you are working.  That's what we found out when we worked together that you have privacy, you have children's rights.  You have all these efforts that actually or in labour companies addressing your company, you actually are doing a lot of it already.  It is not to say that there is this huge new behemoth that you need to fight or work with.

     You hit on some of the same points and there are other things and blind spots, but just to kind of conceptualize it in that way helps for the fatigue and maybe the initial defensive kind of position to take on a huge new thing.

     I don't know if you felt that way, but that's what I felt, Michelle, when we talked.

     >> MICHELE NEYLON:  Yes, I think the question I think from Jorge about having across-community high interest, whatever the hell they are calling them type thing on this, I think was great because invariably at the ICANN meetings we have these high interest topics where it is basically the same people rehashing the same topics and taking the same positions they have taken for I don't know how many years. 

      Having a conversation about something like this that is actually new, but if you frame it in a way just trying to get away, I think, from some of the terminology that scares the hell out of some of us in business.  What does this have to do with us?  You have to bring it down to the practical and the tangible.  Maybe you can actually have some interesting dialogue and look at something practical.  Again, I say tangible.

     Because the problem with a lot of this stuff is, it is often talked about at a very kind of academic level and then you have people who take real extreme positions on.  On the freedom of speech side, I'm all for freedom of speech but I'm running a business.  I'm not going to defend you forever on certain things.  I can't.  I will be hit with the crazy stuff from certain people I can't mention because every time you mention them, they sue you.  Wonderful.  If you're Irish, you understand this problem.  We have a businessman who sues everybody.

     But it is the kind of conversation, it should be had but it should be focused and practical.  And you know, extracted away from this fuzzy academic layer.

     The kind of conversations we had were very practical.  They were really, okay, literally, you are saying to me if you were a big company you could do this, but you are not.  So this is probably a much more suitable thing to do.  That's like okay, I can wrap my head around this.  That was helpful.  The report you gave us, there's stuff in there and I read and I go:  Yeah, this makes a lot of sense to me.  It's practical.  It is dealing with reality, not kind of fuzzy academic thing.

     The problem with a lot of these conversations it's all up here.  You have to get it back down to the ground.

     >> COLLIN KURRE:  I want to underscore too this is a great framework for working different viewpoints.  You are not going to have 100 percent child rights protection or free expression.  It will be some sort of balancing act.  This is where the multi-stakeholder model of bringing these people together to kind of find the optimal balance is such a great opportunity.

     And within the ICANN community where we have a tendency to kind of retreat into our stakeholder groups, constituencies and then battle it out, it doesn't necessarily have to be a battle here.  We can all be operating within the same framework and trying to find, ultimately achieve what we all want which is a better Internet.

     >> MICHELE NEYLON:  Basically what Collin is discussing is that we have this discussion in the bar.

     (Laughter.)

     >> MICHELE NEYLON:  You add a bit of liquid into the mix and the conversation goes a lot better.

     >> BRUNA SANTOS:  Thank you all very much for being here today.  Thank you to the panelists.  I guess this session is done for now.

Contact Information

United Nations
Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage
Palais des Nations,
CH-1211 Geneva 10
Switzerland

igf [at] un [dot] org
+41 (0) 229 173 678