Globalisation is well-rooted in the contemporary world order and has touched every aspect of human life. The present system is highly dependent on technologies that make it possible to connect across the globe. However, every comfort comes with certain disadvantages, and the adverse outcome of growing digitalisation, which is the very core of the present order, has been the rise of cyber threats and attacks. Though globalisation and digitalisation have become increasingly entwined, they also pose serious security threats to individuals, organisations, businesses, and states. To deal with such threats, governments often resort to state surveillance. Yet this raises debates, as surveillance intended for protection can lead to human rights violations.
This article examines the possible threats of cyberattacks and their encroachment upon human rights through surveillance. The growing state surveillance in both public and private spaces makes people’s privacy and data more vulnerable. For example, making the Aadhaar card mandatory across India exposes personal details to potential misuse, as such data is often leaked and easily available. This threatens not only individuals’ privacy but also secure digital platforms, clearly violating the rights to privacy and personal liberty. Not only that, at the national level, there have been reports of attempted thefts of sensitive data by adversarial foreign actors, which highlight the vulnerability of big data storage.
Global Attention on Cybersecurity and Privacy
Cybersecurity has become a pressing issue for the international community. The Geneva Convention of 16 September 2022 discussed the consequences of digital technologies on the right to privacy, which faces constant threats due to surveillance. The UN has also warned against restricting technologies in ways that violate international human rights standards.
A recent UN Human Rights Office report highlights three key concerns:
- The abuse of intrusive hacking tools (“spyware”) by state authorities.
- The crucial role of robust encryption in protecting human rights online.
- The impact of widespread monitoring of public spaces, both offline and online.
The encroachment of surveillance on privacy and liberty is severe and must be addressed. For instance, as the UN report highlights, tools such as the “Pegasus” spyware can turn smartphones into “24-hour surveillance devices”, giving ‘intruders’ access to personal data and even weaponising phones to spy on private lives. From the age-old saying that “walls have ears”, we have come to a point where it can be argued that our “mobile phones are ears” as well.
Surveillance is now way beyond merely gathering intelligence. The fact is that mobile devices track a user’s engagement through location data and related activities, and often, a company will serve advertisements based on a user’s search activity. One can do a simple search on the Internet for a product such as a study lamp, and, over the next two weeks, several study-lamp-related ads pop up on their social media feeds. It is obvious these companies are always tracking personal data, storing it, and monetising it. A user may find this harmless, and people do justify this as improving their experience as consumers. However, this type of surveillance is blurring the distinctions between convenience and intrusion, especially if a user were to experience the negative application of their personal data due to being a victim of cyber-attacks.
Spyware, Encryption, and Surveillance Abuse
Spyware tools are often justified as a means to combat terrorism and crime. However, their illegitimate use to target journalists, opposition political figures and human rights activists has raised serious concerns. The violation of personal rights needs quick measures to be adopted to address the spread of spyware, the report flags, with the UN report calling for halting the sale and use of hacking tools until safeguards to protect human rights are in place. The intrusion should be taken only if it is a last resort available to the authorities, and it should be limited strictly to investigating serious threats to national security or crime.
Nowadays, we see that encryption offers some protection for privacy, but it is not foolproof. The UN report notes increased surveillance linked to digital identity systems that collect biometric data for analysis and verification. While intended to ease identification, such systems are often misused, leading to violations of privacy, data protection, and even wealth security. The puts people’s right to communication also at risk as social media posts undergo constant analysis, and manipulated facts can easily be presented as truth. Surveillance of WhatsApp chats and social media activity has sometimes led to individuals being jailed merely for expressing opinions, thereby showing how surveillance can be repurposed for purposes far beyond its stated intent.
The UN recommends that states restrict surveillance to what is necessary and proportionate, with limits on both location and duration, so as to safeguard the human rights of the people. As such, biometric recognition systems in public should be tightly regulated, and stored data should be retained only for short periods. Governments must ensure that surveillance technologies do not themselves become threats to human rights. For example, China’s surveillance has often posed challenges to Indian security and privacy.
Digital Technology: Boon and Bane
Undoubtedly, digital technology has brought immense benefits to society, but the passive surveillance attached to it has made rights more vulnerable than ever. The Acting High Commissioner for Human Rights, Nada Al-Nashif, has expressed concern that privacy rights face unprecedented challenges more than ever before, which makes the adoption of adequate measures a timely requirement.
In today’s world, cyberattacks are more frequent, sophisticated and serious than in the past. The situation deteriorated even more after COVID-19, which resulted in millions of people taking their work, shopping and social life online. Realising how serious the matter is, the UN Security Council held its (second) ever informal meeting on cyber matters, organised by Estonia, and which included considerations of security and human rights. Government-imposed measures such as internet shutdowns in Crimea (2016), Ingushetia (2018), and Gaza (most recently) are examples of how fundamental rights are denied. Similarly, hacking of journalists’ and activists’ devices, frequently reported in Saudi Arabia and the UAE, represents a direct invasion of privacy.
For example, Emirati activist Ahmed Mansoor was imprisoned, and Saudi journalist Jamal Khashoggi was assassinated after their activities were tracked. Countries such as China and Vietnam often use cybersecurity as an excuse to exert greater control over the internet and restrict freedoms. International forums regularly assert that cyberspace must be open, free, stable, and governed by law, with respect to human rights. UN Secretary-General António Guterres has warned that “new technologies are too often used to violate rights,” largely due to weak cybersecurity measures. As such, given that cyber threats are a human rights concern violating the rights of people, it needs to be considered by the governments on an immediate basis and resolved with acceptable measures so as to safeguard people’s rights.
Conclusion
Globalisation and digitisation have opened up avenues for cyber threats. Cyber threats pose a unique challenge in terms of vulnerabilities to national/state/individual data and privacy protections. To highlight the threats, we should examine the nature of threat actors, and we should look for gaps and weaknesses outside of the protections that are already provided. We also need to spend more time examining the relationship between state surveillance and cyber vulnerabilities; we need to explore more about how cyberattacks are carried out, the nature of cyberattacks, and who they afford protection to. The best approach from here is to create broad approaches for limiting and reducing cyber threats and vulnerabilities, leverage some of the protections we already have, and protect human rights in the digital age.
