Internet Safety/Security

Author: Chris Wiersma

The terms internet safety and internet security are closely connected. In the words of the European Commission (2020:1)¹, “[s]ecurity is not only the basis for personal safety, but it also provides the foundation for confidence and dynamism in our economy, our society, and our democracy”. Thus, internet safety/security is perceived as a general policy issue. Both safety and security are connected to a wide range of general policy concerns about worldwide challenges such as crime, health, and safety on an individual level.

Regarding the individual safety and security level, numerous resources draw attention to critical issues concerning a person’s digital presence and legacy, with majors topics such as digital access, as well as the prevention of loss of control being addressed in terms of individual agency. For example, enhanced password-based protections are a common feature of the use of hardware and software, with technology companies or surrounding communities providing solutions that are more and more integrated as a ready-made features for consumers. Widely used accounts such as those offered by Google have the option for a Password Manager located within the Chrome browser application, as well as the offer for setting up an “Inactive Account Manager” (alternatively called a “Dead Man’s Switch”) that could allow tailored access based on the wishes of users in case they choose to abandon their accounts or because of loss control due to physical or other incapacitation. While these solutions require the personal development of digital skills for securely gaining internet access and other aspects of digital literacy, people are helped by extensive review websites around the topics of saftey and security (such as PasswordManager.com),² raising the attention to the importance of adjusting common human behaviours which would allow the prevention of malicious exploitation by certain hackers and other actors on the internet.

However, when the internet infrastructure is perceived as a critical environment, specific security challenges are dealt with by the internet governance measures that are tailored to bring about guarantees surrounding the internet’s technical functioning. Importantly, platforms and other service providers who are tasked with the provision of access to their users play a general role in this sense.

As introduced above, the concept of ‘internet safety/security’ evokes other terms commonly understood as threats in the digital environment. For this reason, many national legislations on regulating misconduct are relevant for this topic. This is reflected in the approach taken in the Convention on Cybercrime (Council of Europe, 2001)³, which aims to have its members maintain, update or introduce substantive criminal law measures to deal with the problem of cybercrime. Regarded as the first international treaty on this topic, this Convention is widely used as a reference for developing law and policy (see for example the site on EU Law on Cybercrime)⁴. In pursuance of developing these solutions, in recent years several soft-law measures have been taken, such as the “EU Code of conduct on countering illegal hate speech online” (European Commission, 2016)⁵. The EU took the initiative for seeking more proactive responses and accountability from major private internet companies. As pointed out by the European Commission (2020:13) ⁶: 

The latest evaluation shows that companies assess 90% of flagged content within 24 hours and remove 71% of the content deemed to be illegal hate speech. However, the platforms need to improve further transparency and feedback to users and to ensure consistent evaluation of flagged content.

With threats being often described as ‘hybrid’ in form, in recent years, many elements of responsiveness to the issues surrounding internet safety and security are leading to the regular renewal of or the adoption of new strategies by different governments all over the world. As an example, the U.S. 2018 “National Cyber Strategy”⁷ presented the intention to increase the imposition of “costs” on all kinds of different players in the internet environment, in order to “deter malicious cyber actors and prevent further escalation” (i2018:2)⁸. The US 2023 National Cyber Security-strategy sought to “make fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace”, with a certain “rebalance” and “realign” approach.⁹. Another example is the Russian Government’s legislative approach from 2019 that put requirements on national internet providers to establish a network that can operate alongside the WWW in case of an attack. This so-called RuNet was envisioned as an obligation for internet providers in Russia by implementing new rules established by the “the Federal law N. 90-FZ on Amendments to Certain Legislative Acts of the Russian Federation (in terms of ensuring the safe and sustainable functioning of the Internet in the territory of the Russian Federation)”¹⁰.

It is likely that more of such new technical safety measures or even new protocols for the technical functioning of the internet will be brought up as policy choices in response to safety and security threats, also on the international level such as ITU. For example, such topics are high on the list for discussion at the World Telecommunication Standardization Assembly – 2020¹¹ (such as a “New IP” protocol system persistently promoted by Huawei and the Chinese Government)¹².

Major policy areas that are related to this term can be found in connection to all the national legal interventions that are responsive to fundamental (human) rights (such as children’s rights) as well as the general issues of cybercrime already pointed to above (such as racism, xenophobia, hate crime, theft, etc). These areas get regular attention in terms of proposals for common legal and regulatory responsibilities, which would be applicable across the internet. In this regard, a notable, legislative initiative is the UKs recently proposed online safety laws as put forward in the “Online Harms White Paper” (2019)¹³, which proposed a broad (statutory) duty of care. See also: harm.

References

Internet Society. (2020). ITU World Telecommunication Standardization Assembly 2020. Available at: https://www.internetsociety.org/resources/doc/2020/itu-wtsa-2020-background-paper/.

ICNL. (2020). Russia. ICNL. Available at: https://www.icnl.org/resources/civic-freedom-monitor/russia. 

Symposium: Online Harms White Paper. (2019). Journal of Media Law. Vol 11, Issue 1; Available at: https://www.tandfonline.com/toc/rjml20/11/1?nav=tocList&.

UK. (2020). UK Government. Joint Ministerial foreword, Online Harms White Paper. Available at: https://www.gov.uk/government/consultations/online-harms-white-paper/online-harms-white-paper#the-harms-in-scope.

UK. (2019). UK Government. Press release. Available at: https://www.gov.uk/government/news/uk-to-introduce-world-first-online-safety-laws. 

1. European Commission. Communication from the commission to the European Parliament, the European Council, the Council, the European Economic and Social Committee and the Committee of the Regions, on the EU Security Union Strategy. Available at:  https://ec.europa.eu/info/sites/info/files/communication-eu-security-union-strategy.pdf.
2. The Password Manager, at https://www.passwordmanager.com/.
3. Council of Europe, Convention on Cybercrime, adopted 23 November 2001, entered into force 1 July 2004, ETS n˚.185. Available at www.coe.int/en/web/conventions/full-list/-/conventions/treaty/005.
4. European Commission. EU Law on Cybercrime. Available at: https://ec.europa.eu/home-affairs/what-we-do/policies/cybercrime_en.
5. European Commission. (2016). The EU Code of conduct on countering illegal hate speech online. Available at: https://ec.europa.eu/info/policies/justice-and-fundamental-rights/combatting-discrimination/racism-and-xenophobia/eu-code-conduct-countering-illegal-hate-speech-online_en.
6. European Commission. Communication from the commission to the European Parliament, the European Council, the Council, the European Economic and Social Committee and the Committee of the Regions, on the EU Security Union Strategy. Available at:  https://ec.europa.eu/info/sites/info/files/communication-eu-security-union-strategy.pdf.
7. The White House/President Trump. (2018). National Cyber Strategy. Available at: https://trumpwhitehouse.archives.gov/wp-content/uploads/2018/09/National-Cyber-Strategy.pdf.
8. Ibid. Examples of the implementation of this strategy by the US government are the executive orders by President Trump (2015-2020) seeking to restrict the possibilities of users to access several (social) media and mobile applications, such as WeChat and TikTok. See: The White House/US President Trump. (2020, August 6). Executive Order on Addressing the Threat Posed by WeChat. Available at https://www.federalregister.gov/documents/2020/08/11/2020-17700/addressing-the-threat-posed-by-wechat-and-taking-additional-steps-to-address-the-national-emergency; and: The White House/US President Trump. (2020, August 6). Executive Order on Addressing the Threat Posed by TikTok. Available at: https://trumpwhitehouse.archives.gov/presidential-actions/executive-order-addressing-threat-posed-tiktok/. These orders against WeChat and TikTok were motivated as being based on national cybersecurity-concerns. A detailed plan to install specific prohibitions was announced in order to specifically limit the offer of the targeted apps in US stores. However, both executive orders have led to further administrative actions and judicial (counter-)measures limiting their execution and the reopening of the access to the US market.
9. The White House/US President Biden. (2023). FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy, Available at: https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/.
10. Russian Federation. (2019). Federal law No. 90-FZ on Amendments to Certain Legislative Acts of the Russian Federation. Available at: http://publication.pravo.gov.ru/Document/View/0001201905010025?index=0&rangeSize=1.
11. World Telecommunication Standardization Assembly. (2020). Available at: https://www.itu.int/en/ITU-T/wtsa20/Pages/default.aspx.
12. Huawei and the Chinese Government. (2019). New IP protocol system. Available at: https://www.itu.int/md/T17-TSAG-C-0083.
13. UK. (2019). Department for Digital Culture, Media & Sport and Home Office. Online Harms White Paper. Available at: https://www.gov.uk/government/consultations/online-harms-white-paper/online-harms-white-paper.