Report of the Office of the UN High Commissioner for Human Rights*| Human rights and technical standard-setting processes for new and emerging digital technologies

September 2023

View the original document

Resolutions and Declarations

General Assembly Distr.: General
18 September 2023
Original: English

Human Rights Council
Fifty-third session
19 June–14 July 2023
Agenda items 2 and 3
Annual report of the United Nations High Commissioner
for Human Rights and reports of the Office of the
High Commissioner and the Secretary-General


Promotion and protection of all human rights,
civil, political, economic, social and cultural rights,
including the right to development

Human rights and technical standard-setting processes for new and emerging digital technologies

Report of the Office of the United Nations High Commissioner for Human Rights*

Summary

The present report, submitted pursuant to Human Rights Council resolution 47/23, contains an analysis of the relationship between technical standard-setting processes and human rights. Following an overview of the technical standard-setting landscape, the report also contains a discussion of the relevance of technical standards for the enjoyment of human rights and an examination of the challenges to integrating human rights considerations into technical standard-setting processes. The report also presents approaches to addressing challenges and provides a set of recommendations for the effective integration of human rights considerations into technical standard-setting processes.

I. Introduction

1. The present report is submitted pursuant to Human Rights Council resolution 47/23, in which the Council requested the Office of the United Nations High Commissioner for Human Rights (OHCHR) to convene an expert consultation to discuss the relationship between human rights and technical standard-setting processes for new and emerging digital technologies and to submit a report thereon, reflecting discussions held in an inclusive and comprehensive manner, to the Council at its fifty-third session. The report reflects the outcomes of the expert consultation held in Geneva on 15 February 20231 and the responses received to the call for inputs issued by OHCHR.2

2. Terms such as HTTP, HTML, 4G and 5G, Wi-Fi, Bluetooth and JPEG3 represent only a tiny share of the thousands of standards that undergird the digital tools used every day. Starting up a computer and connecting it to the Internet rely on the interplay of hundreds of standards. The current networked digital landscape could not have emerged without technical standards. Open Internet protocols and related standards, largely developed and maintained through open multistakeholder processes, have been key to the success of the free and open global Internet, enabling innovations at breath-taking speed and scale, global real-time communication, unprecedented possibilities for free expression and access to information and the development of new business models and economic growth. Technical standards enable telecommunications networks to operate worldwide, billions of devices to seamlessly interact, music and videos to be played on varied devices and digital products to work across borders. In sum, technical standards shape how we exercise our economic, social, cultural, civil and political rights. Technical standards can facilitate or inhibit the exercise of rights, depending on their design. Diverse participation through all stages of decision-making about technical standards may lead to a better understanding of their impacts on people’s enjoyment of their human rights and, ultimately, to the adoption and use of technical standards that are more conducive to upholding human rights.

3. The report: provides a definition of technical standards and explains the roles of the actors involved in their development (sect. II); illustrates the breadth of human rights impacts of technical standards and outlines the duties and responsibilities of standard-setting organizations and their stakeholders, including States (sect. III); describes the obstacles to integrating human rights considerations into technical standard-setting (sect. IV); presents actions that can strengthen the ways that human rights can be promoted through standardsetting processes (sect. V); and summarizes the findings of the report and outlines key recommendations for the way forward (sect. VI). 


II. Technical standard-setting landscape


A. Definition of standards

4. The term “standard” refers to an agreed norm defining a way of doing something in a repeatable manner. Technical standards constitute a form of codified technical knowledge that enables the development of products and processes. While standards cover a broad range of products, services, processes and activities, for the purposes of the report, standards will refer to technical standards pertaining to new and emerging digital technologies.

5. Technical standards are typically adopted by consensus and compliance is usually voluntary.4 Standards nevertheless regularize and constrain behaviour (regulative function) because they provide the authoritative guidance necessary to participate competitively in the market. Sometimes, States mandate compliance with technical standards, in particular in the area of safety, or recognize standards conformity as evidence of lawful behaviour.5 Standards also have a normative function by effectively favouring cooperative strategies over adversarial ones6 and they are important for interoperability and in order to prevent users from being locked into the technology of a single company.7 Standard-setting organizations allow the broader technical community to scrutinize standard proposals for errors and security.8 Put very simply, standards “make things work, help innovations spread and facilitate efficient trade among provinces, countries, economic regions and the international community of nations”.9

6. The benefits of international standards for trade are recognized in the World Trade Organization (WTO) Agreement on Technical Barriers to Trade. To determine when a standard qualifies as an international standard that does not erect a trade barrier under the agreement, the WTO Committee on Technical Barriers to Trade has developed a set of principles for the development of international standards, guides and recommendations,10 which include transparency, openness, impartiality and consensus, effectiveness and relevance, coherence and consideration of the development dimension. While these are indeed important principles for standard-setting, the WTO concept of international standardsetting, effectively recognizing only the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC) and the International Telecommunication Union (ITU) as actors at the international level, has been criticized as being too narrow, excluding the majority of other international and national-level standardsetting organizations active in setting standards for digital technologies used across the globe.11

7. The technical standard-setting landscape is vast and varied, with a large constellation of actors.12 Standardization processes exist within national,13 regional14 and international standard-setting organizations.15 Although the report primarily focusses on standard-setting processes at the international level, many of the observations and recommendations are also relevant to regional and national bodies.

B. Constellation of actors in the standard-setting landscape

8. Among the largest and oldest standard-setting organizations, ISO, IEC and ITU develop standards for a vast field of digital technologies and applications. ITU plays a unique role given its status as a specialized agency of the United Nations.16 While States are the core members of ITU, companies, service providers, small and medium-sized enterprises, academic institutions and other organizations can participate under their own names, with limited rights, as sector members, associates or academia in ITU study groups that develop standards.17 ITU has three main areas of activities organized in sectors, among which the ITU Radiocommunication Sector (ITU-R) and the ITU Telecommunication Standardization Sector (ITU-T) develop technical standards (called recommendations) that are relevant for digital technologies. The Telecommunication Standardization Sector plays an important role in defining the access and transport technologies-related standards that underpin global communications networks.18

9. The International Electrotechnical Commission (IEC) develops standards for electrical and electronic technologies, such as fibre optics, cables and smart energy. The International Organization for Standardization (ISO) develops standards for all kinds of technologies beyond the scope of digital technologies, and thus covers a larger field, which includes standards that relate to matters such as e-commerce, robotic and smart transport systems.19 Both ISO and IEC are composed of national entities, one in each member country,20 which can be public or private bodies. These entities put forward expert members for the committees tasked with developing the various standards. ISO, IEC and ITU coordinate their activities through direct communications between concerned technical committees and through the management-led World Standards Cooperation.21

10. In addition to these international standard-setting organizations, a vast landscape of other standard-setting organizations with various focus areas and governance models has emerged, only a small number of which can be mentioned herein. Generally, many of these organizations are industry-driven and comprised of businesses or engineers with corporate backgrounds. While a number of organizations have a closed circle of participants, others, such as the Internet Engineering Task Force22 and the World Wide Web Consortium,23 operate with processes that are open to the general public.

11. The Internet Engineering Task Force is the largest forum dedicated to the development and maintenance of the technical standards for the Internet, which play a key role in ensuring interoperability and security of data flows. It is hosted and funded by the Internet Society, a global, non-profit, membership-based organization that supports the development of the Internet, operating through in-person and online meetings and activities. The standards are free for public use.

12. The Internet Engineering Task Force works closely with its sister organization, the Internet Research Task Force, which focuses on long-term research related to Internet protocols, applications, architecture and technology, and the Internet Architecture Board, which provides technical direction for the development of the Internet. The Internet Society also plays a key role in this area, hosting the administrative entity that supports the Internet Engineering Task Force, the Internet Architecture Board and the Internet Research Task Force.24

13. The World Wide Web Consortium is a membership-based organization that develops and maintains application layer standards for the World Wide Web, such as HTML and CSS (cascading style sheets), which are free for use by anyone. 

14. The Institute of Electrical and Electronic Engineers is a non-profit professional association which, among its main activities, produces standards that underpin telecommunications, information technology, consumer electronics, wireless communications and power-generation products and services.25 

15. The Third Generation Partnership Project is a collaborative project between seven regional and national standards developing organizations26 that develops specifications for mobile telecommunication networks, including 5G.

16. While not narrowly defined as a standard-setting organization, the Internet Corporation for Assigned Names and Numbers is a key player in the context of Internet governance as it relates to the development of standards. It is a global not-for-profit publicbenefit corporation that is responsible for the technical operations of domain name systems (DNS) resources and coordinates policy development related to the Internet system of unique identifiers, using a multistakeholder model.27 In its policy development, the Internet Corporation for Assigned Names and Numbers often takes into account the standards of domain name systems developed by the Internet Engineering Task Force.

III. Relevance of technical standards for the enjoyment of human rights

A. Human rights impacts

17. Technical standards reflect the interests, values and concerns of those participating in their development.28 Many of the decisions made in the development process have crucial ramifications for human rights. While design decisions can lead to technical solutions that facilitate human rights violations and abuses, they can also lay the foundations for the widespread adoption of technologies that effectively enhance and enable the exercise of human rights. Certain standards have characteristics that may be both beneficial and restrictive for certain rights, depending on how they are implemented. The following illustrates some ways in which technical standards can contribute to beneficial or adverse impacts. 

18. Many standards define processes and actions that directly respond to certain human rights-related concerns. This includes, for example, standards that are designed to enhance privacy-protections through organizational measures, such as the ISO standard establishing high-level requirements for privacy by design throughout the lifecycle of a consumer product (ISO 31700-1:2023)29 and the ISO/IEC standard on organizational privacy risk management specifically addressing individual privacy harms (ISO/IEC 27557:2022).30 Other standards are aimed at improving the accessibility of websites, digital technologies and digital services for persons with disabilities. The World Wide Web Consortium and ITU, for example, have developed a range of influential accessibility standards.31 

19. In 2015, the Internet Engineering Task Force introduced an error code “unavailable for legal reasons” (http status code 451), an indicator of website takedowns or of blocking for legal reasons.32 The protocol seeks to increase transparency regarding incidents of content blocking to comply with legal demands by Governments and private parties. It thus enables individuals and the public to better understand legal interventions in the availability of Internet resources and enhances access to remedies against unlawful acts of censorship and accountability.

20. Increasingly, standard-setting organizations also work on standards addressing the shortcomings of systems of artificial intelligence that may affect human rights, such as embedded biases that lead to or facilitate discriminatory outcomes. For example, the Institute of Electrical and Electronic Engineers has a standard (IEEE standard P7003) that includes specific methodologies to address and eliminate issues of bias in algorithms.33 

21. Other organizations address broader human rights-related issues, covering business operations more generally. For example, the ISO guidance on social responsibility (ISO 26000:2010)34 provides recommendations and tools that enable companies and organizations to shape their operations in ways that enhance positive impacts on society and the environment while minimizing harms.35 

22. Standards that define the technical features necessary for the functioning of digital infrastructure can have particular relevance for human rights, as experiences with Internetrelated protocols such as domain name systems, the Transmission Control Protocol and HTTP have shown. 

23. These protocols are foundational for data communications on the Internet and the World Wide Web, providing the basis, for example, for online banking, e-health, social media, cloud data storage and the functioning of many devices constituting the so-called Internet of things. The protocols enable rights that are exercised online, including the rights to freedom of expression, freedom of association and peaceful assembly and to take part in the conduct of public affairs. The properties of these protocols, however, also enable a variety of interferences with human rights: the Domain Name System is designed in a way that makes it one of the central entry points for blocking access to websites and services,36 enabling the undermining of a range of rights.37 The Protocol on the Domain Name System, the Transmission Control Protocol and the HTTP Protocol do not inherently include encryption properties, thus enabling interference, such as traffic interception and traffic manipulation, with may have adverse impacts on many rights. Firstly, intercepting traffic can interfere with the right to privacy. For example, weaknesses in the Transmission Control Protocol and the HTTP Protocol have contributed to the emergence of mass surveillance programmes that systematically undermine the right to privacy38 and facilitate targeted surveillance by State and non-State actors. They also impact, directly or indirectly, other rights, such as freedom of expression (for example, when traffic is intercepted to identify dissidents or because of chilling effects due to surveillance),39 rights to a fair trial and to liberty (for example, when evidence gathered unlawfully through communications interception is used in court and leads to imprisonment) and the right to security (for example, if intercepted traffic is used by a stalker to harass and threaten victims). Lack of encryption properties in Transmission Control Protocol and HTTPS also enables traffic manipulation attacks, allowing intruders to take control of affected devices and networks. 

24. Over the past decade, partly in reaction to an increase in security incidents and revelations of mass data interception, there has been a strong push towards the encryption of Internet traffic and new protocols, integrating or improving encryption features, have emerged.40 The large majority of web services have started using HyperText Transfer Protocol Secure (HTTPS), a version of the HyperText Transfer Protocol (HTTP), which encrypts data through the Transmission Control Protocol.41 These developments contributed to vastly enhanced security online, increasing trust in and the reliability of Internet connections, with considerable beneficial effects on human rights, including privacy, security, non-discrimination and rights that are enabled by accessing digital services, such as financial, health and education services. However, law enforcement agencies have argued that the shift to encryption undermines their ability to investigate and prevent crime. An in-depth analysis of this challenge can be found in reports of OHCHR and the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression.42

25. Recent Internet-related proposals show how standardization, depending on its content, can turn into a standard for systematically undermining the rights-enabling properties of technologies. They include the introduction of backdoors, requirements for permanent device identifiers immutably stored through decentralized ledger technology, as well as by expanding the information in packet headers, which would be accessible to Internet service providers and others, to include information about packet content. These approaches not only weaken the security of communications and enable the pervasive tracking of Internet users and their transactions, but also enable censorship by facilitating shutting off specific devices, servers and data flows.43

B. Human rights obligations of States and responsibilities of other relevant actors 

26. Standard-setting processes and the content and implementation of standards are shaped by a variety of actors, most importantly States, businesses and standard-setting organizations. Under international human rights law, they have a range of obligations and responsibilities.

27. States have obligations to respect, protect and fulfil human rights,44 which apply to their involvement in standard-setting. When engaging in standard-setting processes, States must fully comply with their obligations under international human rights law. For example, standards that would likely lead to arbitrary interferences with the right to privacy must not be proposed or supported by States. In addition, when contributing to standard-setting processes, States should take necessary steps, in good faith and meaningful fashion, to actively promote human rights and ensure that their proposals are in compliance with international human rights law. States should identify any potential conflict between their obligations under international human rights law and possible outcomes of standard-setting processes and refrain from adopting such standards where a conflict is found to exist, as required under the principle of the binding character of treaties. Should the outcome of standard-setting process be incompatible with international human rights law, States have the obligation to disregard it. 

28. The obligation to respect and protect also means that States should not, through legislative or other measures, require the private sector to apply standards the implementation of which would undermine human rights.45 Moreover, when setting legal or regulatory frameworks for national standard-setting processes (in particular for recognized national standard-setting organizations), such frameworks must be human rights-compliant, for example by ensuring transparency and accountability and by including the participation of a broad range of stakeholders.46 Furthermore, the duty to protect entails a positive duty to adopt mandatory human rights due diligence legislation as part of the smart mix of measures to foster business respect for human rights, requiring business entities to exercise human rights due diligence.47 

29. The duty of States under international human rights law are also relevant for the (de facto) delegation of regulatory functions to standard-setting organizations, for example through legislation that leaves it up to such organizations to specify requirements set out in laws or regulations.48 Such delegation raises important questions concerning democratic legitimacy and the rule of law and can mean that critical decisions affecting the exercise of human rights are left to standard-setting organizations rather than States entities. This makes it particularly important to ensure utmost transparency, including free public access to all relevant documentation and adopted standards, and meaningful access for all stakeholders in standard-setting processes, including the availability of meaningful accountability mechanisms, such as judicial review.49 The delegation of regulatory functions by States to standard-setting organizations does not absolve States of their obligations under international human rights law.

30. Under the Guiding Principles on Business and Human Rights: Implementing the United Nations “Protect, Respect and Remedy” Framework, businesses have a responsibility to respect all internationally recognized human rights, meaning that they should avoid infringing on the human rights of others and address adverse human rights impacts stemming from or linked to their business activities.50 Pillar II of the Guiding Principles on Business and Human Rights provides an authoritative blueprint for all enterprises, regardless of their size, sector, operational context, ownership or structure, for preventing and addressing adverse human rights impacts. The responsibility to respect applies throughout a company’s activities and business relationships and regardless of where affected people are located.51 In other words, the responsibilities of businesses extend to their participation in standard development. This conclusion is supported by the commentary to Guiding Principle 16, which specifically spells out the need for businesses to consider human rights as part of their public policy engagement.52 

31. Meeting the responsibility to respect requires that businesses: (a) avoid causing or contributing to adverse human rights impacts through their own activities and address such impacts when they occur; and (b) seek to prevent or mitigate adverse human rights impacts directly linked to their operations, products or services by their business relationships, even if they have not contributed to those impacts.53 The main instrument for ensuring that companies meet these responsibilities is human rights due diligence, the aim of which is to identify, assess, prevent, mitigate and account for adverse impacts on human rights that an entity may cause, contribute to or be directly linked to. Assessing human rights impacts is an essential element of human rights due diligence, for example, through conducting human rights impact assessments.54 Moreover, human rights due diligence requires meaningful engagement with diverse stakeholders, including with potentially affected rights holders and civil society. Experts with interdisciplinary skills should be involved in impact assessments, including in the development and evaluation of mitigation efforts.55 The results of human rights impact assessments and actions taken to address human rights risks and public consultations should be made public.56 

32. Businesses should thus carefully consider how proposed standards to which they are contributing would cause or contribute to adverse human rights impacts.57 If adverse impacts are possible, or likely, they should take steps to respect human rights as described above. The above Guiding Principles demonstrate the key importance of transparency and ongoing meaningful stakeholder engagement in developing technical standards. Businesses should also apply these principles when implementing technical standards.

33. Standard-setting organizations themselves have a responsibility to avoid that the standards developed under their auspices facilitate human rights violations and abuses. For business consortium and standard-setting organizations more broadly, which act as businesses, such responsibilities flow directly from the Guiding Principles on Business and Human Rights and are the same as those described above. 

34. Given the role of ITU in technical standards processes and their implementation, it is worth noting that States, as members of ITU, are key contributors to its standard-setting processes and that ITU standards can only be adopted with consensus among its member States. As noted, States themselves must act in compliance with their human rights obligations, a requirement that also applies to their actions within the ITU framework. They are obliged to create and support policies and practices that uphold human rights.58 The centrality of human rights in addressing the growing challenges of the digital age has been emphasized in recent reports59 and resolutions,60 including by ITU itself, which, in its strategic plan for 2020–2023, recognized “the overarching pre-eminence of human rights”.61 Furthermore, the promotion and protection of all human rights lie at the core of the United Nations, defining one of its main purposes. The Vienna Declaration and Programme of Action underscores that human rights “must be considered as a priority objective of the United Nations”, mentioning particularly the role of the organs and the specialized agencies.


IV. Challenges to integrating human rights considerations in technical standard-setting processes

35. Despite the potential and real impacts of technical standards on the enjoyment of human rights, human rights considerations often play only a minor role in technical standardsetting processes. The resulting standards thus may at times facilitate human rights violations and abuses or fail to make the most of an opportunity to promote human rights. A range of factors contribute to those outcomes. 


A. Lack of expertise and capacity of standard-setting organizations and resistance to human rights integration

36. Typically, standard-setting organizations and their traditional stakeholders focus on technical aspects of standard-development, with limited consideration of other aspects that standards may touch upon. Participants generally have engineering, computer science and natural science backgrounds, with an underrepresentation of human rights expertise or other fields, such as social sciences at large, constitutional law, ethics and risk management.62

37. Moreover, most standard-setting organizations have not made clear commitments to put human rights at the core of their activities; there is a lack of human rights staff dedicated to standards work; human rights analysis and impact assessments are exceptions; and the systematic monitoring of the human rights impacts of standards, once adopted, is not taking place. 

38. Some standard-setting organizations and stakeholders appear to oppose to the integration of human rights considerations into standard-setting processes for different reasons. In some cases, such opposition appears to be motivated by self-interest that runs counter to human rights.63 Some standard-setting organizations and stakeholders argue that standards are not political and hence need not include space for human rights considerations. There is also a prevalent perception that including human rights considerations would hinder efficient, speedy standard development and implementation processes, as it would require building new expertise and the participation of more actors. Some businesses argue that human rights compliant technical standards may raise the cost of innovation, development, production and operation of new products and services.

39. There is growing awareness of the importance of human rights among standard-setting organizations and other bodies active in standard-setting processes. For example: the Internet Research Task Force hosts a Human Rights Protocol Considerations Research Group;64 the Institute of Electrical and Electronic Engineers has adopted ethically aligned design principles for autonomous and intelligent systems that have elevated respect for human rights as their core principle;65 and the ethical web principles of the World Wide Web Consortium Technical Architecture Group emphasize that internationally recognized human rights need to be placed at the core of the web platform.66 The participation of representatives of standard-setting organizations, such as ITU, ISO and IEC, along with experts from the Internet Engineering Task Force and the Internet Architecture Board, in recent human rightsfocused discussions signals increasing willingness to strengthen their engagement.67 Finally, 54 States members of ITU have recently called for a human rights-based approach to technical standard-setting processes, including at ITU.68

B. Transparency and participation gaps

40. Many obstacles to the integration of human rights are intimately linked to the limited scope of inputs that feed into technical standards. Participants in standard-setting processes overall lack diversity in terms of thematic expertise, cultural, professional, institutional, socioeconomic backgrounds, geographical representation and gender. Processes are often opaque and complicated, while frequently failing to seek or accept meaningful public inputs. Participation from stakeholders has not reached a level that reflects the range of knowledge available or the multiple varied impacts potentially experienced by various constituents once standards are implemented.

41. For example, according to Internet Engineering Task Force data presented in 2021,69 participants at its meetings were predominantly from the United States of America (38.9 per cent), followed by China (9.7 per cent), Germany (7.2 per cent), the United Kingdom of Great Britain and Northern Ireland (4.8 per cent), Japan (3.9 per cent), Canada (3.6 per cent ), India (3.4 per cent) and France (2.9 per cent ). The World Wide Web Consortium does not collect data about participants at its meetings, but data about geographical representation in several of their representative bodies paint a similar picture. While geographical representation has shifted over the years to include a growing number of people from the Asia-Pacific region, there were no people from Africa or from Central and South America represented in any of the bodies for which the World Wide Web Consortium releases data.70 

42. Such gaps mirror power and resource disparities within and between societies. Participants in many standard-setting processes have overwhelmingly corporate backgrounds, strongly skewed towards representatives of large companies from a handful of high- and middle-income countries that have the resources to fund participation in hundreds of parallel multi-year standard-setting processes. For others, such as civil society organizations, researchers and even small and medium-sized enterprises, consistently participating in even a single process can be challenging.71

43. Costs are among the main barriers facing participants, including membership and registration fees,72 and travel costs for lengthy meetings, often for many weeks every year.73 Moreover, many organizations must hire experts to represent them at meetings of standardsetting organizations, which is also costly.

44. Relatedly, the lack of access to working documents, proposed and adopted standards, meeting minutes, participant lists and correspondence limits the public’s understanding of the rationale behind the adopted approaches and the interests at play, thereby impeding the meaningful participation of civil society in standard-setting processes and limiting opportunities for public input, public oversight and accountability.

45. Restrictive requirements for participation in some standard-setting organizations can hinder civil society groups and smaller businesses from presenting their perspectives in such processes. ISO and IEC allow only one member organization per country. This means that other stakeholders must go through their domestic standards bodies to be either nominated as experts or to make comments on ongoing standard-setting processes. While ITU technically allows broader membership, in practice, only a few civil society organizations are on the study group membership lists of the ITU Telecommunication Standardization Sector. One major obstacle is that States may object to the membership of specific non-State stakeholders.74 Moreover, applicable procedural rules and practices favour member States, limiting the impact of non-State participants. At ITU, to work around membership-related obstacles, several organizations and experts have become members of State delegations. However, such models become untenable when the objectives of civil society members and State collide.

46. The predominance of the English language in international standard-setting environments is another significant hurdle to meaningful, widespread participation.75 Contributing to standards requires a level of proficiency in English that allows for active participation in highly complex technical discussions, both orally and in writing. 76 This effectively excludes a broad range of stakeholders.

47. Furthermore, the prevailing operating cultures of standard-setting organizations can be discouraging and exclusionary. A study of human rights advocacy at the Internet Engineering Task Force described a culture of “rugged masculinity” with exclusionary effects on women and participants from the Global South, as well as on human rights advocates at large.77 Several submissions to the present report highlighted similar problems, with one pointing out that self-appointed gatekeepers in some standard-setting organizations determine who may or who may not be regarded as legitimate participants.78

48. The lack of equal gender representation in standard-setting processes is of particular concern. As consistently pointed out in the consultations informing the report, the vast majority of participants in standard-setting processes are men. For example, in 2022, 7 of 11 members of the Advisory Board of the World Wide Web Consortium and 66 per cent of its management were men. It is difficult to find reliable data on the scale of the problem, largely because standard-setting organizations do not systematically collect disaggregated data on the gender of participants. One credible estimate puts the share of women’s participation at the Internet Engineering Task Force at 15 per cent.79 In 2022 and 2023, women constituted 27 per cent of the participants in ITU Telecommunication Standardization Sector study groups.80 

V. Addressing the challenges 

49. Overcoming these challenges requires combining the efforts of Governments, standard-setting organizations, their participants and the representatives of companies and civil society towards a shift in the culture of standard-setting organizations themselves. Technical standard-setting should not be understood as merely a technical matter but rather as being embedded in complex social, cultural, economic and political fabrics; impacts on societies, communities and individuals need to be guiding themes of standards development. It is fundamental to put people and their human rights, rather than interests of developers of technology or company profits, at the centre of such processes.81 While, notably, the Internet Architecture Board and the World Wide Web Consortium have made this priority a guiding principle of their work,82 upholding human rights within and through standard-setting cannot stop there. It requires that standard-setting organizations fully commit to the application of international human rights law, standards and principles, using human rights methodologies, and to being accountable for implementing that commitment.

A. Standard-setting organizations 

1. Human rights due diligence 

50. A starting point for standard-setting organizations should be high-level recognition of their responsibility to respect human rights through a statement of commitment that stipulates the human rights expectations of personnel, members and participants in standard-setting processes.83 This should also be reflected in operational policies and procedures across the organizations.84

51. Conducting human rights due diligence is essential for identifying, preventing, mitigating and accounting for adverse impacts on human rights.85 Mandatory procedures should identify and assess the potential impacts of standards on the exercise of human rights. Different models can inspire the development of such assessment mechanisms. For example, many companies have carried out human rights impact assessments for years, in line with the Guiding Principles on Business and Human Rights.86 The United Nations is in the process of adopting its own framework for human rights due diligence and human rights impact assessments in the context of the use of new technologies.87 The “harms, misuse and abuse assessment” of the Coalition for Content Provenance and Authenticity provides an example of due diligence that can inspire other standard-setting organizations regarding both the process of its development and its content.88

52. Organization-wide human rights-focused reviews are necessary to achieve consistent support of human rights. The World Wide Web Consortium, for example, conducts reviews that cut across many working groups and technical standards, focusing on topics such as privacy, security and accessibility. The reviews involve soliciting feedback from diverse stakeholders, implementers, experts and the general public. Such cross-cutting processes are particularly important where standards may differ in their human rights impacts, but, combined, may result in significant constraints.89 Establishing screening mechanisms to proactively identify standard-setting processes that might entail a high risk for human rights would greatly improve the integration of human rights in standard-setting organizations.90 Informational documents, questionnaires and checklists can also be important tools for mainstreaming human rights considerations across organizations.91

53. The responsibilities of standard-setting organizations do not end with the adoption of standards, the organizations should also actively support their implementation in a rightsrespecting manner. Monitoring the real-life impacts of technical standards on human rights, once implemented, would be an invaluable source of information for future standard-setting processes and would also be essential for identifying where standards may need to be amended. Mechanisms for appealing outputs, outcomes or other decisions that fall short of the human rights commitments of standard-setting organizations are also needed. While there are currently no examples of this kind of structure in standard-setting organizations, the Internet Corporation for Assigned Names and Numbers Global Public Interest Framework could be a model for the development of such mechanisms.92

54. Recruiting and/or drawing on existing staff with human rights expertise could support the efforts of standard-setting organizations to build their work on stronger human rightsbased foundations. Such staff could, for example, help with the review processes described above and could support the monitoring of the implementation of standards in practice. Staff could also serve as advisers for standards-developing committees and contribute more generally to mainstreaming human rights across the organizations.

2. Effective access to information and inclusive participation 

55. Human rights-respecting standard-setting processes must ensure transparency, openness and inclusiveness. These principles enable standard-setting organizations to consider their proposals from a broader perspective, with a view to minimizing negative sideeffects, and ensure that the interests of affected stakeholders are recognized and are taken into account.

56. Key information about standard-setting processes, including working documents, standards under development and information on all participants, meeting minutes and written communications, should be readily available to enable the public to understand the processes and key problems associated with specific proposals and adopted standards, the reasoning behind the chosen approaches and the interests at play. Access to such information also provides an opportunity for public oversight and accountability. Researchers can use such information to better understand the work and impacts of specific standard-setting organizations, as well as standards more generally. Standard-setting organizations such as the Internet Engineering Task Force and the World Wide Web Consortium have been at the forefront of such efforts to ensure transparency for a number of years.

57. Standard-setting processes, while focused on technological aspects, gain in depth and sustainability when they are not only multidisciplinary but are also built on multistakeholder participation. The guidelines for States on the effective implementation of the right to participate in public affairs specifically stipulate, in relation to meetings of international organizations, mechanisms and other forums, that the participation of civil society actors, at all relevant stages of a decision-making process, should be allowed and proactively encouraged.93 In line with the guidelines, standard-setting organizations should ensure that their policies minimize barriers to participation by civil society organizations, academic institutions and other stakeholders and should take active steps to facilitate participation. ITU, for example, should consider reassessing its model of participation, which, inter alia, allows member States to object to the participation of civil society groups based in their territory. It is of vital importance that standard-setting organizations continue and further strengthen their efforts to increase participation from the Global South, including through awareness-raising and capacity-building.94

58. Addressing resource constraints, a related priority, can be achieved by reducing or dropping fees or granting fee waivers and providing travel and other funds to underfunded stakeholders in order to promote inclusivity.

59. A particular focus should be placed on promoting equal gender representation in standard-setting processes and the gender responsiveness of standards.95 The Declaration on Gender-Responsive Standards and Standards Development adopted by the Economic Commission for Europe96 outlines key actions to this effect. This includes the need to proactively create and maintain cultures free from misogyny and discrimination. Standardsetting organizations should develop codes of conduct and effectively enforce them. Ombudspersons or other dedicated focal points that hear victims of discrimination and abuse, investigate incidents and sanction perpetrators are indispensable for creating an enabling environment. 

60. Standard-setting organizations should also collect and publish data about gender, geographic origin, the institutional background of participants in their committees and/or management bodies.97 Such data facilitates accurate assessments of gaps in representation, where to focus resources and success in addressing inclusion failures.

61. Proactively seeking inputs from the public is important for broadening the basis of information that should inform processes of developing standards. Many standard-setting organizations have already built public consultations into their standard-setting processes, for example, by inviting the submission of written comments. However, such consultations are often little known and sometimes impose unrealistic time frames. Standard-setting organizations could improve the situation by proactively reaching out to relevant experts and those affected by the technology.

62. When standard-setting organizations limit membership to single national entities, mirror committees can be a vital forum for all stakeholders to participate in the elaboration of national positions, provided they are established in line with the principles of transparency, openness and inclusiveness.98 

B. Participants in standard-setting processes

63. Participants in working groups and committees driving the development of standards for particular technologies have a paramount role in aligning standards with human rights. In input of companies is also crucial in this regard, from the negotiation of standards to their adoption and implementation. In addition to their responsibility to respect human rights,99 companies are also often in the best position to advance the integration of human rights in standard-setting processes. Companies have greater resources than other stakeholders and have access to technical expertise. Further, companies are at the heart of the implementation of standards once adopted, which gives them greater leverage in negotiations. In addition, many companies can rely on existing capacities and experiences in the field of business and human rights.

64. There are many good examples of companies implementing the Guiding Principles on Business and Human Rights in meaningful ways, including in standard-setting processes where companies have, at times, been at the forefront of upholding human rights.100 However, based on consultations for the report, proactive engagement on the part of companies needs to improve. In particular, more companies should apply a human rights lens when approaching standard-setting and standards implementation. To avoid the duplication of work while enhancing their positive impact, companies can share resources. For example, to some extent, impact assessments, information gathering and engagement with affected groups and stakeholders can be coordinated and carried out together.

65. Progress will also depend on the ability of better-resourced and influential actors in standard-setting processes to bridge internal silos. Too often, States and companies leave the development of standards to technical experts rather than integrating already existing internal human rights capacity into their delegations, missing crucial opportunities to contribute to human rights-respecting outcomes. 

VI. Conclusions and recommendations 

66. The present report addresses the multifaceted relationship between human rights and technical standards for digital technologies, highlighting the range of impacts, both positive and negative, that technical standards have on the exercise of human rights. While technical standards can create conditions conducive to the exercise of human rights, they can also enable rights violations and abuses. Further, they may be an obstacle to more inclusive and empowering technologies. Acknowledging that technical standards are not deterministic, in the sense that human rights can simply be hard-coded into such standards, there can be no doubt that making human rights considerations an integral part of standard-setting processes, in terms of inclusive participatory processes and assessing human rights impacts more systematically, would be an important step forward in ensuring the upholding and strengthening of human rights in the digital age.

67. Despite encouraging examples, the analysis revealed a multitude of shortcomings with regard to the integration of human rights into standard-setting processes. Standard-setting processes reflect power and resource disparities that shape the digital technology sector at large, benefitting large companies and the Governments of highincome countries. In many standard-setting organizations, participation by civil society actors is extremely limited, leading to outcomes that neglect important perspectives. Resource constraints create barriers to participation of representatives from the Global South, members of marginalized communities, civil society organizations and small and medium-sized enterprises. Moreover, a male-dominated culture disadvantages women and LGBTIQ+ people and a widespread attitude that regards technology, and thus its underlying standards, as neutral and focuses on technological expertise to the detriment of other skill sets, makes it difficult for experts with backgrounds in social sciences, human rights or ethics to be accepted as legitimate contributors. This in turn undermines the consistent integration of human rights into standard-setting processes.

68. There is no simple solution to these complex challenges.101 Rather, sustained multidimensional efforts by standard-setting organizations and all stakeholders are needed. Such efforts must put human rights front and centre and must ensure that standard-setting processes rest on multistakeholder principles and become as transparent, open and inclusive as possible. While some standard-setting organizations have recognized the need for such actions and have initiated valuable programmes to overcome gaps, more efforts are needed. To support such efforts, OHCHR is initiating a project on technical standard-setting to contribute to the implementation of the recommendations set out below. OHCHR looks forward to the active engagement of standard-setting organizations, States and civil society in the project and encourages their support for its aims. OHCHR stands ready to assess existing processes, to advise on efforts to integrate human rights into standard-setting processes and to provide the Council with updates on the project and standard-setting related developments at large. It is recommended that the Council remain seized of the matter.

69. In the light of the above, the High Commissioner recommends that Member States:

(a) Refrain from and prevent the development of standards that could foreseeably facilitate human rights violations and abuses when participating in standard-setting processes; conduct meaningful consultations with all stakeholders to gain a comprehensive picture of the issues at stake and possible solutions; and include human rights experts and experts in technical subject matters in their delegations;

(b) Ensure that national, recognized standard-setting organizations are open, transparent and inclusive and that they uniformly apply the standards set out in paragraph 70 below;

(c) Ensure, in delegating regulatory functions to standard-setting organizations: that such delegation is carried out in compliance with the human rights obligations of States and that such delegation does not put the enjoyment of human rights at risk, bearing in mind that their human rights obligations are not transferable; that all stakeholders can meaningfully participate throughout standard-developing processes, which may include providing funds to underresourced entities and individuals wishing to participate and facilitating inputs from the public; and that that human rights considerations, in addition to other aspects, such as safety, efficiency and technological soundness, are adequately integrated into legally mandated processes; (d) Provide assistance and support to civil society to develop capacity to meaningfully and independently participate in standard-setting processes.

70. The High Commissioner recommends that standard-setting organizations:

(a) Review their operations in order to assess how they affect the enjoyment of human rights; and identify possible shortcomings and take meaningful action to improve the integration of human rights considerations into their practices, in line with the Guiding Principles on Business and Human Rights;

(b) Adopt policy commitments to respect human rights throughout their operations, to be reflected in operational policies and procedures and paired with the establishment of accountability mechanisms;

(c) Put in place adequate human rights due diligence processes in order to identify, prevent, mitigate and account for adverse human rights impacts, including assessing actual and potential human rights impacts, integrating and acting upon findings, tracking responses and communicating how impacts are addressed; consider, in particular, establishing organization-wide screening mechanisms to identify, from the get-go, standard-setting processes posing a high risk to the exercise of human rights; monitor the human rights impacts of their standards throughout implementation; and mitigate adverse human rights impacts and provide remedy where harm has occurred;

(d) Make standard-setting processes as transparent, open and inclusive as possible, ensuring that all relevant documentation is free and publicly available, including working documents, standards under development, information on all participants, meeting minutes and written communications; adopt standards consensually and publish them for general use, ideally without fees; and, when participation in international standard-setting organizations, such as ISO and IEC, is limited to single national entities, apply the same principles to the process for the development of their positions, for example in mirror committees;

(e) Take proactive steps to facilitate and increase participation by women, experts and stakeholders from underrepresented backgrounds, including from the Global South; and address the critical issue of resource inequity by reducing or dropping fees or granting fee waivers and providing travel funds, as well as by adopting or revising and enforcing codes of conduct and developing mentoring and onboarding programmes;

(f) Carry out effective public consultations and outreach to experts, groups and individuals who may be affected by specific standards as part of standarddevelopment processes;

(g) Collect and publish data about participation patterns in their standardsetting processes, including on gender, geographical origin, stakeholder groups of participants and other relevant information in order to assess inclusiveness.

71. The High Commissioner recommends that businesses:

(a) Fully meet their responsibility to respect human rights and strive for coherence of their engagement in standard-setting processes and their commitment to human rights when participating in standard developing processes;

(b) Conduct human rights due diligence regarding their participation in standard-setting processes and the resulting standards, including by carrying out adequate human rights impact assessments and meaningful engagement with potentially affected stakeholders; refrain from proposing or supporting standards that could be the basis for or facilitate human rights violations and abuses; and use their leverage to prevent or mitigate adverse impacts that decisions about the design of certain standards may incur;

(c) Implement technical standards in the most human rights-respecting way possible.

72. The High Commissioner encourages civil society:

(a) To expand understanding and capacity necessary to enhance participation in standard-setting processes;

(b) To establish mechanisms for information-sharing about ongoing and forthcoming standard-setting processes of relevance to the exercise of human rights.


  1. See https://www.ohchr.org/en/events/events/2023/ohchr-consultation-human-rights-and-technicalstandard-setting. ↩︎
  2. The call for inputs and responses received are available at https://www.ohchr.org/en/calls-forinput/2023/call-inputs-relationship-between-human-rights-and-technical-standard-setting. ↩︎
  3. HTTP: HyperText Transfer Protocol; HTML: HyperText Markup Language; 4G and 5G: fourth and
    fifth generations of broadband cellular network technology; Wi-Fi: wireless network protocol; ↩︎
  4. World Trade Organization (WTO), document S/WPDR/W/49, para. 14. ↩︎
  5. Human Rights Committee, general comment No. 31 (2004), para. 8. ↩︎
  6. Panagiotis Delimatsis, “‘Relevant international standards’ and ‘recognized standardization bodies’
    under the TBT [Agreement to Technical Barriers to Trade] Agreement”, in The Law, Economics and
    Politics of International Standardisation (Cambridge University Press, 2015). ↩︎
  7. See https://doi.org/10.1093/oso/9780198841524.003.0001, p. 6 ↩︎
  8. Ibid ↩︎
  9. Girard, Michel, “Global standards for digital cooperation”, Centre for International Governance
    Innovation, October 2019 (see https://www.cigionline.org/articles/global-standards-digitalcooperation/) ↩︎
  10. WTO document G/TBT/9, annex 4. ↩︎
  11. See https://issuu.com/ictsd/docs/e15_trade_and_innovation_-_karacha; and Panagiotis Delimatsis,
    “‘Relevant international standards’ and ‘recognized standardization bodies’ under the TBT
    Agreement”. ↩︎
  12. For a detailed overview of standard-setting organizations, see A/HRC/35/22/Add.4. ↩︎
  13. List of members of ISO available at https://www.iso.org/members.html. ↩︎
  14. See European Committee for Standardization, European Committee for Electrotechnical
    Standardization, European Telecommunications Standards Institute, Caribbean Regional Organization
    for Standards and Quality, Pacific Area Standards Congress, Pan American Standards Commission,
    African Organization for Standardization and Arab Industrial Development and Mining Organization. ↩︎
  15. Consortiuminfo.org (https://www.consortiuminfo.org/) provides a non-exhaustive overview of
    standard-setting organizations working on digital topics. ↩︎
  16. The Constitution and Convention of ITU is the treaty that establishes the legal basis and defines the
    purpose and structure of the organization (see
    https://www.itu.int/en/history/Pages/ConstitutionAndConvention.aspx). ITU became a specialized
    agency through the Agreement between the United Nations and the International Communication
    Union, concluded in 1947. ↩︎
  17. Membership rights depend on membership class, with States having the broadest range of rights,
    including the exclusive right to vote (see https://www.itu.int/hub/membership/become-amember/member-terms-conditions/). ↩︎
  18. See https://www.itu.int/en/mediacentre/backgrounders/Pages/itu-t-setting-the-standard.aspx ↩︎
  19. See https://www.diplomacy.edu/wp-content/uploads/2022/02/Digital-standards-ARIN-region-EN.pdf,
    p. 7 ↩︎
  20. In the case of ISO, member entities are the recognized national standards bodies
    (https://www.iso.org/members.html) and in the case of IEC the so-called national IEC committees
    (https://www.iec.ch/national-committees#nclist). ↩︎
  21. See https://www.worldstandardscooperation.org/. ↩︎
  22. See https://www.ietf.org/about/introduction/. ↩︎
  23. See https://www.w3.org/. ↩︎
  24. See https://www.rfc-editor.org/rfc/rfc8712.html. ↩︎
  25. See https://www.ieee.org/about/at-a-glance.html. ↩︎
  26. See https://www.3gpp.org/ftp/Information/Working_Procedures/3GPP_WP.htm#Article_10. ↩︎
  27. See https://www.icann.org/policy. ↩︎
  28. A/HRC/35/22/Add.4, para. 25; see also https://doi.org/10.1177/14614448231152546. ↩︎
  29. See ISO standard 31700-1:2023 (https://www.iso.org/standard/84977.html). ↩︎
  30. See ISO/IEC standard 27557:2022 (https://www.iso.org/standard/71675.html). ↩︎
  31. See https://www.w3.org/WAI/ and https://www.itu.int/en/ITU-T/accessibility/Pages/default.aspx. ↩︎
  32. See https://datatracker.ietf.org/doc/rfc7725/. ↩︎
  33. See https://standards.ieee.org/ieee/7003/6980/. ↩︎
  34. See https://www.iso.org/standard/42546.html. ↩︎
  35. For a critical analysis, see https://doi.org/10.1017/CBO9781316423240.013. ↩︎
  36. See https://datatracker.ietf.org/doc/html/rfc8280. ↩︎
  37. See A/HRC/48/31 on the effects of shutting down or blocking communications platforms. ↩︎
  38. A/HRC/35/22, para. 44. ↩︎
  39. A/HRC/27/37, para. 20; A/HRC/51/17, paras. 10, 27 and 47; A/HRC/23/40, paras. 49 and 52; and
    A/HRC/32/38, para. 57. ↩︎
  40. For example, Transport Layer Security 1.3 (2018) and QUIC UDP [User Datagram Protocol] Internet
    Connections. ↩︎
  41. The Transport Layer Security Protocol and any protocol using it rely on ITU Telecommunication
    Standardization Sector Recommendation No. X.509 defining the format of public key certificates. ↩︎
  42. A/HRC/51/17; A/HRC/29/32; and Interpol, 89th session, resolution No. 9, GA-2021-89-RES-09 (see
    https://www.interpol.int/content/download/16915/file/GA-2021-89-RES09%20E%20ChildAbuse.pdf). ↩︎
  43. See https://www.icann.org/en/system/files/files/octo-017-27oct20-en.pdf. ↩︎
  44. International Covenant on Civil and Political Rights, art. 2; International Covenant on Economic,
    Social and Cultural Rights, art. 2; International Convention on the Elimination of All Forms of Racial
    Discrimination, art. 2; Convention on the Elimination of All Forms of Discrimination against Women,
    art. 2; Convention on the Rights of Persons with Disabilities, art. 4; and Convention on the Rights of
    Children, art. 2. See also CCPR/C/21/Rev.1/Add.13; and E/C.12/GC/24, paras. 10–24. ↩︎
  45. Human Rights Committee, general comment No. 31 (2004), para. 8. ↩︎
  46. See Human Rights Council resolution 45/9. ↩︎
  47. Committee on Economic, Social and Cultural Rights, general comment No. 24 (2017), para. 16; see
    also A/77/201, para. 99 (b). ↩︎
  48.  For example, under the draft regulation of the European Union Artifical Intelligence Act, the European Council has powers of delegation in various human rights-sensitive areas (https://ec.europa.eu/docsroom/documents/52376?locale=en); under art. 48 of the European Union Digital Markets Act, European standard-setting organizations could be tasked with defining interoperability standards for messaging apps (https://eur-lex.europa.eu/legalcontent/EN/TXT/HTML/?uri=CELEX:32022R1925). 
    ↩︎
  49. For an analysis of the practice of delegating regulatory powers to standard-setting organizations, see
    https://doi.org/10.31235/osf.io/38p5f. ↩︎
  50. Guiding Principle 11. The Guiding Principles were unanimously endorsed by the Human Rights
    Council in its resolution 17/4. ↩︎
  51. See A/HRC/50/56. ↩︎
  52. See https://www.ohchr.org/en/documents/thematic-reports/a77201-report-corporate-politicalengagement-and-responsible-business. ↩︎
  53. Guiding Principle 13. ↩︎
  54. Guiding Principle 18. ↩︎
  55. Ibid ↩︎
  56. 56 A/73/348, para. 68; see also A/HRC/48/31, para. 50. ↩︎
  57. See https://www.ohchr.org/en/documents/thematic-reports/a77201-report-corporate-politicalengagement-and-responsible-business. ↩︎
  58. A/72/350, paras. 18–22, regarding access to information policies in United Nations organizations. ↩︎
  59. For example, the reports of the Secretary-General, “Road map for digital cooperation: implementation
    of the recommendations of the High-level Panel on Digital Cooperation” (A/74/821) and “The
    Highest Aspiration – A Call to Action for Human Rights” (2020). ↩︎
  60. See Human Rights Council resolutions 47/16 and 47/23 and General Assembly resolution 77/211. ↩︎
  61. See https://www.itu.int/en/council/planning/Documents/ITU_Strategic_plan_2020-2023.pdf. ↩︎
  62. Submission of Ayden Férdeline; see https://datatracker.ietf.org/doc/html/draft-gont-diversityanalysis-00 for an analysis of factors limiting diversity at the Internet Engineering Task Force.
    ↩︎
  63. For example, when pursuing business models that lead to abuse of human rights ↩︎
  64. Human Rights Protocol Considerations Research Group, founded in 2014 (https://irtf.org/hrpc); see
    also, in particular, guidelines for human rights considerations in standard-setting
    (https://datatracker.ietf.org/doc/html/rfc8280). ↩︎
  65. See https://standards.ieee.org/wp-content/uploads/import/documents/other/ead_v2.pdf ↩︎
  66. See https://w3ctag.github.io/ethical-web-principles/. ↩︎
  67. See https://www.ohchr.org/en/events/events/2023/ohchr-consultation-human-rights-and-technicalstandard-setting; https://www.ohchr.org/en/statements/2023/02/turk-addresses-world-standardscooperation-meeting-human-rights-and-digital; https://www.itu.int/net4/wsis/forum/2023/Agenda/Session/368; and https://intgovforum.org/en/content/igf-2022-open-forum-101-open-forum-on-technical-standardsetting-and-human-rights. ↩︎
  68. See https://www.eeas.europa.eu/delegations/un-geneva/itu-plenipotentiary-conference-joint-policystatement-human-centric-approach_en?s=62. ↩︎
  69. See https://datatracker.ietf.org/meeting/112/materials/slides-112-ietf-sessa-ietf-chair-report-01. ↩︎
  70. See https://www.w3.org/blog/2022/07/diversity-and-inclusion-at-w3c-2022-figures/. Data released
    over the years show clear trends in gradual improvement; the World Wide Web Consortium itself
    acknowledges further room for improvement. ↩︎
  71. Various challenges to participation were highlighted by several submissions. For example, see
    submissions by the European Union and Czechia. ↩︎
  72. ITU, for example, has a tiered fee system with annual fees of 1,987.50 Swiss francs (SwF) for
    academia and small and medium-sized enterprises from developing countries (small and mediumsized enterprises in that case would be allowed to participate in one study group), 3,975 SwF for
    academia and small and medium-sized enterprises from developed countries and companies from
    developing countries (in that case as sector members, giving access to all study groups in one sector),
    and 31,800 SwF for other companies as sector members for the ITU Telecommunication
    Standardization Sector and the ITU Radiocommunication Sector
    (https://www.itu.int/hub/membership/become-a-member/fees/). ↩︎
  73. Submissions of the World Wide Web Consortium participants and Derechos Digitales ↩︎
  74. ITU Convention, art. 19 (1) (see https://www.itu.int/hub/membership/become-a-member/memberterms-conditions). ↩︎
  75. Submission of the World Wide Web Consortium participants. Even at ITU, where interpretation in
    the six official United Nations languages is provided in plenary and working party sessions, most of
    the detailed work on the so-called “questions”, crucial in the drafting process, does not benefit from
    interpretation services. ↩︎
  76. Submission of Derechos Digitales. ↩︎
  77. Corinne Cath-Speth, Changing Minds and Machines (University of Oxford, 2021), see pp. 66–78 and
    conclusion, sect. 8.3. ↩︎
  78. Submission of Ayden Férdeline; see also
    https://www.ndi.org/sites/default/files/NDI%20Norms%20White%20Paper%20May%202022_1.pdf,
    p. 35. ↩︎
  79. Submission of Derechos Digitales based on data from the Internet Engineering Task Force
    (https://www.arkko.com/tools/allstats/). ↩︎
  80. See https://app.powerbi.com/view?r=eyJrIjoiOWM3MWE2YjYtYzdmYS00MDU5LTk4YjYt
    YWFiOTA0YjU2ZDYyIiwidCI6IjIzZTQ2NGQ3LTA0ZTYtNGI4Ny05MTNjLTI0YmQ4OTIxOWZ
    kMyIsImMiOjl9    . ↩︎
  81. Submission of the World Wide Web Consortium participants. ↩︎
  82. See https://www.rfc-editor.org/rfc/rfc8890; https://www.w3.org/TR/design-principles/. ↩︎
  83. Guiding Principles on Business and Human Rights, Guiding Principles 15 (a) and 16. ↩︎
  84. Few if any standard-setting organizations have adopted human rights statements and policies. The
    guiding principles for the design and specifications of the Coalition for Content Provenance and
    Authenticity are one example for a foundational document committing future developments to a
    limited set of human rights that are particularly relevant to the work of the Coalition
    (https://c2pa.org/principles/). ↩︎
  85. States must also adopt legal frameworks requiring human rights due diligence from businesses (see
    para. 30 above). ↩︎
  86. See the human rights impact assessments of the Telia Company (available from
    https://www.teliacompany.com/en/news-articles/human-rights-impact-assessments); Ericsson’s 5G
    Human Rights Assessment (available at https://www.ericsson.com/49295a/assets/local/aboutericsson/sustainability-and-corporate-responsibility/documents/2021/5g-human-rights-assessment—
    final.pdf    ); and Microsoft’s Human Rights Annual Report (available at
    https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE54vFs). ↩︎
  87. A/74/821, para. 86. ↩︎
  88. Submission of WITNESS. ↩︎
  89. Submission of World Wide Web Consortium participants, pointing to browser fingerprinting as an
    example of a constraint. Browser fingerprinting is done through the cumulative analysis of different
    configuration characteristics, each of which may be minimal and non-identifying on their own.
    However, when combined, those characteristics are often used to reidentify people and to correlate
    their online activities. ↩︎
  90. See https://www.ohchr.org/en/statements/2023/02/turk-addresses-world-standards-cooperationmeeting-human-rights-and-digital. ↩︎
  91. See, for example, the Internet Research Task Force Human Rights Protocol Considerations Research
    Group (https://irtf.org/hrpc), which produces in-depth guidance documents on human rights
    questions. The Internet Architecture Board datatracker (https://datatracker.ietf.org/doc/rfc6973/) and
    the World Wide Web Consortium task force of experts in privacy, web architecture, writing a
    statement of privacy principles that can then be applied throughout the web standards process, are
    other examples (https://www.w3.org/TR/privacy-principles/). ↩︎
  92. See https://community.icann.org/display/prjxplrpublicint/GPI+Toolkit. ↩︎
  93. A/HRC/39/28, paras. 55–94; see also https://www.ohchr.org/en/documents/tools-andresources/guidelines-effective-implementation-right-participate-public-affairs. The Human Rights
    Council, in its resolution 39/11, presented the guidelines as a set of orientations for States and other
    relevant stakeholders. ↩︎
  94. Bridging the standardization gap is a strategic priority of the ITU Telecommunication Standardization
    Sector (https://www.itu.int/en/ITU-T/gap/Pages/default.aspx). ↩︎
  95. For examples of positive action, see ITU World Telecommunication Standard resolution 55,
    Promoting gender equality in ITU Telecommunication Standardization Sector activities, and ITU
    Women in Standardization Expert Group, see also ISO Gender Action Plan 2022–2025
    (https://www.iso.org/strategy2030/key-areas-of-work/diversity-and-inclusion.html) and guidance on
    gender responsive standards by the ISO/IEC Joint Strategic Advisory Group on Gender Responsive
    Standards
    (https://www.iso.org/files/live/sites/isoorg/files/standards/docs/en/Guidance%20on%20Gender%20Re
    sponsive%20Standards.pdf    ). ↩︎
  96. See https://unece.org/trade/wp6/Gender-Resp%20-Stdards-declaration. ↩︎
  97. See, as examples of current practices: https://www.w3.org/blog/2022/07/diversity-and-inclusion-atw3c-2022-figures/; https://datatracker.ietf.org/meeting/112/materials/slides-112-ietf-sessa-ietf-chairreport-01 and the ISO Gender Action Plan 2022–2025. ↩︎
  98. In its guidance for ISO national standards bodies, ISO recommends that national mirror committees
    be established whenever possible (see
    https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100269.pdf). ↩︎
  99. See paras. 32–34 above. ↩︎
  100. For example, in the 3rd Generation Partnership Project, Ericsson Communications advocated for
    protecting against international mobile subscriber identity-catchers (see
    https://www.ericsson.com/49295a/assets/local/about-ericsson/sustainability-and-corporateresponsibility/documents/2021/5g-human-rights-assessment—final.pdf). ↩︎
  101. OHCHR, “Türk addresses World Standards Cooperation meeting on human rights and digital
    technology” (February 2023) (https://www.ohchr.org/en/statements/2023/02/turk-addresses-worldstandards-cooperation-meeting-human-rights-and-digital). ↩︎

Civil Society Alliances for Digital Empowerment (CADE) is a project co-funded by the European Union.

Civil Society Alliances for Digital Empowerment (CADE) 2024. All rights reserved.

This website is co-funded by the European Union. Its contents are the sole responsibility of CADE and do not necessarily reflect the views of the European Union.

Web accessibility | Privacy policy

Go to Top