Human Rights Protocol Considerations Research Group N. ten Oever
Internet-Draft Univeristy of Amsterdam
Intended status: Informational G. Perez de Acha
Expires: October 18, 2021 Derechos Digitales
S. Couture
Universite de Montreal
M. Knodel
Center for Democracy & Technology
April 16, 2021
Freedom of Association on the Internet
draft-irtf-hrpc-association-08
Abstract
This document discusses the relationships between the Internet
architecture and the ability of people to exercise their right to
peaceful assembly and the right to association online. The Internet
increasingly mediates our lives, our relationships, and our ability
to exercise our human rights. As a global assemblage, the Internet
provides a public space, yet it is predominantly built on private
infrastructure. Since Internet protocols and architecture play a
central role in the management, development, and use of the Internet,
we analyze the relation between protocols, architecture, and the
rights to assemble and associate to mitigate infringements on those
rights.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 18, 2021.
ten Oever, et al. Expires October 18, 2021 [Page 1]
Internet-Draft FoA April 2021
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Vocabulary used . . . . . . . . . . . . . . . . . . . . . . . 3
3. Research question . . . . . . . . . . . . . . . . . . . . . . 5
4. Methodology . . . . . . . . . . . . . . . . . . . . . . . . . 5
5. Literature Review . . . . . . . . . . . . . . . . . . . . . . 6
5.1. FAA definition and core treaties . . . . . . . . . . . . 6
5.2. FAA in the digital era . . . . . . . . . . . . . . . . . 9
5.3. Specific questions raised from the literature review . . 13
6. Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 13
6.1. Got No Peace: Spam and DDoS . . . . . . . . . . . . . . . 14
6.1.1. Spam . . . . . . . . . . . . . . . . . . . . . . . . 15
6.1.2. DDoS . . . . . . . . . . . . . . . . . . . . . . . . 16
6.2. Holistic Agency: Mailing Lists and Spam . . . . . . . . . 16
6.2.1. Mailing lists . . . . . . . . . . . . . . . . . . . . 16
6.2.2. Spam . . . . . . . . . . . . . . . . . . . . . . . . 17
6.3. Civics in Cyberspace: Messaging, Conferencing, and
Networking . . . . . . . . . . . . . . . . . . . . . . . 17
6.3.1. Email . . . . . . . . . . . . . . . . . . . . . . . . 17
6.3.2. Mailing lists . . . . . . . . . . . . . . . . . . . . 18
6.3.3. IRC . . . . . . . . . . . . . . . . . . . . . . . . . 18
6.3.4. WebRTC . . . . . . . . . . . . . . . . . . . . . . . 18
6.3.5. Peer-to-peer networking . . . . . . . . . . . . . . . 19
6.4. Universal Access: The Web . . . . . . . . . . . . . . . . 21
6.5. Block Together Now: IRC and Refusals . . . . . . . . . . 22
7. Conclusions: Can we learn anything from the previous case
studies? . . . . . . . . . . . . . . . . . . . . . . . . . . 23
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 24
9. Security Considerations . . . . . . . . . . . . . . . . . . . 24
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24
11. Research Group Information . . . . . . . . . . . . . . . . . 24
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 24
ten Oever, et al. Expires October 18, 2021 [Page 2]
Internet-Draft FoA April 2021
12.1. Informative References . . . . . . . . . . . . . . . . . 24
12.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32
1. Introduction
We shape our tools and, thereafter, our tools shape us. 
- John Culkin (1967)
Article 21 of the Covenant protects peaceful assemblies wherever they
take place: outdoors, indoors and online; in public and private spaces;
or a combination thereof.
- General Comment 37 of the Human Rights Committee (2020)
In the digital age, the exercise of the rights of peaceful assembly and
association has become largely dependent on business enterprises,
whose legal obligations, policies, technical standards, financial models
and algorithms can affect these freedoms.
- Annual Report to the UN Human Rights Council by the Special
Rapporteur on the rights to freedom of peaceful assembly and
of association (2019).
The current draft continues the work started in "Research into Human
Rights Protocol Considerations" [RFC8280] by investigating the impact
of Internet protocols on a specific set of human rights, namely the
right to peaceful assembly and the right to association. Taking into
consideration the international human rights framework regarding the
human right to peaceful assembly and the right to association, the
present document seeks to deepen the relationship between this human
right and Internet architecture, protocols, and standards. In that
way, we continue the work of the Human Rights Protocol Consideration
Research Group, as laid out in its charter, where one of the research
aims is "to expose the relation between protocols and human rights,
with a focus on the rights to freedom of expression and freedom of
assembly" [HRPC-charter]. The conclusions may inform the development
of new guidelines for protocol developers in draft-irtf-hrpc-
guidelines.
The research question of this document is: what are the protocol
development considerations for the right to peaceful assembly and the
right to association?
2. Vocabulary used
Architecture The design of a structure
ten Oever, et al. Expires October 18, 2021 [Page 3]
Internet-Draft FoA April 2021
Autonomous System (AS) Autonomous Systems are the unit of routing
policy in the modern world of exterior routing [RFC1930].
Within the Internet, an autonomous system (AS) is a collection of
connected Internet Protocol (IP) routing prefixes under the
control of one or more network operators on behalf of a single
administrative entity or domain that presents a common, clearly
defined routing policy to the Internet [RFC1930].
The classic definition of an Autonomous System is a set of routers
under a single technical administration, using an interior gateway
protocol and common metrics to route packets within the AS, and
using an exterior gateway protocol to route packets to other ASs
[RFC1771].
Border Gateway Protocol (BGP) An inter-Autonomous System routing
protocol [RFC4271].
Connectivity The extent to which a device or network is able to
reach other devices or networks to exchange data. The Internet is
the tool for providing global connectivity [RFC1958]. Different
types of connectivity are further specified in [RFC4084]. The
combination of the end-to-end principle, interoperability,
distributed architecture, resilience, reliability and robustness
are the enabling factors that result in connectivity to and on the
Internet.
Decentralization Implementation or deployment of standards,
protocols or systems without one single point of control.
Distributed system A system with multiple components that have their
behavior co-ordinated via message passing. These components are
usually spatially separated and communicate using a network, and
may be managed by a single root of trust or authority.
[Troncosoetal]
Infrastructure Underlying basis or structure for a functioning
society, organization or community. Because infrastructure is a
precondition for other activities it has a procedural, rather than
static, nature due to its social and cultural embeddedness
[PipekWulf] [Bloketal]. This means that infrastructure is always
relational: infrastructure always develops in relation to
something or someone [Bowker].
Internet The Network of networks, that consists of Autonomous
Systems that are connected through the Internet Protocol (IP).
ten Oever, et al. Expires October 18, 2021 [Page 4]
Internet-Draft FoA April 2021
A persistent socio-technical system over which services are
delivered [Mainwaringetal],
A techno-social assemblage of devices, users, sensors, networks,
routers, governance, administrators, operators and protocols
An emergent-process-driven thing that is born from the collections
of the ASes that happen to be gathered together at any given time.
The fact that they tend to interact at any given time means it is
an emergent property that happens because they use the protocols
defined at IETF.
Right to peaceful assembly 'The right of peaceful assembly
protects the non-violent gathering by persons for specific
purposes, principally expressive ones.1 It constitutes an
individual right that is exercised collectively.2 Inherent to the
right is thus an associative element.' [UNGC37]
Right to association 'The right and freedom of association
encompasses both an individual's right to join or leave groups
voluntarily, the right of the group to take collective action to
pursue the interests of its members, and the right of an
association to accept or decline membership based on certain
criteria.' [FoAdef]
3. Research question
The research question of this document is: what are the protocol
development considerations for freedom of assembly and association?
4. Methodology
The point of departure of the present work [RFC8280] is an initial
effort to expose the relationship between human rights and the
Internet architecture, specifically protocols and standards. As
such, [RFC8280] was inductive and explorative in nature. The
methodology in this previous work was based on the discourse analysis
of RFCs, interviews with members of the IETF community, and
participant observation in IETF working groups, with the goal to
identify technical concepts that relate to human rights. This work
resulted in the proposal of guidelines to describe a relationship
between the right to peaceful assembly and association and
connectivity, security, censorship resistance, anonymity,
pseudonymity, accessibility, decentralization, adaptability, and
outcome transparency.
In this document, we deepen our exploration of human rights and
protocols by assessing one specific set of human rights: freedom of
ten Oever, et al. Expires October 18, 2021 [Page 5]
Internet-Draft FoA April 2021
association and assembly, abbreviated here as FAA. Our methodology
for doing so is the following: first, we provide a brief twofold
literature review addressing the philosophical and legal definitions
of FAA and how this right has already been interpreted or analyzed
concerning the digital. This literature review is not exhaustive nor
systematic but aims at providing some lines of questioning that could
later be used for protocol development. The second part of our
methodology looks at some cases of Internet protocols that are
relevant to the sub-questions highlighted in the literature review,
and analyze how these protocols facilitate and inhibit the right to
peaceful assembly and association.
5. Literature Review
5.1. FAA definition and core treaties
The rights to peaceful assembly and the freedom of association are
defined and guaranteed in national law and international treaties,
however, in this document we limit outselves to international
treaties. Article 20 of the Universal Declaration of Human Rights
[UDHR] states that "Everyone has the right to freedom of peaceful
assembly and association" and that "No one may be compelled to belong
to an association". Article 23 further guarantees that "Everyone has
the right to form and to join trade unions for the protection of his
interests". In the International Covenant on Civil and Political
Rights [ICCPR], article 21 stipulates that "The right of peaceful
assembly shall be recognized" and that "No restrictions may be placed
on the exercise of this right other than those imposed in conformity
with the law and which are necessary in a democratic society in the
interests of national security or public safety, public order (ordre
public), the protection of public health or morals or the protection
of the rights and freedoms of others" while article 22 states that
"Everyone shall have the right to freedom of association with others,
including the right to form and join trade unions".
General Comment No. 37 on the right of peaceful assembly by the
United Nations Human Rights Committee affirms that the right of
peaceful assembly protects non-violent online gatherings: "associated
activities that happen online or otherwise rely upon digital services
[...] are also protected" [UNGC37]. Interference with emerging
communications technologies that offer the opportunity to assemble
either wholly or partly online or play an integral role in
organizing, participating in and monitoring physical gatherings are
assumed to impede assemblies which are protected by this right.
Moreover, any restriction on the 'operation of information
dissemination systems' must conform with the tests for restrictions
on freedom of expression (see below).
ten Oever, et al. Expires October 18, 2021 [Page 6]
Internet-Draft FoA April 2021
Other treaties are sometimes cited as the source and framework to the
right to freedom of association and assembly. Such as Article 5 of
the International Convention on the Elimination of All Forms of
Racial Discrimination [CERD] which stipulates freedom of peaceful
assembly and association should be guaranteed "without discrimination
as to race, colour, national or ethnic origin"; Article 15 of the
Convention on the Rights of the Child [CRC] which recognises to child
pending the restrictions cited above; and Article 21 of the
Convention on the Rights of Persons with Disabilities [CRPD] which
insist on usable and accessible formats and technologies appropriate
for persons with different kinds of disabilities. The freedoms of
peaceful assembly and association are also protected under regional
human rights treaties: article 11 of the European Convention on Human
Rights, articles 15 and 16 of the American Convention on Human
Rights, article 10 and 11 of the African Charter on Human and
Peoples' Rights.
From a more philosophical perspective, Brownlee and Jenkins
[Stanford] make some interesting distinctions in particular regarding
the concepts of association, assembly and interaction, deviating
somewhat from what is established in interpretations of international
human rights law. "Interaction" refers to any kind of interpersonal
and often incidental engagements in daily life, like encountering
strangers on a bus. Interaction is seen as a "prerequisite" for
association. Assembly, according to Brownlee and Jenkins has a more
political connotation and is often used to refer to activists,
protesters, or members of a group in a deliberating event. The
authors refer to association as more "persistent connections" and
distinguish between intimate associations, like friendship, love, or
family, and collective association like trade unions, commercial
business, or "expressive associations" like civil rights
organizations or LGBTQIA associations. For Brownlee and Jenkins
[Stanford], the right to association is linked to different relative
freedoms: permission (to associate or dissociate), claim-right (to
oppose others interfering with our conduct), power (to alter the
status of our association), immunity (from other people interfering
in our right). Freedom of association thus refers both to the
individual right to join or leave a group and to the collective right
to form or dissolve a group.
Freedoms of association and peaceful assembly, however, are relative
and not absolute. Excluding someone from an association based on its
sex, race or other individual characteristic is also often
contentious if not illegal. As mentioned above, international human
rights law provides the framework for legitimate restrictions on
these rights, as well as the right to privacy and the right to
freedom of expression and opinion. Restrictions can be imposed by
states, but only if this is lawful and proportionate. States must
ten Oever, et al. Expires October 18, 2021 [Page 7]
Internet-Draft FoA April 2021
document how these limitations are necessary in the interests of
national security or public safety, public order, the protection of
public health or morals, or the protection of the rights and freedoms
of others. Finally, states must also protect participants against
possible abuses by non-state actors.
The Human Rights Committee explores a few restrictions related to
associated activities online or reliant upon digital services, that
are also protected under article 21, and stipulates that "States
parties must not, for example, block or hinder Internet connectivity
in relation to peaceful assemblies. The same applies to geotargeted
or technology-specific interference with connectivity or access to
content.". Additionally, "States should ensure that the activities
of Internet service providers and intermediaries do not unduly
restrict assemblies or the privacy of assembly participants."
[UNGC37].
Interpreting international law, the right to freedom of peaceful
assembly and the right to freedom of association protects any
collective, gathered either permanently or temporarily for "peaceful"
purposes, online and offline. It is important to underline the
property of "freedom" because the right to freedom of association and
assembly is voluntary and uncoerced: anyone can join or leave a group
of choice, which in turn means one should not be forced to either
join, stay or leave. An assembly is an "intentional and temporary
gathering of a collective in a private or public space for a specific
purpose: demonstrations, indoor meetings, strikes, processions,
rallies, or even sits-in" [UNGA]. Association has a more formal and
established nature and refer to a group of individuals or legal
entities brought together in order to collectively act, express,
promote, pursue, or defend a field of common interests
[UNSRFOAA2012]. Think about civil society organizations, clubs,
cooperatives, NGOs, religious associations, political parties, trade
unions, or foundations.
When talking about the human right of freedom of association and
assembly, one should always take into account that 'all human rights
are indivisible, interrelated, unalienable, universal, and mutually
reinforcing' [ViennaDeclaration]. This means that in the analysis of
the impact of a certain variable on freedom of association and
assembly one should take other human rights into account too. When
devising an approach to mitigate a possible negative influence on
this right, one should also always take into account the possible
impact this might have on other rights. For example, the following
rights are often impacted in conjunction with freedom of association
and assembly: the right to political participation, the right to
(group) privacy, the right to freedom of expression, and access to
information. For instance, when the right to political participation
ten Oever, et al. Expires October 18, 2021 [Page 8]
Internet-Draft FoA April 2021
is hampered, this often happens in conjunction with a limitation of
the freedom of association and assembly because political
participation is often done collectively. When the right to privacy
is hampered, this privacy of particular groups is also impacted (so-
called 'group privacy' [Loi], which potentially has consequences for
the right to association and assembly. Where the freedom of
expression of a group is hampered, such as in protests or through
Internet shutdowns, this both hampers other people's ability to
receive the information of the group, and impact the right to
assembly of the people who seek to express themselves as a group
[Nyokabi].
Finally, if the right to association and assembly is limited by
national law, this does not mean it is consistent with international
human rights law. In such a case, the national law would therefore
not be legitimate [Glasius].
5.2. FAA in the digital era
Before discussing freedom of association and assembly as it pertains
to digital environments, we must first recognize that the United
Nations Human Rights Council adopted resolutions on the promotion,
protection and enjoyment of human rights on the Internet in 2012,
2014, 2016 and 2018, affirming and reaffirming "... that the same
rights that people have offline must also be protected online ..."
[UNHRC2018]. Therefore the digital environment is no exception to
application of this right by any means. Various other resolutions
and report have established the online applicability of the freedoms
of association and assembly, most recently and authoritatively by the
Human Rights Committee in General Comment 37 (2020)[UNGC37]. The
questions that remain, however, are how these rights should be
conceptualized and implemented in different parts and levels of
digital environments.
The right to freedom of assembly and association online is the
subject of increasing discussions and analysis. Especially since
social media played an important role in several revolutions in 2011,
which has led to increasing and ever more sophisticated attacks by
autocratic governments on online communities and other associational
activities occurring on the Internet [RutzenZenn]. In 2016, the
Council of Europe published a report, "Report by the Committee of
experts on cross-border flow of Internet traffic and Internet freedom
on Freedom of assembly and association on the Internet" [CoE] which
noted that while the Internet and technologies are not explicitly
mentioned in international treaties, these treaties nevertheless
apply to "the online environment". The report argue the "Internet is
the public sphere of the 21st century", something demonstrated by the
fact that informal associations can be gathered at scale in a matter
ten Oever, et al. Expires October 18, 2021 [Page 9]
Internet-Draft FoA April 2021
of hours on the Internet, and that digital communication tools often
serve to facilitate, publicize or otherwise enable presential
associations or assemblies, like a protest or demonstration. They
note, on the other hand, the negative ways in which the Internet can
also be used to promote or facilitate terrorism, urban violence and
hate speech, thus insisting on the "extremely important and urgent"
need to fight online terrorist activities such as recruitment or
mobilization, while at the same time respecting the right to peaceful
assembly and association of other users. The report mentions the
following use cases that could be help further our reflection:
- Instances of network shutdowns in the Arab Spring, to prevent
people from organising themselves or assembling
- California's Bay Area Rapid Transit (BART) shutdown of mobile
phone service, to avoid protester violence and disruption of
service
- The wholesale blocking of Google as a violation of freedom of
expression
- Telus, a telecom company which blocked customers' access to
websites critical of Telus during a Telecommunications Workers
Union strike against it
- The targeting of social media users who call for or organise
protests though the Internet in Turkey's Gezi Park protests
- Mass surveillance or other interferences with privacy in the
context of law enforcement and national security
- Use of VPNs (Virtual Private Networks) to the TOR network to
ensure anonymity
- Distributed Denial of Service attacks (DDoS) as civil
disobedience.
In 2019 the UN Special Rapporteur on the rights to freedom of
peaceful assembly and of association, notes the opportunities and
challenges posed by digital networks to the rights to freedom of
peaceful assembly and of association [UNSRFAA2019]. The report
recommends that international human rights norms and principles
should also be used as a framework "that guides digital technology
companies' design, control and governance of digital technologies".
The report states that "technical standards" in particular can affect
the freedom of association and assembly, and makes some
recommendations on which the following could be relevant to our
discussion here:
ten Oever, et al. Expires October 18, 2021 [Page 10]
Internet-Draft FoA April 2021
- "[Undertake] human rights impact assessments which incorporate the
rights to freedom of peaceful assembly and of association when
developing or modifying their products and services,"
- "increase the quality of participation in and implementation of
existing multi-stakeholder initiatives,"
- "collaborate with governments and civil society to develop
technology that promotes and strengthens human rights,"
- "support the research and development of appropriate technological
solutions to online harassment, disinformation and propaganda,
including tools to detect and identify State-linked accounts and
bots," and
- "adopt monitoring indicators that include specific concerns
related to freedom of peaceful assembly and association."
In one of their "training kits" [APCtraining], the Association of
Progressive Communications addressed different impacts of the
internet on association and assembly and raised three particular
issues worthy to note here:
1. Organization of protests. Internet and social media are enablers
of protests, such as it was seen in the "Arab Spring". Some of
these protests - like online petitions or campaigns - are similar
to offline association and assembly, but other protest forms are
inherent to the Internet capacity like hacking, DDOS and are
subject to controversy within the Internet community, some people
finding it legitimate, and others not.
2. Surveillance. While the Internet facilitates association, the
association in turn leaves a lot of traces that can be used in
turn for law enforcement but also for repressing political
dissents. As they note, even the threat of surveillance can have
deter facilitation.
3. Anonymity and pseudonymity can be useful protection mechanism for
those who'd like to attend legitimate association without facing
retribution. On the other hand, anonymity can be used to harm
society, such as in online fraud or sexual predation.
Online association and assembly are the starting point of group to
mobilization in modern democracies, and even more so where physical
gatherings have been impossible or dangerous [APC]. Throughout the
world -from the Arab Spring to Latin American student movements and
the #WomensMarch- the Internet has played a crucial role by providing
means for the fast dissemination of information otherwise mediated by
ten Oever, et al. Expires October 18, 2021 [Page 11]
Internet-Draft FoA April 2021
the press, or even forbidden by the government [Pensado]. According
to Hussain and Howard the Internet helped to "build solidarity
networks and identification of collective identities and goals,
extend the range of local coverage to international broadcast
networks" and as platform for contestation for "the future of civil
society and information infrastructure" [HussainHoward]. The IETF
itself, defined as an 'open global community' of network designers,
operators, vendors, and researchers [RFC3233] is also protected by
freedom of assembly and association . Discussions, comments and
consensus around RFCs are possible because of the collective
expression that freedom of association and assembly allow. The very
word "protocol" found its way into the language of computer
networking based on the need for collective agreement among a group
of assembled network users [HafnerandLyon].
[RFC8280] is a paper by the Human Rights Protocol Consideration
Resarch Group in the Internet Research Taskforce on internet
protocols and human rights that discusses issues of FAA,
specifically:
- The expansion of DNS for generic namespace as an enabler of
association for minorities. The paper argues that specifically
the expansion of the DNS to allow for new generic Top Level
Domains (gTLDs) can have negative impacts on freedom of
association because of restrictive policies by some registries and
registrars, on the other hand could gTLDs also enable communities
to build clearly identifiable spaces for association (such as
.gay).
- The impact of Distributed Denial of Service attacks on freedom of
association. Whereas DDoS has been used as a tool for protest, in
many cases this is infringing on other parties freedom of
expression. Furthermore, often devices (such as IoT devices and
routers) are inscribed in such DDoS attacks whereas the owner or
user did not consent to this. Thus they do not have the
possibility to exit this assembly. Therefore the draft concluded
that that IETF "should try to ensure that their protocols cannot
be used for DDoS attacks"
- The impact of middleboxes on the ability of users to connect to
the Internet and therefore their ability to exercise their right
to freedom of association and assembly. The lack of connectivity
can significantly impact freedom of assembly and association of a
user. Especially if this is done in a way that is not knowable
for the user and if there is no possibility to for the user to
have access to due process to dispute the lack of (secure or
private) connectivity in general or to a specific service.
ten Oever, et al. Expires October 18, 2021 [Page 12]
Internet-Draft FoA April 2021
In June 2020, the United Nations High Commissioner for Human Rights
concluded that technologies can be enablers of the excercise of FAA,
but technology is also significantly used to interfere with the
ability of people to exercise their right to freedom of association
and assembly. Specifically, the report mentions network shutdowns,
the usage of technology to surveil or crack down on protesters,
leading to human rights violations. This includes facial recognition
technology, and the uses of other ways to violate the (group) privacy
of people engaged in an assembly or association. The report makes it
explicit that companies play a significant role enabling, for
instance by developing, providing or selling the technology, but also
by directly exercising these violations [UNHRC2020].
5.3. Specific questions raised from the literature review
Here are some questions raised from the literature review that can
have implications for protocol design:
1. Should protocols be designed to enable legitimate limitations on
association in the interests of "national security or public
safety, public order (ordre public), the protection of public
health or morals or the protection of the rights and freedoms of
others", as stated in the ICCPR article 21 [ICCPR]? Where in the
stack do we care for FAA?
2. Can protocols facilitate agency of membership in associations,
assemblies and interactions?
3. What are the features of protocols that enable freedom of
association and assembly?
4. Does protocol development sufficiently consider usable and
accessible formats and technologies appropriate for all persons,
including those with different kinds of disabilities?
5. Can a protocol be designed to legitimately exclude someone from
an association?
In the following sections we attempt to answer these questions with
specific examples of standardized protocols in the IETF.
6. Analysis
As the Internet mediates collective action and collaboration, it
impacts on freedom of association and assembly. To answer our
research question regarding how internet architecture enable and/or
inhibits such human right, we researched several independent and
typical cases related to protocols that have been either adopted by
ten Oever, et al. Expires October 18, 2021 [Page 13]
Internet-Draft FoA April 2021
the IETF, or are widely used on the Internet. Our goal is to figure
out whether they facilitate freedom of assembly and association, or
whether they inhibit it through their design or implementation.
We are aware that some of the following examples go beyond the use of
Internet protocols and flow over into the application layer or
examples in the offline world whereas the purpose of the current
document is to break down the relationship between Internet protocols
and the right to freedom of assembly and association. Nonetheless,
we do recognize that in some cases the line between them and
applications, implementations, policies and offline realities are
often blurred and hard -if not impossible- to differentiate.
We use the literature review to guide our process of inquiry for each
case, and to dive deeper in what can be found interesting about each
case as it relates to freedom of association.
6.1. Got No Peace: Spam and DDoS
Should protocols be designed to enable legitimate limitations on
association in the interests of "national security or public safety,
public order (ordre public), the protection of public health or morals
or the protection of the rights and freedoms of others", as stated in
the ICCPR article 21 {{ICCPR}}? Where in the stack do we care for FAA?
The 2020 report by the United Nations Special Rapporteur on Human
Rights [UNHRC2020] described how technology is often used to limit
freedom of assembly and association, such as for instance through
network shutdowns and the surveillance of groups. Because access to
the Internet is crucial not only for freedom of association and
assembly, but also for the right to development, and the right to
freedom of expression and information [Nyokabi], the United Nation
Special Rapporteur argues that:
(b) Avoid resorting to disruptions and shutdowns of Internet or
telecommunications networks at all times and particularly during
assemblies, including those taking place in electoral contexts
and during times of unrest;
Whereas the states have the obligation to protect human rights, there
has been an increasing call for non-state actors, such as companies,
to respect human rights [UNGPBHR]. The UN adopted guiding principles
on business and human rights [UNGPBHR] and talks within the HRC are
ongoing about an international legally binding instrument to regulate
the activities of transnational corporations and other business
enterprises. This includes a chain-responsibility of actors, which
means that not just the company's own processes should not negatively
impact human rights, but they should also engage in due diligence
ten Oever, et al. Expires October 18, 2021 [Page 14]
Internet-Draft FoA April 2021
processes, such as human rights impact assessments. This includes an
assessment of whether the products that are sold, or the services
that are provided, can be used to engage in human rights violations,
or whether human rights violations occur in any stage of the supply
chain of the company. If this is the case, measures should be taken
to mitigate this.
In the case of dual-use technologies, this means that technology
could be used for legitimate purposes, but could also be used to
limit freedom of association or assembly, it might mean that
producers or sellers should limit the parties they sell to, or even
better, ensure that the illegitimate use of the technology is not
technically possible anymore, or made more difficult.
6.1.1. Spam
In the 1990s as the internet became more and more commercial, spam
came to be defined as irrelevant or unsolicited messages that were
posted many times to multiple news groups or mailing lists [Marcus].
Here the question of consent, but also harm, are crucial. In the
2000s a large part of the discussion revolved around the fact that
certain corporations. protected by the right to freedom of
association, considered spam to be a form of "commercial speech",
thus encompassed by free expression rights [Marcus]. Yet spam can be
not only a nuisance, but a threat to systems and users.
This leaves us with an interesting case around spam mitigation: spam
is currently handled mostly by mail providers on behalf of the user,
next to that countries are increasingly adopting opt-in regimes for
mailing lists and commercial e-mail, with a possibility of serious
fines in case of violation. Yet many ask is spam not the equivalent
of the fliers and handbills ever present in our offline world? The
big difference between the proliferation of such messages offline and
online is the scale. It is not hard for a single person to message a
lot of people online, whereas if that person needed to go house by
house the scale and impact of their actions would be much smaller.
Inversely if it were a common practice to expose people to unlimited
unwanted messages online, users would be drowned in such messages.
This puts a large burden on filtering, and in both filtering and
sifting through many message, other expressions would be drowned out
and would be severely hampered. Allowing illimited sending of
unsolicited messages would be a blow against freedom of speech: when
everyone talks, nobody listens.
Here the argument is very similar to DDoS attacks, considered next:
Legitimate uses of online campaigning, or online protesting, are
drowned out by a malicious use which constitutes an attack on the
internet infrastructure and thus the assembly or association itself.
ten Oever, et al. Expires October 18, 2021 [Page 15]
Internet-Draft FoA April 2021
6.1.2. DDoS
Distributed Denial of Service attacks are leveled against a server or
service by a controller of a host or multiple hosts by overloading
the server or service's bandwidth or resources (volume-based floods)
or exploit protocol behaviours (protocol attacks). DDoS attacks can
thus stifle and complicate the rights to assemble online for media
and human rights organisations whose websites are the target of DDoS.
At the same time there are comparisons made between DDoS attacks and
sit-in protests [Sauter]. However the main distinction is
significant: only a small fragment of "participants" (from
controllers to compromised device owners) in DDoS attacks are aware
or willing [RFC8280]. Notably DDoS attacks are increasingly used to
commit crimes such as extortion, which infringe on others' human
rights.
Because of the interrelation of technologies, it cannot be said that
there is one point in the technical stack that there are
characteristics of "peaceful" or "non-peaceful" association visible
to protocol developers. As we can see from the cases of spam
blocking and DDoS mitigation that "peaceful or non-peaceful" is not a
meaningful heuristic, or even characteristic, of problematic content.
If anything, their commonality is scale and volume.
6.2. Holistic Agency: Mailing Lists and Spam
Can protocols facilitate agency of membership in associations,
assemblies and interactions?
6.2.1. Mailing lists
Since the beginning of the Internet mailing lists have been a key
site of assembly and association [RFC0155] [RFC1211]. In fact,
mailing lists were one of the Internet's first functionalities
[HafnerandLyon].
In 1971 four years after the invention of email, the first mailing
list was created to talk about the idea of using Arpanet for
discussion. What had initially propelled the Arpanet project forward
as a resource sharing platform was gradually replaced by the idea of
a network as a means of bringing people together [Abbate]. More than
45 years after, mailing lists are pervasive and help communities to
engage, have discussions, share information, ask questions, and build
ties. Even as social media and discussion forums grow, mailing lists
continue to be widely used [AckermannKargerZhang] and are still a
crucial tool to organise groups and individuals around themes and
causes [APC3].
ten Oever, et al. Expires October 18, 2021 [Page 16]
Internet-Draft FoA April 2021
Mailing lists' pervasive use are partly explained because they allow
for "free" association: people subscribe (join) and unsubscribe
(leave) as they please. Mailing lists also allow for association of
specific groups on closed lists. This free association online
enables agency of membership, a key component of freedom of
association and assembly.
6.2.2. Spam
As we mentioned before, there are interesting implications for
freedom of association and assembly when looking at spam mitigation.
Here we want to specifically note that if we consider that the rights
to assembly and association also mean that "no one may be compelled
to belong to an association" [UDHR], spam infringes both rights if an
op-out mechanism is not provided and people are obliged to receive
unwanted information, or be reached by people they do not know.
6.3. Civics in Cyberspace: Messaging, Conferencing, and Networking
What are the features of protocols that enable freedom of
association and assembly?
Civic participation is often expressed as the freedom to associate
and assemble, along with a whole other set of enabling rights such as
freedom of expression and the right to privacy. Former UN Special
Rapporteur David Kaye established a strong relationship between
technology that allows anonymity and uses encryption have positive
effects on freedom of expression [Kaye]. Here we look at messaging,
such as email, mailing lists and internet relay chat; video
conferencing and peer-to-peer networking protocols to investigate the
common features that enable freedom of association and assembly
online.
6.3.1. Email
Similarly to freedom of expression's enabling and universal right to
impart one's ideas openly, "the right to whisper", or
confidentiality, is the ability to limit to whom one imparts one's
ideas. An encrypted email project, the LEAP Encryption Access
Project, says, "like free speech, the right to whisper is a necessary
precondition for a free society. Without it, civil society
languishes and political freedoms are curtailed. As the importance
of digital communication for civic participation increases, so too
does the importance of the ability to digitally whisper." [LEAP]
ten Oever, et al. Expires October 18, 2021 [Page 17]
Internet-Draft FoA April 2021
6.3.2. Mailing lists
Not only are mailing lists a good example of how protocols can
facilitate the necessary ingredient of agency in freedom of
association, mailing lists are an example of messaging technology
that has other features that enable freedom of association and
assembly.
The archival function of mailing lists allows for posterior
accountability and analysis. The ubiquity and interoperability of
email, and by extension email lists, provides a low barrier to entry
to an inclusive medium.
Association and assembly online can be undermined when right to
privacy is at risk. And one of the downsides of mailing lists are
similar to the privacy and security concerns generally associated
with email. At least with email, end-to-end encryption such as
OpenPGP [RFC4880] and S/MIME [RFC5751] can keep user communications
authenticated and confidential. With mailing lists, this protection
is not as possible because with many lists the final recipients are
typically too many for . There have been experimental solutions to
address this issue such as Schleuder [Schleuder], but this has not
been standardized or widely deployed.
6.3.3. IRC
Internet Relay Chat (IRC) is an application layer protocol that
enables communication in the form of text through a client/server
networking model [RFC2810]. In other words, a chat service. IRC
clients are computer programs that a user can install on their
system. These clients communicate with chat servers to transfer
messages to other clients. Features of IRC include: federated
design, transport encryption, one-to-many routing, creation of topic-
based "channels", and spam or abuse moderation.
For the purposes of civic participation and freedom of association
and assembly in particular it is critical that IRC's federated design
allows many interoperable, yet customisable, instances and basic
assurance of confidentiality through transport encryption. We
investigate the particular aspect of agency in membership through
moderation in the section 'Block Together Now: IRC and Refusals'
below.
6.3.4. WebRTC
Multi-party video conferencing protocols like WebRTC [RFC6176]
[RFC7118] allow for robust, bandwidth-adaptive, wideband and super-
wideband video and audio discussions in groups. 'The WebRTC protocol
ten Oever, et al. Expires October 18, 2021 [Page 18]
Internet-Draft FoA April 2021
was designed to enable responsive real-time communications over the
Internet, and is instrumental in allowing streaming video and
conferencing applications to run in the browser. In order to easily
facilitate direct connections between computers (bypassing the need
for a central server to act as a gatekeeper), WebRTC provides
functionality to automatically collect the local and public IP
addresses of Internet users (ICE or STUN). These functions do not
require consent from the user, and can be instantiated by sites that
a user visits without their awareness. The potential privacy
implications of this aspect of WebRTC are well documented, and
certain browsers have provided options to limit its behavior.'
[AndersonGuarnieri].
Even though some multi-party video conferencing tools facilitate
freedom of assembly and association, their own configuration might
might pose concrete risks for those who use them. One the one hand
WebRTC is providing resilient channels of communications, but on the
other hand it also exposes information about those who are using the
tool which might lead to increased surveillance, identification and
the consequences that might be derived from that. This is especially
concerning because the usage of a VPN does not protect against the
exposure of IP addresses [Crawford].
The risk of surveillance is also true in an offline space, but this
is generally easy to analyze for the end-user. Security and privacy
expectations of the end-user could be either improved or made
explicit. This in turn would result in a more secure and/or private
exercise of the right to freedom of assembly or association.
6.3.5. Peer-to-peer networking
At the organizational level, peer production is one of the most
relevant innovations from Internet mediated social practices.
According to [Benkler] these networks imply 'open collaborative
innovation and creation, performed by diverse, decentralized groups
organized principally by neither price signals nor organizational
hierarchy, harnessing heterogeneous motivations, and governed and
managed based on principles other than the residual authority of
ownership implemented through contract.' [Benkler].
In his book The Wealth of Networks, [Benkler2] significantly expands
on his definition of commons-based peer production. In his view,
what distinguishes commons-based production is that it doesn't rely
upon or propagate proprietary knowledge: "The inputs and outputs of
the process are shared, freely or conditionally, in an institutional
form that leaves them equally available for all to use as they choose
at their individual discretion." [Benkler2]. To ensure that the
ten Oever, et al. Expires October 18, 2021 [Page 19]
Internet-Draft FoA April 2021
knowledge generated is available for free use, commons-based projects
are often shared under an open license
Peer-to-peer (P2P) is essentially a model of how people interact in
real life because "we deal directly with one another whenever we wish
to" [Vu]. Usually if we need something we ask our peers, who in turn
refer us to other peers. In this sense, the ideal definition of P2P
is that "nodes are able to directly exchange resources and services
between themselves without the need for centralized servers" where
each participating node typically acts both as a server and as a
client [Vu]. [RFC5694] has defined it as peers or nodes that should
be able to communicate directly between themselves without passing
intermediaries, and that the system should be self-organizing and
have decentralized control [RFC5694]. With this in mind, the
ultimate model of P2P is a completely decentralized system, which is
more resistant to speech regulation, immune to single points of
failure and has a higher performance and scalability. Nonetheless,
in practice some P2P systems are supported by centralized servers and
some others have hybrid models where nodes are organized into two
layers: the upper tier servers and the lower tier common nodes [Vu].
Since the ARPANET project, the original idea behind the Internet was
conceived as what we would now call a peer-to-peer system [RFC0001].
Over time it has increasingly shifted towards a client/server model
with "millions of consumer clients communicating with a relatively
privileged set of servers" [NelsonHedlun].
Whether for resource sharing or data sharing, P2P systems are
enabling freedom of assembly and association. Not only do they allow
for effective dissemination of information, but they leverage
computing resources by diminishing costs allowing for the formation
of open collectives at the network level. At the same time, in
completely decentralized systems the nodes are autonomous and can
join or leave the network as they want -a characteristic that makes
the system unpredictable: a resource might be only sometimes
available, and some other resources might be missing or incomplete
[Vu]. Lack of information might in turn makes association or
assembly more difficult.
Additionally, when architecturally assessing the role of P2P systems
we could say that: "the main advantage of centralized P2P systems is
that they are able to provide a quick and reliable resource locating.
Their limitation, however, is that the scalability of the systems is
affected by the use of servers. While decentralized P2P systems are
better than centralized P2P systems in this aspect, they require a
longer time in resource locating. As a result, hybrid P2P systems
have been introduced to take advantage of both centralized and
decentralized architectures. Basically, to maintain the scalability,
ten Oever, et al. Expires October 18, 2021 [Page 20]
Internet-Draft FoA April 2021
similar to decentralized P2P systems, there are no servers in hybrid
P2P systems. However, peer nodes that are more powerful than others
can be selected to act as servers to serve others. These nodes are
often called super peers. In this way, resource locating can be done
by both decentralized search techniques and centralized search
techniques (asking super peers), and hence the systems benefit from
the search techniques of centralized P2P systems." [Vu].
6.4. Universal Access: The Web
Does protocol development sufficiently consider usable and accessible
formats and technologies appropriate for persons with different kinds
of disabilities?
The W3C has done significant work to ensure that the Web is
accessible to people with diverse physical abilities [W3C]. The
implementation of these accessibility standards for instance help
people who have issues with seeing or rendering images to understand
what the image actually contains. Making the web more accessible for
people with diverse physical abilities enables them to excercise
their right to online assembly and association.
The IETF uses English as its primary working language, both in its
documentation and in its communication. This is also the case for
reference implementations. Whereas it is estimated that roughly 20%
of the Earth's population speaks English, whereas only 360 million
speak English as their first language. [RFC2277] describes that
'"Internationalization is for humans. This means that protocols are
not subject to internationalization; text strings are.", this implies
that protocol developers, as well as people that work with protocols,
are not people, or that protocol developers are all in command of the
English language. This means that it is significantly easier for
people who have a command of the English language to become a
protocol developer - and it might lead to the development of separate
protocols that are developed within large language communities that
are not using the English language or the Latin script. This makes
it harder for people who seek to shape their own space of association
and assembly on the Internet to do so. And is thus driving these
communities into, often proprietary and non-interoperable services
such as Facebook.
When Ramsey Nasser developed the Arabic programming language
قلب (transliterated Qalb, Qlb and Alb) [Nasser] he
called it 'engineering performance art' instead of engineering,
because he knew that his language would not work. In part this is
because all modern programming tools are based on the ASCII character
set, which encodes Latin Characters and was originally based on the
English Language. This highlights cultural biases of computer
ten Oever, et al. Expires October 18, 2021 [Page 21]
Internet-Draft FoA April 2021
science and engineering. Despite long significant efforts, it is
still largely impossible to register an email address in a language
such as Devanagari, Arabic, or Chinese. Even if it is possible - it
is to be expected that there will be a significant failure rate in
sending and receiving emails with other services. This makes it
harder for people who do not speak English and/or don't use the
written Latin script to exercise their freedom of association and
assembly.
6.5. Block Together Now: IRC and Refusals
Can a protocol be designed to legitimately exclude someone
from an association?
Previously we spoke about the privacy protecting features of IRC that
enable freedom of association and assembly, including transport
security. But now we turn to the ability to block users and
effectively moderate discussions on IRC as a key feature of the
technology that enables agency in membership, a key aspect of freedom
of association and assembly.
For order to be kept within the IRC network, special classes of users
become "operators" and are allowed to perform general maintenance
functions on the network: basic network tasks such as disconnecting
(temporary or permanently) and reconnecting servers as needed
[RFC2812]. One of the most controversial power of operators is the
ability to remove a user from the connected network by 'force', i.e.,
operators are able to close the connection between any client and
server [RFC2812].
IRC servers may deploy different policies for the ability of users to
create their own channels or 'rooms', and for the delegation of
'operator'-rights in such spaces. Some IRC servers support SSL/TLS
connections for security purposes [RFC7194] which helps stop the use
of packet sniffer programs to obtain the passwords of IRC users, but
has little use beyond this scope due to the public nature of IRC
channels. TLS connections require both client and server support
(that may require the user to install TLS binaries and IRC client
specific patches or modules on their computers). Some networks also
use TLS for server to server connections, and provide a special
channel flag (such as +S) to only allow TLS-connected users on the
channel, while disallowing operator identification in clear text, to
better utilize the advantages that TLS provides.
ten Oever, et al. Expires October 18, 2021 [Page 22]
Internet-Draft FoA April 2021
7. Conclusions: Can we learn anything from the previous case studies?
Communities, collaboration and joint action lie at the heart of the
Internet. Even at a linguistic level, the words "networks" and
"associations" are closely related. Both are groups and assemblies
of people who depend on "links" and "relationships" [Swire]. Taking
legal definitions given in international human rights law and related
normative documents, we could assert that the rights to freedom of
assembly and association protect collective activity online. These
rights protect gatherings by persons for a specific purpose and
groups with a defined aim over time for a variety of peaceful,
expressive and non-expressive, purposes,. It is voluntary and
uncoerced.
Given that the Internet itself was originally designed as a medium of
communication for machines that share resources with each other as
equals [RFC0903], the Internet is now one of the most basic
infrastructures for the right to freedom of assembly and association.
Since Internet protocols and the Internet architecture play a central
role in the management, development and use of the Internet, we
established the relation between some protocols and the right to
freedom of assembly and association.
After reviewing several cases representative of FAA considerations
inherent in protocols standardized at the IETF, we can conclude that
the way in which infrastructure is designed and implemented impacts
people's ability to exercise their freedom of assembly and
association. This is because different technical designs come with
different properties and characteristics. These properties and
characteristics on the one hand enable people to assemble and
associate, but on the other hand also add limiting, or even
potentially endangering, characteristics. More often than not, this
depends on the context. A clearly identified group for open
communications, where messages are sent in cleartext and where
peoples persistent identities are visible, can help to facilitate an
assembly and build trust, but in other contexts the same
configuration could pose a significant danger. Endangering
characteristics should be mitigated, or at least clearly communicated
to the users of these technologies. It is therefore recommended that
the the potential impacts of Internet technologies should be
assessed, reflecting recommendations of various UN bodies and norms.
Lastly, the increasing shift towards closed and non-interoperable
platforms in chat and social media networks have a significant impact
on the distributed and open nature of the Internet. Often these non-
interoperable platforms are built on open-protocols but do not allow
for interoperability or data-portability. The use of social-media
platforms has enabled groups to associate, but it has also rendered
ten Oever, et al. Expires October 18, 2021 [Page 23]
Internet-Draft FoA April 2021
users unable to change platforms, therefore leading to a sort of
"forced association" that inhibits people to fully exercise their
freedom of assembly and association.
8. Acknowledgements
- Fred Baker, Jefsey, and Andrew Sullivan for work on Internet
definitions.
- Stephane Bortzmeyer, ICNL, and Lisa Vermeer for several concrete
text suggestions that found their way in this document.
- Mark Perkins and Gurshabad for finding a lot of typos.
- Gurshabad Grover, an anonymous reviewer, ICNL, Lisa Vermeer, and
Sandra Braman for full reviews.
- The hrpc mailinglist at large for a very constructive discussion
on a hard topic.
9. Security Considerations
As this draft concerns a research document, there are no security
considerations.
10. IANA Considerations
This document has no actions for IANA.
11. Research Group Information
The discussion list for the IRTF Human Rights Protocol Considerations
Research Group is located at the e-mail address hrpc@ietf.org [1].
Information on the group and information on how to subscribe to the
list is at https://www.irtf.org/mailman/listinfo/hrpc [2]
Archives of the list can be found at: https://www.irtf.org/mail-
archive/web/hrpc/current/index.html [3]
12. References
12.1. Informative References
[Abbate] Janet Abbate, ., "Inventing the Internet", Cambridge: MIT
Press (2013): 11. , 2013,
<https://mitpress.mit.edu/books/inventing-internet>.
ten Oever, et al. Expires October 18, 2021 [Page 24]
Internet-Draft FoA April 2021
[AckermannKargerZhang]
Ackerman, M., Karger, D., and A. Zhang, "Mailing Lists:
Why Are They Still Here, What's Wrong With Them, and How
Can We Fix Them?", Mit. edu (2017): 1. , 2017,
<https://people.csail.mit.edu/axz/papers/
mailinglists.pdf>.
[AndersonGuarnieri]
Anderson, C. and C. Guarnieri, "Fictitious Profiles and
WebRTC's Privacy Leaks Used to Identify Iranian
Activists", 2016,
<https://iranthreats.github.io/resources/webrtc-
deanonymization/>.
[APC] Association for Progressive Communications and . Gayathry
Venkiteswaran, "Freedom of assembly and association online
in India, Malaysia and Pakistan. Trends, challenges and
recommendations.", 2016,
<https://www.apc.org/es/system/files/
FOAA_online_IndiaMalaysiaPakistan.pdf>.
[APC3] Association for Progressive Communications, "Closer than
ever", 2020, <https://www.apc.org/en/node/36145/#tools>.
[APCtraining]
Sauter, D. and Association for Progressive Communications,
"Multimedia training kit", 2013,
<http://itrainonline.org/itrainonline/mmtk/
APC_IRHRCurriculum_FOA_Handout.pdf>.
[Benkler] Benkler, Y., "Peer Production and Cooperation", 2009,
<http://www.benkler.org/
Peer%20production%20and%20cooperation%2009.pdf>.
[Benkler2]
Benkler, Y., "The wealth of Networks - How social
production transforms markets and freedom", New Haven and
London - Yale University Press , 2006,
<http://is.gd/rxUpTQ>.
[Bloketal]
Blok, A., Nakazora, M., and B. Winthereik,
"Infrastructuring Environments", Science as Culture 25:1,
1-22. , 2016.
ten Oever, et al. Expires October 18, 2021 [Page 25]
Internet-Draft FoA April 2021
[Bowker] Bowker, G., "Information mythology and infrastructure",
In: L. Bud (Ed.), Information Acumen: The Understanding
and use of Knowledge in Modern
Business,Routledge,London,1994,pp.231-247 , 1994.
[CERD] United Nations, "Convention on the Elimination of all
forms of Racial Discrimination", 1966,
<https://www.info.dfat.gov.au/Info/Treaties/treaties.nsf/
AllDocIDs/2F70352A0B65EB67CA256B6E0075FE13>.
[CoE] Council of Europe, "Freedom of assembly and association on
the Internet", 2015,
<https://mk0rofifiqa2w3u89nud.kinstacdn.com/wp-
content/uploads/COE-report-on-FOAA-rights-on-the-
internet-.pdf>.
[Crawford]
Crawford, D., "The WebRTC VPN "Bug" and How to Fix", 2015,
<https://www.bestvpn.com/the-webrtc-vpn-bug-and-how-to-
fix-it/>.
[CRC] Wikipedia, ., "Lorum", 2000,
<https://www.info.dfat.gov.au/Info/Treaties/treaties.nsf/
AllDocIDs/E123F4F71DCAE3E7CA256B4F007F2905>.
[CRPD] United Nations, "Convention on the Rights of Persons with
Disabilities", 2007,
<http://www.austlii.edu.au/au/other/dfat/
treaties/2008/12.html>.
[FoAdef] Wikipedia, "Freedom of association", 2021,
<https://en.wikipedia.org/wiki/Freedom_of_association>.
[Glasius] Glasius, M., Schalk, J., and M. De Lange, "Illiberal Norm
Diffusion: How Do Governments Learn to Restrict
Nongovernmental Organizations?", 2020,
<https://academic.oup.com/isq/article/64/2/453/5823498>.
[HafnerandLyon]
Hafnerand, K. and M. Lyon, "Where Wizards Stay Up Late.
The Origins of the Internet", First Touchstone Edition
(1998): 93. , 1998, <https://doi.org/10.1111/misr.12020>.
[HRPC-charter]
Human Rights Protocol Consideration RG, ., "Charter for
Research Group", 2015,
<https://datatracker.ietf.org/doc/charter-irtf-hrpc/>.
ten Oever, et al. Expires October 18, 2021 [Page 26]
Internet-Draft FoA April 2021
[HussainHoward]
Hussain, M. and P. Howard, "What Best Explains Successful
Protest Cascades? ICTs and the Fuzzy Causes of the Arab
Spring", Int Stud Rev (2013) 15 (1): 48-66. , 2013,
<https://doi.org/10.1111/misr.12020>.
[ICCPR] United Nations General Assembly, "International Covenant
on Civil and Political Rights", 1966,
<http://www.ohchr.org/EN/ProfessionalInterest/Pages/
CCPR.aspx>.
[Kaye] Kaye, D., "The use of encryption and anonymity in digital
communications", 2015,
<https://www.ohchr.org/EN/HRbodies/HRC/RegularSessions/
Session29/Documents/A.HRC.29.32_AEV.doc>.
[LEAP] LEAP, "The Right to Whisper", 2020,
<https://leap.se/en/about-us/vision>.
[Loi] Loi, M. and M. Christen, "Two Concepts of Group Privacy",
2020, <https://link.springer.com/article/10.1007/
s13347-019-00351-0>.
[Mainwaringetal]
Mainwaring, S., Chang, M., and K. Anderson,
"Infrastructures and Their Discontents: Implications for
Ubicomp", DBLP Conference: Conference: UbiComp 2004:
Ubiquitous Computing: 6th International Conference,
Nottingham, UK, September 7-10, 2004. Proceedings , 2004,
<http://www.dourish.com/classes/readings/Mainwaring-
Infrastructure.pdf>.
[Marcus] Marcus, J., "Commercial Speech on the Internet: Spam and
the first amendment", 1998, <http://www.cardozoaelj.com/
wp-content/uploads/2013/02/Marcus.pdf>.
[Nasser] Nasser, R., "قلب", 2013,
<https://nas.sr/%D9%82%D9%84%D8%A8/>.
[NelsonHedlun]
Minar, N. and M. Hedlun, "A Network of Peers: Models
Through the History of the Internet", Peer to Peer:
Harnessing the Power of Disruptive Technologies, ed: Andy
Oram , 2001, <http://library.uniteddiversity.coop/
REconomy_Resource_Pack/
More_Inspirational_Videos_and_Useful_Info/Peer_to_Peer-
Harnessing_the_Power_of_Disruptive_Technologies.pdf>.
ten Oever, et al. Expires October 18, 2021 [Page 27]
Internet-Draft FoA April 2021
[Nyokabi] Nyokabi, D., Diallo, N., Ntesang, N., White, T., and T.
Ilori, "The right to development and internet shutdowns:
Assessing the role of information and communications
technology in democratic development in Africa", 2019,
<https://repository.gchumanrights.org/bitstream/handle/20.
500.11825/1582/3.Global%20article%20HRDA_2_2019.pdf?sequen
ce=4&isAllowed=y>.
[Pensado] Jaime Pensado, ., "Student Activism. Utopian Dreams.",
ReVista. Harvard Review of Latin America (2012). , 2012,
<http://revista.drclas.harvard.edu/book/student-activism>.
[PipekWulf]
Pipek, V. and W. Wolf, "Infrastructuring: Towards an
Integrated Perspective on the Design and Use of
Information Technology", Journal of the Association for
Information Systems (10) 5, pp. 306-332 , 2009.
[RFC0001] Crocker, S., "Host Software", RFC 1, DOI 10.17487/RFC0001,
April 1969, <https://www.rfc-editor.org/info/rfc1>.
[RFC0155] North, J., "ARPA Network mailing lists", RFC 155,
DOI 10.17487/RFC0155, May 1971,
<https://www.rfc-editor.org/info/rfc155>.
[RFC0903] Finlayson, R., Mann, T., Mogul, J., and M. Theimer, "A
Reverse Address Resolution Protocol", STD 38, RFC 903,
DOI 10.17487/RFC0903, June 1984,
<https://www.rfc-editor.org/info/rfc903>.
[RFC1211] Westine, A. and J. Postel, "Problems with the maintenance
of large mailing lists", RFC 1211, DOI 10.17487/RFC1211,
March 1991, <https://www.rfc-editor.org/info/rfc1211>.
[RFC1771] Rekhter, Y. and T. Li, "A Border Gateway Protocol 4 (BGP-
4)", RFC 1771, DOI 10.17487/RFC1771, March 1995,
<https://www.rfc-editor.org/info/rfc1771>.
[RFC1930] Hawkinson, J. and T. Bates, "Guidelines for creation,
selection, and registration of an Autonomous System (AS)",
BCP 6, RFC 1930, DOI 10.17487/RFC1930, March 1996,
<https://www.rfc-editor.org/info/rfc1930>.
[RFC1958] Carpenter, B., Ed., "Architectural Principles of the
Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996,
<https://www.rfc-editor.org/info/rfc1958>.
ten Oever, et al. Expires October 18, 2021 [Page 28]
Internet-Draft FoA April 2021
[RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
Languages", BCP 18, RFC 2277, DOI 10.17487/RFC2277,
January 1998, <https://www.rfc-editor.org/info/rfc2277>.
[RFC2810] Kalt, C., "Internet Relay Chat: Architecture", RFC 2810,
DOI 10.17487/RFC2810, April 2000,
<https://www.rfc-editor.org/info/rfc2810>.
[RFC2812] Kalt, C., "Internet Relay Chat: Client Protocol",
RFC 2812, DOI 10.17487/RFC2812, April 2000,
<https://www.rfc-editor.org/info/rfc2812>.
[RFC3233] Hoffman, P. and S. Bradner, "Defining the IETF", BCP 58,
RFC 3233, DOI 10.17487/RFC3233, February 2002,
<https://www.rfc-editor.org/info/rfc3233>.
[RFC4084] Klensin, J., "Terminology for Describing Internet
Connectivity", BCP 104, RFC 4084, DOI 10.17487/RFC4084,
May 2005, <https://www.rfc-editor.org/info/rfc4084>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006,
<https://www.rfc-editor.org/info/rfc4271>.
[RFC4880] Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R.
Thayer, "OpenPGP Message Format", RFC 4880,
DOI 10.17487/RFC4880, November 2007,
<https://www.rfc-editor.org/info/rfc4880>.
[RFC5694] Camarillo, G., Ed. and IAB, "Peer-to-Peer (P2P)
Architecture: Definition, Taxonomies, Examples, and
Applicability", RFC 5694, DOI 10.17487/RFC5694, November
2009, <https://www.rfc-editor.org/info/rfc5694>.
[RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet
Mail Extensions (S/MIME) Version 3.2 Message
Specification", RFC 5751, DOI 10.17487/RFC5751, January
2010, <https://www.rfc-editor.org/info/rfc5751>.
[RFC6176] Turner, S. and T. Polk, "Prohibiting Secure Sockets Layer
(SSL) Version 2.0", RFC 6176, DOI 10.17487/RFC6176, March
2011, <https://www.rfc-editor.org/info/rfc6176>.
ten Oever, et al. Expires October 18, 2021 [Page 29]
Internet-Draft FoA April 2021
[RFC7118] Baz Castillo, I., Millan Villegas, J., and V. Pascual,
"The WebSocket Protocol as a Transport for the Session
Initiation Protocol (SIP)", RFC 7118,
DOI 10.17487/RFC7118, January 2014,
<https://www.rfc-editor.org/info/rfc7118>.
[RFC7194] Hartmann, R., "Default Port for Internet Relay Chat (IRC)
via TLS/SSL", RFC 7194, DOI 10.17487/RFC7194, August 2014,
<https://www.rfc-editor.org/info/rfc7194>.
[RFC8280] ten Oever, N. and C. Cath, "Research into Human Rights
Protocol Considerations", RFC 8280, DOI 10.17487/RFC8280,
October 2017, <https://www.rfc-editor.org/info/rfc8280>.
[RutzenZenn]
Rutzen, D. and J. Zenn, "Association and Assembly in the
Digital Age", The International Journal of Not-for-Profit
Law, Volume 13, Issue 4 , December 2011.
[Sauter] Sauter, M., "The Coming Swarm", Bloomsbury , 2014.
[Schleuder]
Nadir, "Schleuder - A gpg-enabled mailinglist with
remailing-capabilities.", 2017,
<https://schleuder.nadir.org/>.
[Stanford]
Brownlee, K. and D. Jenkins, "Freedom of Association",
2019,
<https://plato.stanford.edu/entries/freedom-association/>.
[Swire] Peter Swire, ., "Social Networks, Privacy, and Freedom of
Association: Data Empowerment vs. Data Protection", North
Carolina Law Review (2012) 90 (1): 104. , 2012,
<https://ssrn.com/abstract=1989516 or
http://dx.doi.org/10.2139/ssrn.1989516>.
[Troncosoetal]
Troncoso, C., Isaakdis, M., Danezis, G., and H. Halpin,
"Systematizing Decentralization and Privacy: Lessons from
15 Years of Research and Deployments", Proceedings on
Privacy Enhancing Technologies ; 2017 (4):307-329 , 2017,
<https://www.petsymposium.org/2017/papers/issue4/
paper87-2017-4-source.pdf>.
[UDHR] United Nations General Assembly, "The Universal
Declaration of Human Rights", 1948,
<http://www.un.org/en/documents/udhr/>.
ten Oever, et al. Expires October 18, 2021 [Page 30]
Internet-Draft FoA April 2021
[UNGA] Hina Jilani, ., "Human rights defenders", A/59/401 , 2004,
<http://www.un.org/en/ga/search/
view_doc.asp?symbol=A/59/401 para. 46>.
[UNGC37] United Nations Human Rights Committee, "Human Rights
Committee "General comment No. 37 (2020) on the right of
peaceful assembly (article 21)", CCPR/C/GC/3", 2020,
<https://tbinternet.ohchr.org/_layouts/15/
treatybodyexternal/
TBSearch.aspx?Lang=en&TreatyID=8&DocTypeID=11>.
[UNGPBHR] United Nations, "Guiding Principles on Business and Human
Rights", 2011,
<https://www.ohchr.org/documents/publications/
guidingprinciplesbusinesshr_en.pdf>.
[UNHRC2018]
United Nations Human Rights Council, "UN Human Rights
Council Resolution 'The promotion, protection and
enjoyment of human rights on the Internet' (A/HRC/32/
L.20)", 2016,
<https://digitallibrary.un.org/record/1639840?ln=en>.
[UNHRC2020]
Michelle Bachelet, . and United Nations, "Impact of new
technologies on the promotion and protection of human
rights in the context of assemblies, including peaceful
protests. Report of the United Nations High Commissioner
for Human Rights A/HRC/44/24, 2020", 2000,
<https://www.ohchr.org/EN/HRBodies/HRC/RegularSessions/
Session44/Documents/A_HRC_44_24_AEV.docx>.
[UNSRFAA2012]
Maina Kiai, ., "Report of the Special Rapporteur on the
rights to freedom of peaceful assembly and of
association", A/HRC/20/27 , 2012,
<http://freeassembly.net/wp-content/uploads/2013/10/A-HRC-
20-27_en-annual-report-May-2012.pdf>.
[UNSRFAA2019]
Clement Voule, . and United Nations, "Report of the
Special Rapporteur on the rights to freedom of peaceful
assembly and of association", 2019,
<https://undocs.org/A/HRC/41/41>.
ten Oever, et al. Expires October 18, 2021 [Page 31]
Internet-Draft FoA April 2021
[UNSRFOAA2012]
Maina Kiai, . and United Nations, "Report of the Special
Rapporteur on the rights to freedom of peaceful assembly
and of association", A/HRC/20/27", 2012,
<http://freeassembly.net/wp-content/uploads/2013/10/A-HRC-
20-27_en-annual-report-May-2012.pdf>.
[ViennaDeclaration]
United Nations, "Vienna Declaration and Programme of
Action", 1993,
<https://www.ohchr.org/en/professionalinterest/pages/
vienna.aspx>.
[Vu] Vu, Quang Hieu, ., Lupu, Mihai, ., and . Ooi, Beng Chin,
"Peer-to-Peer Computing: Principles and Applications",
2010, <https://www.springer.com/cn/book/9783642035135>.
[W3C] W3C, "Accessibility", 2015,
<https://www.w3.org/standards/webdesign/accessibility>.
12.2. URIs
[1] mailto:hrpc@ietf.org
[2] https://www.irtf.org/mailman/listinfo/hrpc
[3] https://www.irtf.org/mail-archive/web/hrpc/current/index.html
Authors' Addresses
Niels ten Oever
Univeristy of Amsterdam
EMail: mail@nielstenoever.net
Gisela Perez de Acha
Derechos Digitales
EMail: gisela@derechosdigitales.org
Stephane Couture
Universite de Montreal
EMail: stephane.couture@umontreal.ca
ten Oever, et al. Expires October 18, 2021 [Page 32]
Internet-Draft FoA April 2021
Mallory Knodel
Center for Democracy & Technology
EMail: mknodel@cdt.org
ten Oever, et al. Expires October 18, 2021 [Page 33]