A recent study from the Initiative for Freedom of Expression Online – iLEI by its Spanish acronym – from the Center for the Study of Freedom of Expression and Access to Information (CELE) analyzed the growing interest on the part of governments in the region in monitoring the Internet. This interest often turns into regulatory proposals that, despite the good intentions on which they are based, result in negative consequences in those cases that are approved and implemented, specifically when it comes to fundamental rights like privacy and freedom of expression. To avoid this, we propose the need to carry out a human rights impact assessment (HRIA) as an initial step before introducing formal proposals for bills or administrative regulations.
In large part, we approached the iLEI study after learning about several legislative proposals in Argentina that were designed to create mechanisms for online content monitoring or detection. In that study we concluded that content monitoring, particularly in the way that it was proposed in some of the legislative proposals, puts citizens´ fundamental rights at risk and threatens to dismantle the open and pluralist digital environment we know.
In the study we included a general overview of Internet architecture and an analysis of the concept of network control, emphasizing intermediaries and the use of technologies such as deep packet inspection (DPI). We presented both topics (architecture and control), if even simply and briefly, because we observed in many of the legislative proposals we analyzed that the lawmakers or regulatory entities that were proposing the laws didn`t seem to have good information about these technical questions.
To fill this gap, we recommended that bills that seek to establish mechanisms to monitor content on the Internet begin with a HRIA. We also recommended that the results of the impact assessment be included explicitly in the presentation of motives for the initiative.
The idea to carry out these types of impact assessments is not new, and certainly not when it comes to dealing with issues that are technically complex. Since the beginning of the 1970s for those public policies that could have a negative impact on the environment, there has been regulatory legislation in the United States that requires the federal government to evaluate the environmental impact of its decisions and the decisions of the states and private contractors that are financed by the federal government or with which the federal government is involved. The European Union has made these environmental impact assessments obligatory since the mid 1980s for both public and private projects that could have a significant impact on the environment.
Impact studies are already required in many places for projects that could affect privacy. These studies, known as “privacy impact assessments” (PIA) have been identified as obligatory in different government offices in the United Kingdom. In fact, the Information Commissioner´s office has prepared several guides on how assessments should be carried out.
In conclusion, the need to have impact assessments before implementing public policies has been underway for many years. Because of this, our proposal is to learn from these cases and the benefits that have come from impact assessments to be able to demand them for those public policies related to Internet, particularly when it comes to proposals for mechanisms for monitoring online content. In this way, there would be a sort of “self control” of legislators and regulatory bodies: before any kind of proposal is made, it would be important to have a HRIA made by experts or specialized bodies.