Following the ASEAN Intergovernmental Commission of Human Rights (AICHR) Regional Forum on Freedom of Expression, Opinion and Information (FOEI)  in ASEAN in Nusa Dua, and Information in Bali from December 8-10, 2019, DigitalReach submitted the following recommendations to AICHR regarding the situation of FOEI in ASEAN Member States (AMS), given the influence of technology on human rights.

The forum was organized regarding the interpretation of Article 23 of ASEAN Human Rights Declaration (AHRD) which states “Every person has the right to freedom of opinion and expression, including freedom to hold opinions without interference and to seek, receive and impact information, whether orally, in writing or through any other medium of that person’s choice.”

The recommendations are divided into three parts which are for AICHR to (A) Look at the emerging threats on Freedom of Expression and Information given the influences of technology (B) Implement New Mechanisms and (C) Review ASEAN Policies, Framework, Initiatives, and Mechanisms.

Key Recommendations

A. Looking at the Emerging Threats Enabled by Technology

The emerging threats under the influences of technology fall into six categories which are (1) Weaponizing Personal Data and State Surveillance (2) Controlling Freedom of Expression and Information with “Disinformation” (3) The Role of Big Tech Companies (4) Internet Shutdown and Disruptions (5) Cyberattacks and (6) Harassment from Cyber-army and Internet Trolls.

1. Weaponizing Personal Data and StateSurveillance

There is a trend of states attempting to weaponize personal data and privacy of political dissidents when the latter are merely exercising  their rights to freedom of expression. The last quarter of 2019 saw political dissidents in Cambodia being surveilled by phone tapping, while Thailand and Vietnam have adopted controversial laws on cybersecurity, which allow authorities to access personal data of citizens.

Laws on personal data protection in the AMS are present in Singapore, Philippines, Malaysia, and Thailand. All of them, except the Philippines, do not include public agencies. This creates  opportunities for the state to mistreat personal data under the name of “national security” or “public safety”.

New emerging technology, particularly Internet of Things (IoT) and smart cities which  likely use biometric data such as fingerprinting, facial recognition and iris scans which provides AMS with the means to become surveillance states. Similarly, fifth generation (5G) digital wireless networks will speed up the adoption of these technologies which require ever-faster transmission speeds because of increasing amounts of data being collected.

There are also potential influences fromChinese surveillance technology in the AMS. Such technologies has been used in terms of crackdowns on ethnic minorities including the Uighurs and Tibetans. Huawei, as a leading 5G technology provider has provided the technology to Cambodia to be early adopter of 5G in the AMS. Moreover, Chinese companies such as ZTE, Dahua, and China Telecom are among those that are proposing new international standards at the International Telecommunication Union (ITU) to create universal consistent technology for facial recognition, video monitoring, city and vehicle surveillance. The standards ratified in the ITU influence how technology is developed and used, and are commonly adopted as policy by nations around the world, including AMS.

2. Controlling Freedom of Expression and Information with “Disinformation”

Disinformation has been in the spotlight in the recent years due to the impact of its use on major global events such as the 2016 U.S. Presidential Election, Brexit, and the lead-up to Taiwan’s 2020 General Elections. Some countries in AMS have used controversial laws to label some content critical of state authorities as “fake news.”  Singapore presents a prominent case, where a Protection from Online Falsehoods Manipulation Act (POFMA), nicknamed “fake news law”, was adopted in October 2019. Since the law came into effect in October 2019, an opposition politician, opposition political parties, and an independent news outlet have had their posts been flagged under the law as misinformation and disinformation.

Malaysia recently repealed the Anti-Fake News Act (AFNA) which shows that a change might be possible under a changed political environment. Its adoption in 2018 shortly before the General Election was highly controversial. In November 2019, Vietnam announced that it will have a new law targeting “fake news” and “toxic information” online following the Cybersecurity Law in that came into effect on January 2019. This development signals an intensification of state efforts to remove and censor content they consider critical. Both AFNA and POFMA give state executives near-exclusive power to decide which content is seen as false, fake, or misleading, with limited judicial oversight.

3. The Role of Big Tech Companies

There have been demands from state actors to ask big tech companies mainly Facebook, Twitter, and Google to comply with their domestic laws to control expression and access to information on the platforms. For example, the Vietnam’s Cybersecurity Law requires Facebook and Google to set up offices in the country, store data locally, and remove content critical of government on their platforms, and hand over personal information of users to their respective governments. State requests  to Google to remove content critical of the government on YouTube, as seen in the Google’s Transparency Report, are particularly high in Vietnam and Thailand. Moreover, The Singapore’s POFMA also made a history by requesting Facebook to issue a correction notion on a post critical of the government, even though harm to public interest was unclear at best. Facebook complied with the demand.

Policy pronouncements by Big Tech are also worth examining as these can set examples for political events in AMS, such as the elections in Myanmar and Singapore in 2020. Facebook announced that it will not fact check any political ads in the upcoming 2020 U.S. presidential election, while Twitter would ban all political ads. Google has announced already that it would ban all ads ahead of the Singapore election, causing an outcry from the opposition political parties. that had planned to campaign on the Google platform YouTube. Disinformation has been used in Myanmar in 2018 to influence or manipulate people concerning the Rohingya, leading to purported ethnic cleansing. Facebook admitted to failing to tackle hate speech against the Rohingya, which led to incitement of violence. This confirms how social media companies can play a significant role in such events since disinformation and misinformation may influence people’s thoughts and actions.

4. Internet Shutdown and Disruptions

Given the two major internet shutdowns in 2019 in Rakhine and Papua as well the three-day internet disruptions in Jakarta, internet shutdown and disruptions might be on the rise in AMS when elections, protests, and political unrest occur or are imminent. The shutdown can cut down communications between protestors who participate in the political events, preventing them from communicating with each other including organizing a protest or to keep informed and updating each other’s whereabouts.

The shutdown also allows authorities to monopolize information as the government in the repressive regimes usually controls the media and the information flows. State-controlled media channels can be full of propaganda that distort the truth, and people often turn to social media to express their voices or upload their photos or videos that reveal the actual situations. When more and more people share more information on such situations, it can counter state propaganda. It can also help reveal perpetrators in a case of violence.

Internet shutdown can give media working in the locality difficulties when there is no internet. During the Rakhine internet shutdown, journalists in Myanmar confirmed having difficulties to verify information released by the government. Fact-checkers in Indonesia  reportthat their work has become more challenging since the shutdown in Papua. Due to the shutdown, they could not contact sources in Papua to verify the information which needed to be verified.

5. Cyberattacks against Civil Society

There have been numerous reports in AMS about this growing threat that use technological methods to put freedom of expression and information at risk. A number of Vietnamese civil society and independent websites including viettan.org, baotiengdan.com, luatkhoa.org, and thevietnamese.org experienced distributed denial-of-service (DDoS) attacks in mid 2018, while several alternative media websites in the Philippines have been attacked in late 2018 with the same kind of attacks. It is reported that the alleged perpetrators are state-sponsored.

Apart of the DDoS attacks, spyware such as FinSpy and Pegasus have raised concerns over the digital security of political dissidents. FinSpy has been documented in several AMS including Singapore, Vietnam, Indonesia, and Myanmar, while Pegasus was founded to infect phones in Singapore and Thailand. When a device is infected with the spyware, they can take control over the devices and have access to information stored in it as well as encrypted messaging platforms such as Signal, WhatsApp, and Telegram.

6. Cyber-army and Internet Trolls

The spread of social media use has given rise to a new threats to freedom of expression in AMS in the form of cyber-armies and internet trolls. These are a group of social media users/accounts, whether organized or supported by the state or acting independently, who attack people or entities exercising their rights to freedom of expression. Trolls use hate speech and disinformation to incite chaos or even violence.

Troll operations may be (1) a business or a troll farm hired for a specific purpose, (2) a group of people with shared belief or political view, with or without an influencer that persuades them to ‘troll’; and (3) a state-run organized group, usually known as ‘cyber-army’. Trolling is an effective method to trigger or manipulate the group with misleading, false, or fake information often being added. They can create a popular hashtag on social media platforms like Twitter to mobilize or persuade larger crowds in a troll-operated campaign. Philippines, Indonesia, Vietnam, Myanmar, and Singapore are examples of countries in AMS where trolls have been documented to harass political critics, activists, human rights lawyers, and/or individuals who are from religious minorities.

B. Implementation of New Mechanisms

It is extremely challenging for civil society to tell policy makers in authoritarian regimes to amend repressive or stop using tactics that can threaten critics and civil society since it is unlikely that the regime will pay attention. There is a need for new mechanisms to be implemented at the regional stage to respond to threats to human rights including freedom of expression and access to information with the rise of technology.

Technology enables new threats that need to be better understood and monitored to develop the best possible solutions, including addressing threats that are coming from outside of the region. It is recommended that a long overdue proposal to implement a regional human rights court has to move forward. A monitoring mechanism is also needed because it can monitor and report on these new threats and should include stakeholders, especially civil society who are among the most vulnerable groups.

C. Review of ASEAN Policies, Framework, Initiatives, and Mechanisms

 The AHRD itself needs to be reviewed, specifically because of Articles 6,7, and 8 which limit how the human rights can be effectively implemented based on local concerns, particularly when it is about national security and public morals.In recent years, ASEAN has also made other instruments related to digital technology including ASEAN ICT Masterplan 2020, ASEAN Digital Integration Framework, ASEAN Framework on Personal Data Protection, and ASEAN Framework on Digital Data Governance. These instruments generally aim for economic development in a region in where human rights aspects can be overlooked. AICHR shouldexamine these instruments as future initiatives will rely on these instruments to operate. Examples include  the ASEAN Data Classification Framework, ASEAN Cross Border Data Flows Mechanism, and ASEAN Data Protection and Privacy Forum. ASEAN Smart Cities Network (ASCN) was also established and put forward with Smart City Action Plans (SCAPs) and ASEAN Smart Cities Framework (ASCF). There have not been any reports of human rights experts’ presence or input at the meetings.

All 10 AMS also plan to establish a framework for cybersecurity collaboration with a mechanisms paper being drafted during the ASEAN Ministerial Conference on Cybersecurity (AMCC) in 2019. They developed a framework and joint declaration to minimize the harmful effects of fake news during the Conference of the ASEAN Ministers Responsible for Information (AMRI). Such cooperation should concern AICHR since they relate to human rights and human security. It is recommended that AICHR look at the dual-use items (DUI), goods, materials, technology, and software for commercial purposes that may also have military or security applications. Of particular concern is the import, export, and development ofsurveillance technology as well as the use of malicious software, especially spyware like FinSpy and Pegasus. There is a need to review existing regulations at the national level and provide recommendations for region-wide norms. They include mechanisms and instruments to safeguard human rights and human security that are at risk from gratuitous and/or excessive surveillance and malicious software.

The full recommendations can be downloaded here.