Human Rights Protocol Considerations - Report
draft-doria-hrpc-report-00
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
|
|
|---|---|---|---|
| Author | avri doria | ||
| Last updated | 2015-10-18 | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-doria-hrpc-report-00
Human Rights Protocol Consideration RG A. Doria (ed)
Internet-Draft Technicalities
Intended status: Informational October 18, 2015
Expires: April 20, 2016
Human Rights Protocol Considerations - Report
draft-doria-hrpc-report-00
Abstract
This document present an overview of the project to map engineering
concepts at the protocol level that may be related to promotion and
protection of the freedom of expression and association.
This first draft is intended to provide the framework for reporting
on the study, initial results and basic considerations. At a later
stage it will fold in the work being done in the Methodology and
Glossary drafts as well as the work being done in the case studies.
It also folds in some of the text included in the original proposal
for the HRPC.
Discussion on this draft at: hrpc@irtf.org //
https://www.irtf.org/mailman/admindb/hrpc
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 20, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
Doria (ed) Expires April 20, 2016 [Page 1]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Background . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Link between protocols and human rights . . . . . . . . . . . 4
3.1. Discussion of Universal Declaration of Human Rights
(UDHR) and Internet Architecture . . . . . . . . . . . . 5
3.2. Theory . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.3. Other relevant research . . . . . . . . . . . . . . . . . 6
4. Methodology . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Case Studies . . . . . . . . . . . . . . . . . . . . . . . . 6
5.1. DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
5.2. IP . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.3. HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.4. XMPP . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.5. P2P . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
6. Possible areas for protocol considerations . . . . . . . . . 7
7. Next Steps . . . . . . . . . . . . . . . . . . . . . . . . . 8
8. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 8
9. IANA considerations . . . . . . . . . . . . . . . . . . . . . 8
10. Security Considerations . . . . . . . . . . . . . . . . . . . 8
11. Informative References . . . . . . . . . . . . . . . . . . . 8
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11
1. Background
The recognition that human rights have a role in Internet policies
has become part of the general discourse. Several reports from
former United Nations (UN) Special Rapporteur on the promotion and
protection of the right to freedom of opinion and expression, Frank
La Rue, have made such relation explicit, which lead to the approval
of the landmark resolution "on the promotion, protection and
enjoyment of human rights on the Internet" at the UN Human Rights
Council (HRC). And, more recently, to the resolution "The right to
privacy in the digital age" at the UN General Assembly. The
NETmundial outcome document affirms that human rights, as reflected
in the Universal Declaration of Human Rights [UDHR], should underpin
Internet governance principles. Recently the UNESCO report:
Doria (ed) Expires April 20, 2016 [Page 2]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
Keystones to foster inclusive Knowledge Societies [UNESCO] focused on
the importance of developing the Internet on the basis of human
rights principles.
Nevertheless, the direct relation between Internet Standards and
human rights is still something to be explored and more clearly
demonstrated.
Concerns for freedom of expression and association were a strong part
of the world-view of the community involved in developing the first
Internet protocols. Apparently, by intention or by coincidence, the
Internet was designed with freedom and openness of communications as
core values. But as the scale and the commercialization of the
Internet has grown, the influence of such world-views had to compete
with other values, such as ease of development and cost. The purpose
of this research is to discover and document the consideration
involved in taking human rights into account when creating protocols.
In a manner similar to the work done for RFC 6973 [RFC6973] on
Privacy Consideration Guidelines, the premise of this research is
that some standards and protocols can solidify, enable or threaten
human rights.
As stated in RFC 1958 [RFC1958], the Internet aims to be the global
network of networks that provides unfettered connectivity to all
users at all times and for any content. Open, secure and reliable
connectivity is essential for rights such as freedom of expression
and freedom of association, as defined in the Universal Declaration
of Human Rights [UDHR]. Therefore, considering connectivity as the
ultimate objective of the Internet, this makes a clear case that the
Internet is not only an enabler of human rights, but that human
rights lie at the basis of, and are ingrained in, the architecture of
the network.
An essential part of maintaining the Internet as a tool for
communication and connectivity is security. Indeed, "development of
security mechanisms is seen as a key factor in the future growth of
the Internet as a motor for international commerce and communication"
RFC 1984 [RFC1984] and according to the Danvers Doctrine RFC 3365
[RFC3365], there is an overwhelming consensus in the IETF that the
best security should be used and standardized.
In RFC 1984 [RFC1984], the Internet Architecture Board (IAB) and the
Internet Engineering Steering Group (IESG), the bodies which oversee
architecture and standards for the Internet, expressed: "concern by
the need for increased protection of international commercial
transactions on the Internet, and by the need to offer all Internet
users an adequate degree of privacy." Indeed, the IETF has been
Doria (ed) Expires April 20, 2016 [Page 3]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
doing a significant job in this area [RFC6973] [RFC7258], considering
privacy concerns as a subset of security concerns. [RFC6973]
Besides privacy, it should be possible to highlight other aspects of
connectivity embedded in standards and protocols that can have human
rights considerations. This report focuses on freedom of expression
and the right to association and assembly online.
2. Terminology
Currently defined in draft-dkg-hrpc-glossary to be folded in at
appropriate time.
3. Link between protocols and human rights
- Include discussion of value laden engineering as discussed in
[Cath].
This work discusses four basic architectural principles that are
encoded in Internet Technology:
- Openness, Permissionless Innovation, and Content Agnosticism
- Interoperability
- Redundancy and the Distributed Architecture
- The End-to-End Principle
The work by Cath explores the relationship of the architectural
principles to the human right of freedom of expression and asks
whether the IETF has an repsonsiblity toward human rights. The fact
that there is documentation of normative principles among the body of
work of the IETF, is an indication that ethics are sometimes seen as
within the purview of IETF consideraitons. The research question
asked by the work is:
"Should the right to freedom of speech be instantiated in the
protocls and standards of the Internet Engineering Task Force?"
Becasue of the threat of fragmentation by countries that do not
accept human rights, the answer given to the research question is
negative: human rights should not be instantiated in the Interent in
order to avoid fragmentation. Care must be taken to avoid making the
protocols political targets. On the other hand the principles that
are encoded in the Internet do make it better at enabling rights.
This encourages work such as the work done for privacy considerations
Doria (ed) Expires April 20, 2016 [Page 4]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
in the IETF and the research being done on protocol consideration for
the freedoms of expression and association.
- Include discussion of "Values and Networks" work by Roland Bless
tbd
- Include discussion of principles from NetMundial Multistakeholder
Statement
tbd
3.1. Discussion of Universal Declaration of Human Rights (UDHR) and
Internet Architecture
This project is focused on two rights defined in the UDHR [UDHR],
Article 19 on Freedom of Expression and Article 20 of Freedom of
Association.
Article 19 Everyone has the right to freedom of opinion and
expression; this right includes freedom to hold opinions without
interference and to seek, receive and impart information and ideas
through any media and regardless of frontiers.
Article 20 1 Everyone has the right to freedom of peaceful assembly
and association.
2 No one may be compelled to belong to an association.
3.2. Theory
When looking at protocols the considerations can apply from several
perspectives.
- The protocol's direct effects on human rights on the Internet.
- The protocol's direct effect on human rights in combination with
other protocols
- The effect of specific protocol elements, separately or in
combination with other protocol elements on human rights on the
Internet
- The ability to determine when various effects are occurring, i.e.
transparency
- The effect of deployment or non deployment. While this may be may
seem beyond the protocol itself, often the design of protocol, its
Doria (ed) Expires April 20, 2016 [Page 5]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
difficulty in implementation and the degree to which it contains
required elements, poison pills or other protocol artifacts that
either encourage or discourse implementation or deployment can be
significant in the overall human rights affect of a protocol.
3.3. Other relevant research
TBD : Look at, and summarize some of the academic research on the
topic including Ian Brown [Brown], Laura Denardis [Denardis], David
Post [Post], Jonathan Zittrain [Zittrain] among others.
4. Methodology
Currently defined in detail in draft-varon-hrpc-methodolgy to be
folded in at appropriate time. this will largely be a reproduction
of Section 3 of that document that focuses on the methodology
Briefly methodology has included:
- scoping the research problem
- determining terminology to be use linking engineering and human
rights concepts
- establishing methodology
- case studies on a set of protocols
- derivation of possible considerations
5. Case Studies
In each of the case studies, the behavior of the protocols is
analysed for its positive and negative effects. In some case these
effects are due to the design of the protocol itself, in others they
are due to existing or absent features.
Early versions of the analysis on the following protocols are
currently being discussed on HRPC list. Once the discussions have
matured those discussions will be folded in this section.
5.1. DNS
Text being done by Will Scott on the HRPC list, current snapshot
included in [HRPC-Method].
Doria (ed) Expires April 20, 2016 [Page 6]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
5.2. IP
Text being done by Will Scott on HRPC list, current snapshot included
in [HRPC-Method].
5.3. HTTP
Text being done by Nex / Claudio on HRPC list, current snapshot
included in [HRPC-Method].
5.4. XMPP
Text being done by Will Scott on HRPC list, current snapshot included
in [HRPC-Method].
5.5. P2P
Text being done by Nex on HRPC List, current snapshot included in
[HRPC-Method].
6. Possible areas for protocol considerations
The case studies point to several areas of protocol behavior that may
be appropriate for considerations:
- Character encoding for internationalization
- DNS Record
o Distortion
o Injection
o Removal
- Network Poisoning
- Traffic
o Interception
o Manipulation
o Throttling
- User Identification
o Source and Destination visibility
Doria (ed) Expires April 20, 2016 [Page 7]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
o Tracking
Additionally, discussion of the rights themselves and the evidence of
these rights being implicit in the IETF design principles [Clark] and
in some of the existing architecture and protocols, [Cath] and
[Liddicoat] suggest other considerations. [Cath] recommends that
adhereing to the four fundamental architectural principles discussed
above is a first step.
7. Next Steps
Once the first take at consideration are defined, what are the next
steps for creating something that can be useabble for protocol
designers and implementers in considering the human rights of freedom
of expression and freedom of association in their work.
8. Acknowledgement
tbd : A section that includes mention the many contributors of text
as well as commenters and those who are assisitng this project in
existing.
9. IANA considerations
There shouldn't be any.
10. Security Considerations
There shouldn't be any.
11. Informative References
[Blumenthal]
Blumenthal, M. and D. Clark, "Rethinking the design of the
Internet The end-to-end arguments vs. the brave new
world", ACM Transactions on Internet Technology, Vol. 1,
No. 1, August 2001, pp 70-109. , 2001.
[Brown] Brown, I. and C. Marsden, "Regulating Code Good Governance
and Better Regulation in the Information Age", 2013.
[Cath] Cath, C., "A case study of codeing rights", 2015.
[Clark] Clark, D., "The Design Philosophy of the DARPA Internet
Protocols", Proc SIGCOMM 88, ACM CCR Vol 18, Number 4,
August 1988, pp. 106-114. , 1988.
Doria (ed) Expires April 20, 2016 [Page 8]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
[Denardis]
Denardis, L., "Protocol Politics", 2013.
[Galloway]
Alexander Galloway, ., "Protocol", 2006.
[HRPC-GLOSSARY]
ten Oever, N., Doria, A., and D. Gillmor, "Human Rights
Protocol Considerations Glossary", 2015,
<https://www.ietf.org/id/draft-dkg-hrpc-glossary-00.txt>.
[HRPC-Method]
Varon, J. and C. Cath, "Human Rights Protocol
Considerations Methodology", 2015,
<https://www.ietf.org/id/draft-varon-hrpc-methodology-
00.txt>.
[Liddicoat]
Liddicoat, J. and A. Doria, "Human Rights and Internet
Protocols", n.d., <https://www.apc.org/en/pubs/human-
rights-and-internet-protocols-comparing-proc>.
[Post] Post, D., "Internet Infrastructure and IP Censorship",
2015, <http://www.ipjustice.org/digital-rights/
internet-infrastructure-and-ip-censorship-bydavid-post/>.
[RFC1958] Carpenter, B., Ed., "Architectural Principles of the
Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996,
<http://www.rfc-editor.org/info/rfc1958>.
[RFC1984] IAB and , "IAB and IESG Statement on Cryptographic
Technology and the Internet", BCP 200, RFC 1984,
DOI 10.17487/RFC1984, August 1996,
<http://www.rfc-editor.org/info/rfc1984>.
[RFC2026] Bradner, S., "The Internet Standards Process -- Revision
3", BCP 9, RFC 2026, DOI 10.17487/RFC2026, October 1996,
<http://www.rfc-editor.org/info/rfc2026>.
[RFC2639] Hastings, T. and C. Manros, "Internet Printing
Protocol/1.0: Implementer's Guide", RFC 2639,
DOI 10.17487/RFC2639, July 1999,
<http://www.rfc-editor.org/info/rfc2639>.
[RFC2919] Chandhok, R. and G. Wenger, "List-Id: A Structured Field
and Namespace for the Identification of Mailing Lists",
RFC 2919, DOI 10.17487/RFC2919, March 2001,
<http://www.rfc-editor.org/info/rfc2919>.
Doria (ed) Expires April 20, 2016 [Page 9]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
[RFC3365] Schiller, J., "Strong Security Requirements for Internet
Engineering Task Force Standard Protocols", BCP 61,
RFC 3365, DOI 10.17487/RFC3365, August 2002,
<http://www.rfc-editor.org/info/rfc3365>.
[RFC5890] Klensin, J., "Internationalized Domain Names for
Applications (IDNA): Definitions and Document Framework",
RFC 5890, DOI 10.17487/RFC5890, August 2010,
<http://www.rfc-editor.org/info/rfc5890>.
[RFC5891] Klensin, J., "Internationalized Domain Names in
Applications (IDNA): Protocol", RFC 5891,
DOI 10.17487/RFC5891, August 2010,
<http://www.rfc-editor.org/info/rfc5891>.
[RFC5892] Faltstrom, P., Ed., "The Unicode Code Points and
Internationalized Domain Names for Applications (IDNA)",
RFC 5892, DOI 10.17487/RFC5892, August 2010,
<http://www.rfc-editor.org/info/rfc5892>.
[RFC5893] Alvestrand, H., Ed. and C. Karp, "Right-to-Left Scripts
for Internationalized Domain Names for Applications
(IDNA)", RFC 5893, DOI 10.17487/RFC5893, August 2010,
<http://www.rfc-editor.org/info/rfc5893>.
[RFC6162] Turner, S., "Elliptic Curve Algorithms for Cryptographic
Message Syntax (CMS) Asymmetric Key Package Content Type",
RFC 6162, DOI 10.17487/RFC6162, April 2011,
<http://www.rfc-editor.org/info/rfc6162>.
[RFC6783] Levine, J. and R. Gellens, "Mailing Lists and Non-ASCII
Addresses", RFC 6783, DOI 10.17487/RFC6783, November 2012,
<http://www.rfc-editor.org/info/rfc6783>.
[RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J.,
Morris, J., Hansen, M., and R. Smith, "Privacy
Considerations for Internet Protocols", RFC 6973,
DOI 10.17487/RFC6973, July 2013,
<http://www.rfc-editor.org/info/rfc6973>.
[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Message Syntax and Routing",
RFC 7230, DOI 10.17487/RFC7230, June 2014,
<http://www.rfc-editor.org/info/rfc7230>.
Doria (ed) Expires April 20, 2016 [Page 10]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
DOI 10.17487/RFC7231, June 2014,
<http://www.rfc-editor.org/info/rfc7231>.
[RFC7232] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Conditional Requests", RFC 7232,
DOI 10.17487/RFC7232, June 2014,
<http://www.rfc-editor.org/info/rfc7232>.
[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
RFC 7234, DOI 10.17487/RFC7234, June 2014,
<http://www.rfc-editor.org/info/rfc7234>.
[RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Authentication", RFC 7235,
DOI 10.17487/RFC7235, June 2014,
<http://www.rfc-editor.org/info/rfc7235>.
[RFC7236] Reschke, J., "Initial Hypertext Transfer Protocol (HTTP)
Authentication Scheme Registrations", RFC 7236,
DOI 10.17487/RFC7236, June 2014,
<http://www.rfc-editor.org/info/rfc7236>.
[RFC7237] Reschke, J., "Initial Hypertext Transfer Protocol (HTTP)
Method Registrations", RFC 7237, DOI 10.17487/RFC7237,
June 2014, <http://www.rfc-editor.org/info/rfc7237>.
[RFC7258] Farrell, S. and H. Tschofenig, "Pervasive Monitoring Is an
Attack", BCP 188, RFC 7258, DOI 10.17487/RFC7258, May
2014, <http://www.rfc-editor.org/info/rfc7258>.
[UDHR] United Nations General Assembly, "The Universal
Declaration of Human Rights", 1948,
<http://www.un.org/en/documents/udhr/>.
[UNESCO] "Keystones to foster inclusive Knowledge Societies", 2015.
[Zittrain]
Zittrain, J., "The Future of the Internet And How to Stop
It", 2008.
Author's Address
Doria (ed) Expires April 20, 2016 [Page 11]
Internet-DraftHuman Rights Protocol Considerations - Report October 2015
Avri Doria
Technicalities
EMail: avri@acm.org
Doria (ed) Expires April 20, 2016 [Page 12]