On June 17, 2024, Access Now joined the Shaping Cybersecurity Conference in Berlin, Germany, hosted by the German Federal Foreign Office (AA), the Institute for Peace Research and Security Policy (IFSH) and the Digital Society Institute (DSI). This event brought together experts to discuss the challenges posed by China’s cyber operations and technological ambitions, outlining how China’s extensive cyber operations underscore the need for countries to strengthen their cyber defenses amid heightened geopolitical tensions.
Access Now’s Executive Director Brett Solomon, delivered the following speech:
I am conscious that as I speak on this topic, I do so as someone who is neither Chinese nor on the frontlines of digital repression. I’m Australian and from the Asia Pacific (where the geographical impact of China is more than obvious — think of the Solomon Islands) but it’s important that we take time to talk to those who are impacted directly, if we are to discuss the unchecked human rights crisis that millions of Chinese and other minorities are facing.
As you think, or rethink, your China policy, I would encourage you in the development of your policies to have those direct conversations with affected populations, because only via genuine dialogue with these communities will the answers reveal themselves.
As you can see from the program, I am here to speak of human rights, the subject that drives my organization, Access Now, which defends and extends the digital rights of people and communities at risk — since 2009. We have 15 years of experience to share.
I am glad that the German government has put human rights at the very top of the agenda of this conference. I am the first keynote speaker today and that says a lot. We are not the final paragraph in a long geopolitical article, but the opening paragraph. And for that I would like to thank the Head of the Cyber Policy Coordination Staff, John Reyels, and the Cyber Ambassador at the German Federal Foreign Office, Ambassador Regine Grienberger, for making this possible. It is not normal, let me assure you.
Of late, the international community has been too afraid, too reluctant, too indifferent, and/or too self-censoring to make human rights the, or even a, pillar of engagement with China. Instead economic opportunity, a “don’t poke the panda approach to geopolitics,” and the hope that the Chinese middle class will purse liberal and democratic ideals, have been seen as a better investment; with improvement in human rights and the spread of the global democratic community expected to miraculously happen alongside this model.
It’s 2024 and the opposite is true. Governments and companies are frantically de-risking their relationship with China today as a means of managing failed engagement and containment policy of the past.
Neither geopolitical nor economic certainty has been achieved; instead unbridled rights denials at home in China are on the rise — and now those very same policies are extending across borders, along the Digital Silk Road right into the heart of Europe.
Something has got to change.
Human rights protection requires sophisticated and dedicated engagement over the long haul, and as we head to the Summit of the Future and the Global Digital Compact, we need to think of a multi-generational timeline in the same way that the Chinese government does.
Our challenge now is to de-risk the system of human rights violations, because in doing so we can create economic certainty, cybersecurity, what is right, and human rights protection all at once.
And to do that human rights need to come first — as they are at this conference. Not just because it is the right thing to do. But because it is in your interests.
Because if we address the rights violations head on, we attack the root cause of the problem, which is the PRC’s approach to control and power. And what lies at the heart of that is the necessary denial of the human rights of others that would challenge that power.
It is this mindset of rights denial and control that informs China’s digital and cyber policies. The disinformation that is timed to confuse voters of other jurisdictions, the weakening of rights-respecting cyber norms, the violation of transnational protections, and the attacks on minority and opposition populations; all come from the same place.
So to address them, we need to start from the same place: with the human rights framework of international law and precedent, and not just geo-politics, economic power, and national security, as the lens.
Who’s in?
Before you all raise your hands, let me run through the ten manifestations of not addressing China’s human rights track record in the digital age, so that you see what I mean; so you see the cyber cost today of our human rights inaction in the past.
- The Great Firewall model (that Western companies had a hand in building) has been allowed to flourish and is now adopted the world over — by Iran, Russia, and North Korea, placing hundreds of millions more people behind the firewall.
- The export of China’s censorship tools has meant that governments of Ethiopia and Zimbabwe, to name just two, are enacting online content restrictions, emulating China’s approach to digital repression.
- China’s deployment of advanced facial recognition systems for mass surveillance, such as those in Xinjiang and Tibet, which are created and exported with the support of Hikvision, Huawei, and Dahua; companies that inform your own 5G networks.
- The social credit system that tracks and rates citizen behavior — a massive denial of human rights — has been marketed and adopted in countries interested in maintaining social order via algorithmic surveillance and privacy violations.
- China’s draconian national cybersecurity laws, that require companies to store personal data collected in China within its borders, have given birth to the concept of “cyber sovereignty,” language that is mimicked by European governments, and will lead to the death of the global internet and the institutionalization of the so-called splinternet.
- The global attack on encryption. In the name of power, control, and human violations, the PRC’s cyber regulations create mandatory backdoors, which weaken global cybersecurity efforts and set an alarming global standard for state surveillance.
So you can see how China’s approach to human rights has manifested in the world. It is this same rights-infringing mindset that pushed:
- The Chinese to exponentially shape norms at international standards bodies, including on 5G and beyond, raising concerns regarding data security and espionage across the West. And this same mindset informs the negotiations of the Global Cybercrime Treaty, which is being negotiated as we speak.
- It has resulted in the Digital Silk Road that includes generational investments in Chinese digital infrastructure across Asia, Africa, and Europe — leading to an expansion of China’s internet censorship and surveillance practices in partner countries.
- It powers the Hack for Hire model, which was on display for all to see with i-SOON leaks on GitHub which include foreign espionage, domestic surveillance, and influence campaigns. From 2020 to 2022, the company hacked over 100 organizations across 40 countries, presenting a clear warning to the globe: China’s encroachment on digital rights is a cross-border threat.
- And perhaps most worrying, it underpins China’s approach to AI that risks bias and embeds surveillance-by-design into systems, including those for export.
We have ceded territory.
We must get back on track, otherwise these ten human rights threats will be hard coded as ten threats to cyber resilience and to the international legal order, and as the digital consequences of geopolitical tensions.
The three themes of this conference.
So what are we going to do about it?
There are four ideas for a proactive agenda for policymakers that I would like to propose. Come talk to us through today to discuss these further.
1. Accountability for China starts with accountability at home. Countries that do not themselves have strong data protection frameworks in place, or have a unclear record of surveillance practices, or have not taken sufficient action to rein in exporters of surveillance tech in their own country, need to get their own house in order as part and parcel of their strategy for countering China’s harmful policies. For example, domestic cybersecurity and data governance frameworks must be in place to prevent Chinese hacking and cyber espionage. How can the U.S. claim on privacy rights when it doesn’t even have an overarching privacy law to protect its own citizens?
2. Protect vulnerable populations who require protection, including in the Chinese diaspora. As outlined in Germany’s strategy on China, Germany should assist those affected by China’s cyber tactics or threats. Access Now urges Germany to honor its pledge by providing safe spaces for human rights defenders, ensuring their voices are amplified. It should also commit to supporting civil society organizations that strengthen and defend human rights in the digital age.
3. Always stand firm on human rights — you are on solid ground. And use your influence in global norms and standards: By promoting standards that prioritize surveillance and control, China challenges the principles of an open, secure, and interoperable internet. Your engagement in international platforms is essential in advocating for rights-based approaches and democratic oversight in cyberspace governance. The current Cybercrime Treaty, the Global Digital Compact, and the ITU all come to mind.
4. Ensuring human rights-centric leadership on emerging technologies: You have a responsibility for setting human rights standards for developing and using emerging technologies such as artificial intelligence, 5G, and facial recognition. The protections established today on emerging tech will pay dividends of AI tomorrow.
In conclusion, please do not see the human rights framework as ancillary to cybersecurity; it lies at the very heart of it. We have to be in this for the long haul. China is.
I have confidence that the roll out of our digital future, with grit, perseverance, and a touch of self-interest, can refocus the international human rights framework as the bedrock of global cyber policy.
Thank you.
This post was originally published on 3rd party site mentioned in the title of this site
