[cc-humanrights] Another rights-related law becomes applicable to ICANN?

Collin Kurre collin at article19.org
Fri Jul 27 09:40:00 UTC 2018 

Dear colleagues,

I’m resurrecting this thread to share some tangentially related news I stumbled across recently: 

First, the EU Parliament adopted a resolution on the rights of indigenous peoples <http://www.europarl.europa.eu/sides/getDoc.do?type=REPORT&mode=XML&reference=A8-2018-0194&language=EN> this week calling for the EU to: "fulfill its extraterritorial duties related to human rights”, create legislation to prevent and sanction violations, and “devise clear rules of conduct and regulatory frameworks for extraterritorial action by companies and investors that fall within its jurisdiction” (see 48). While these provisions exclusively relate to the protection of indigenous peoples and local communities, the thrust behind them seems to support the trend toward application of laws based on non-territorial conditions that Raphaël observed in his recent CCWP-HR post <https://icannhumanrights.net/icann-gdpr-human-rights/>. 

Meanwhile, in the UK, a criminal and regulatory litigation firm published a blog post <https://www.corkerbinning.com/holding-companies-criminally-liable-for-human-rights-abuses/> outlining ways that companies may be held criminally liable for human rights abuses, wherever they may occur. Again, this is only marginally related, but potentially of interest considering that the 2018 UK Data Protection Act introduced some criminal offenses for unlawfully obtaining personal data, among other things. The threat of fines + criminal liability will be a very effective motivator if, as the post implies, the “legislative appetite” continues in this direction.

Comments welcome on this Friday food for thought, especially from the lawyers (which I am not).

Have a nice weekend,
Collin

--
Collin Kurre
ARTICLE 19




> On Jul 5, 2018, at 8:43 PM, Raphaël BEAUREGARD-LACROIX <raphael.beauregardlacroix at sciencespo.fr> wrote:
> 
> Dear Collin, all,
> 
> This is indeed timely and I find the call to "holisticism" (if there is such a thing, or is it holism?) quite relevant. 
> 
> That being said I also think it is important to remain as focus and concrete as possible, which I do not think is incompatible with being holistic. Certainly, the Californian CPA will provide, on a theoretical and practical level, an interesting comparative perspective, contrasting with the GDPR. 
> 
> I suppose the most rational and straightforward path here is that ICANN (org and comm) should hold itself to the highest of standards, in case anyone else besides the EU and California would have the idea to follow up with further developments of data protection law...
> 
> Best, 
> 
> On 5 July 2018 at 17:41, Collin Kurre <collin at article19.org <mailto:collin at article19.org>> wrote:
> Dear colleagues,
> 
> You might be interested to hear that the California passed new data protection legislation last week, the 2018 Consumer Privacy Act. For those interested, the International Association of Privacy Professionals (IAPP) has produced a comprehensive overview of the new law: https://iapp.org/news/a/analysis-the-california-consumer-privacy-act-of-2018/ <https://iapp.org/news/a/analysis-the-california-consumer-privacy-act-of-2018/> 
> I found the following excerpt from their analysis particularly relevant to ICANN:
> 
> "Some companies implemented many of their new privacy protection measures worldwide in the hopes of being able to avoid having to make further jurisdiction-specific updates for a while. The passage of the California Consumer Privacy Act has now raised the question as to whether these measures will be sufficient to the extent they reach California residents with their GDPR-related compliance measures. Unfortunately, the answer is largely, ‘No.’ 
> 
> Global companies can and should try to address the requirements of the California Consumer Privacy Act, EU GDPR and other privacy regimes simultaneously and holistically in the interest of efficiency.” 
> 
> The Human Rights Bylaw <https://www.icann.org/resources/pages/governance/bylaws-en> (which will come into effect when the WS2 recommendations are approved, likely in Q4 of this year) states that ICANN should be guided by the core value of “respecting internationally recognized human rights as required by applicable law.” 
> 
> The HR FoI <https://community.icann.org/display/WEIA/Documents?preview=/59641302/79437270/CCWG-Accountability-WS2-HumanRight-FinalReport-20171106%5B1%5D.pdf> recognizes that the notion of applicable law “is a dynamic concept inasmuch as laws, regulations, etcetera, change over time.” However, based on the GDPR experience, it seems like waiting for rights-related laws to become applicable may not be the best strategy in the long run. 
> 
> Once the bylaw comes into effect, ICANN org and each SO and AC will be required to develop policies and frameworks to take human rights into account and avoid human rights violations in policy-development and decision-making processes. Some have perceived this as an additional administrative burden, though it’s hard to contest the bylaw's relevance given the amount of time the community has spent discussing access, accreditation, EPDPs, and other topics spawned by GDPR, a piece of privacy — and therefore human rights-related — legislation.
> 
> I therefore see strategic potential in developing new compliance mechanisms for the human rights bylaw. Just as corporate human rights impact assessments serve to identify gaps and mitigate risks, multistakeholder ICANN HRIAs should be devised and incorporated to promote more holistic, efficient, and proactive self-governance.
> 
> Thoughts and comments are certainly welcome! And as a reminder, you can find a few resources on related work on the ICANN Human Rights website, here: https://icannhumanrights.net/documents/ <https://icannhumanrights.net/documents/> 
> 
> 
> Warm regards,
> Collin
> 
> --
> Collin Kurre
> ARTICLE 19
> 
> 
> 
> 
> 
> _______________________________________________
> cc-humanrights mailing list
> cc-humanrights at icann.org <mailto:cc-humanrights at icann.org>
> https://mm.icann.org/mailman/listinfo/cc-humanrights <https://mm.icann.org/mailman/listinfo/cc-humanrights>
> 
> 
> 
> 
> -- 
> Raphaël Beauregard-Lacroix
> LinkedIn <https://www.linkedin.com/in/rapha%C3%ABl-beauregard-lacroix-88733786/> - @rbl0012 <https://twitter.com/rbl0112>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cc-humanrights/attachments/20180727/3005116f/attachment.html>

More information about the cc-humanrights mailing list