20 September 2016
Over the recent years, with the tremendous proliferation of information and communication technologies (ICTs), the internet has become more and more pervasive and even part of our daily lives, which fuels cybercrime and makes it easier than ever for criminals to operate. Therefore, the security of cyberspace has become a growing concern for most netizens. Indeed, cybersecurity today is more than just protecting your personal computer; it is a serious issue in national and international security. Cybercrime and intentional threats are evolving exponentially with the ongoing development of ICTs and only we expect things to get worse in the years ahead.
Nevertheless, cybersecurity policies may put human rights at stake, notably the freedom of expression, the right to privacy, and the free flow of information. Thus, there is a real need to strike a balance between online security and individual rights around the world, especially in democratic countries. It is worthwhile to note that this balance between two opposite aspirations has been the subject of widespread interest and has been extensively explored over the last years (Mariarosaria 2013).
After overthrowing the dictatorial regime of Ben Ali in January 2011, Tunisia has made a big step toward building a democratic foundation. Using Tunisia as an example of the appropriate move toward democracy, we propose in this paper some key elements for a healthy plan to balance the needs for cybersecurity and online human rights.
Throughout the post-revolution period, Tunisia has been subject to numerous deadly attacks by Islamist extremists, which underscore the urgent need to adopt counterterrorism measures. However, certain online security measures that have been taken by the government to fight cyberterrorism, like internet censorship and
surveillance, infringe civil rights, in particular, the right to privacy, freedom of expression and opinion, and the free flow of information.
In fact, the protection of national security, public interest, and morals has been used as an argument to control internet content; the government has given itself the right to prosecute and jail some bloggers and journalists just for voicing their opinions or publishing information in social media. For instance, Yassine Ayari, a young Tunisian blogger, was sentenced to one year in prison in 2014 for criticizing the army over the internet (The Guardian 2015)
Clearly, such breaches should not be acceptable in a country on the way to democracy. Therefore, Tunisia has to improve its cybersecurity policy, seeking to ensure not only the safety but also the well-being of people by enabling them to be fearless, comfortable, and free, all of which will make them trust the government. When it comes to the national interest, the importance that both cybersecurity and human rights have requires all stakeholders including government, businesses, technical experts, academia, and civil society to join forces in order to reach a fine ethical balance between cybersecurity measures and individual rights.
Natalie and Carolina (2015)
state that civil society is the best actor to defend cybersecurity strategies from a human rights perspective and can play a key role in monitoring government practices. Hence, it will be useful to broaden engagement of citizens in internet governance and cybersecurity in particular, and encourage collaboration with stakeholders around the world by creating a collaborative community where civil society actors meet decision-makers, discuss governmental policies, develop knowledge about cybersecurity issues, and look together for a right strategy that reconciles different interests. In addition,Tunisia has to organize national and international forums on cybersecurity issues to put in the spotlight the challenges of making cybersecurity measures consistent with human rights laws and discuss cybersecurity trends and their impacts on civil rights.
Although Tunisia might be regarded as relatively peaceful,
compared with its troubled neighbors, the latest terror attacks make it urgent to fight cyberterrorism with efficient solutions. In fact, the Tunisian government has taken advantage of the alarming situation caused by the March 2015 Bardo attack to impose intensive surveillance measures in the country. Whereas surveillance seems to be a necessary evil to prevent terrorism, it imperils the privacy of citizens who may feel uncomfortable when they know they are being watched. It may also have grave impacts like fear, chilling effect, and self-censorship, hence why it should be used with caution and clear limits.
Obviously, it is not legitimate to bring all citizens under control under the pretext of protecting them while violating their privacy and freedoms. Thus, the government should focus its efforts only on specific sites like terrorist websites and suspicious users. In any case, this technology must provide an appropriate human rights law justification before its application. A clear list of legitimate aims should be set, in accordance with international agreements, in order to further restrict the number of surveillance targets. Furthermore, the gathered data should be hosted on secure servers and the right to access should be given only to a few persons to keep them as secret as possible. Definitely, the data gathered by the government should not be exploited in any way unless there is a legitimate and justified reason.
In addition, it would be interesting to examine cybersecurity policies worldwide, to take lessons from the unfruitful attempts and be inspired by successful ones, such as the
impressive EU approach to cybersecurity. Emmanuel and Geneviève (2016)
claim that the EU approach is mainly based on internal resilience and is characterized by its enormous respect for civil freedoms and international laws. It also considers the balance between cybersecurity and fundamental rights in European countries as a preponderant objective. Particular attention was paid to the right to privacy and data protection. As stated in (Emmanuel and Geneviève 2016)
, the approach is based on three major principles: First, “the same core values, laws, and norms that apply in the physical world apply also in the cyber domain.” Second, “the internet is a public or collective good that should be available to and accessible by all,” contrary to the UN’s position that access to the internet is not a right but rather a means to exercise other rights. Third, “the governance model for the internet should be democratic and cybersecurity policy should be a shared and multi-stakeholder responsibility.”
Cybercrime is an emerging phenomenon that constitutes a grave threat facing the world today
. The full breadth of this phenomenon has caused an increase in the demand for efficient cybersecurity measures. However, too much security kills security. Whether we admit it or not, cybersecurity constitutes the new battleground for human rights.
Therefore, striking a proper and satisfactory balance between cybersecurity and the protection of citizens’ rights has become a major concern and a real challenge, mainly for democratic countries.
In this paper, we proposed some key elements to reach such a balance in Tunisia, in an attempt to make the country an example of the proper move toward democracy, in particular
in the field of human rights on the internet. We emphasized the need to join forces and the importance to engage the civil society on this issue. We also pointed out that most cybersecurity measures such as surveillance must be used with clear limits and only for legitimate aims. Besides, it would be beneficial to examine the different policies worldwide and learn from them.
Giangiacomo O (2016). Main trends on Cybersecurity. Privacy matters DLA Piper's global privacy and data protection resource, 2 February, Available at http://blogs.dlapiper.com/privacymatters/2016-main-trends-on-cybersecurity/[accessed 31 July 2016].
Greenslade R (2015). Tunisian blogger jailed for 'insulting military high command'. The Guardian, 6 January. Available at https://www.theguardian.com/media/greenslade/2015/jan/06/tunisian-blogger-jailed-for-insulting-military-high-command [accessed 30 July 2016].
Mariarosaria T (2013). Cybersecurity and individual rights, striking the right balance. Philosophy and Technology, 26(4), 353-356.
Natalie G and Carolina R (2015). Cyber security and human rights. Proceedings of the Global Conference on CyberSpace GCCS, The Hague, 16-17 April.
Ms. Nouha Othman is a PhD student in computer science applied to management at ISG Tunis. She has completed the iGmena-DiploFoundation Internet governance capacity building course in August 2016.