The Cyber World and Human Rights: Perspectives on International Accountability

Introduction: Human Rights and Digital Spaces

The United Nations (UN) and regional institutions have been documenting human rights violations occurring in the digital realm, especially since the onset of the COVID-19 pandemic.¹ See, for example, United Nations High Commissioner for Human Rights, Human rights should be at the heart of tech governance. Number record here? Stimson SG ex “SC/11018,” Sept. 1st, 2022, Human rights should be at the heart of tech governance | OHCHR. The digital space includes computers, cell phones, the internet, virtual communications platforms, social media outlets, and artificial intelligence (AI). Even though technology has allowed for the creation of additional online spaces for many individuals to participate and communicate socially, it has also become the setting of alarming human rights violations. These include acute forms of violence, discrimination, hate speech, harassment, bullying, and cyberattacks, all requiring different responses.² For a broad overview, see United Nations High Commissioner for Human Rights, Building a common front against the digital dimension of violence against women. Number record here, if press release, March 15, 2022, Building a common front against the digital dimension of violence against women | OHCHR; Human Rights Watch, It is time to treat cybersecurity as a human rights issue (March 26, 2020), It’s Time to Treat Cybersecurity as a Human Rights Issue | Human Rights Watch (hrw.org). Many of these human rights breaches are perpetrated not only by state entities, but also a range of private actors.³ See for example, United Nations High Commissioner for Human Rights, UN Experts Alarmed by Growing Use by Mercenaries in Cyberspace. Number record here? Stimson SG ex “SC/11018,” Oct. 28, 2021, UN experts alarmed by growing use of mercenaries in cyberspace | OHCHR. This is noteworthy as we have recently celebrated the 75th Anniversary of the Universal Declaration of Human Rights (hereinafter “Universal Declaration”), still a cornerstone document, but one that could have never anticipated many modern challenges such as cybersecurity concerns and their human rights implications.

International human rights law (IHRL) is mainly composed of a body of legal rules adopted at the supranational level.⁴ For a discussion of current international law and institutions related to human rights and salient human rights issues, see Chapter 1: Introduction to International Human Rights in Hurst Hannum, Dinah Shelton, S. James Anaya & rosa Celorio, international human rights; problems of law, policy, and practice, 2-23 (Wolters Kluwer Publishers, 7th edition, 2023). In the context of this article, “rules” refer to binding or mandatory obligations assumed by states in the context of a diversity of treaties, legal instruments, and international customs. “Norms” are used to refer instead to principles agreed upon by the international law community of a voluntary nature. Most of these rules and their supervisory institutions were conceived to restrain abuse of government activity. The foundations were established in the post-World War II world, propelled by the immense human suffering and toll which resulted from this global conflict. Several rules that we still invoke are part of the Bill of Rights, integrated by the Universal Declaration and the International Covenants on Civil and Political Rights and Economic, Social, and Cultural Rights (hereinafter “the Covenants”).⁵ See generally, Universal Declaration of Human Rights, G.A. res. 217A (III), U.N. Doc A/810 at 71 (1948); International Covenant on Civil and Political Rights [ICCPR], G.A. res. 2200A (XXI), 21 U.N. GAOR Supp. (No. 16) at 52, U.N. Doc. A/6316 (1966), 999 U.N.T.S. 171, entered into force Mar. 23, 1976; International Covenant on Economic, Social and Cultural Rights [ICESCR], G.A. res. 2200A (XXI), 21 U.N. GAOR Supp. (No. 16) at 49, U.N. Doc. A/6316 (1966), 993 U.N.T.S. 3, entered into force Jan. 3, 1976. Today we have a set of treaties, under which more than 150 countries have assumed obligations detailing what they will do and not do to prevent human rights violations, but also to affirmatively build societies in which human rights are protected. Some of these are general—like the Covenants—but others are specialized, such as the Convention on the Elimination of Discrimination against Women (CEDAW), the Convention on Racial Discrimination (CERD), and the Convention on the Rights of the Child (hereinafter “CRC”).⁶  See generally International Convention on the Elimination of All Forms of Racial Discrimination, G.A. res. 2106 (XX), Annex, 20 U.N. GAOR Supp. (No. 14) at 47, UN doc. A/6014 (1966), 660 U.N.T.S. 195, entered into force Jan. 4, 1969 [hereinafter CERD]; Convention on the Elimination of All Forms of Discrimination against Women, G.A. res. 34/180, 34 U.N. GAOR Supp. (No. 46) at 193, UN doc. A/34/46, entered into force Sept. 3, 1981 [hereinafter CEDAW]; Convention on the Rights of the Child, G.A. res. 44/25, annex, 44 UN GAOR Supp. (no. 49) at 167, UN doc. A/44/49 (1989), entered into force Sept. 2,1990 [hereinafter U.N. Convention on the Rights of the Child]. Strong regional human rights protection systems have also been established in Europe, the Americas, and Africa, governed by their own regional human rights treaties, and evidenced in their prolific work, case decisions, and statements.⁷ For information on the history and work of the regional human rights protection systems in Europe, the Americas, and Africa, see Alexandra Huneeus and Mikael Rask Madsen, “Between Universalism and Regional Law and Politics: A Comparative History of the Americas, European, and African Human Rights Systems,” International Journal of Constitutional Law, vol. 16, no. 1, 136-160, https://doi.org/10.1093/icon/moy011.

Treaties are particularly noteworthy in this framework, as they are considered primary and binding sources of legal obligations for states. When states adopt and ratify human rights treaties, they voluntarily assume a mandate to respect, protect, and uphold human rights. Current treaties protect a range of rights related to life, personal integrity, privacy, dignity, access to information, freedom of expression, and access to justice. The UN has established several organs—referred to frequently as “treaty-based organs”—solely entrusted with monitoring compliance with the nine core human rights treaties.⁸ For more information on the structure and work of the UN treaty-based organs, see United Nations High Commissioner for Human Rights, The United Nations Human Rights Treaty System (Fact Sheet 30, 2012), FactSheet30Rev1.pdf (ohchr.org). The UN also has “charter-based organs” stemming from its Charter, which issue critical statements reflecting the consensus of the international community on specific issues such as Resolutions and the reports adopted by Human Rights Council Special Procedures.⁹ For a broad overview of UN charter-based organs and connected institutions, see United Nations System Chart, 23-00013_un_system_chart_11x8.5_print_e.pdf. The goal of both treaty-based and charter-based organs is to shape state behavior and to tip it toward compliance with international rules, including those specific to human rights.

Connection Between Human Rights Concerns and Cyberspace

The digital age is currently transforming the field of human rights and its norms. Global and regional bodies are now carving out their responses and approaches to human rights violations taking place in cyberspace.¹⁰ For examples of recent statements, see Rep. of UN Special Rapporteur on Privacy, Artificial Intelligence and Privacy, and Children’s Privacy, A/HRC/46/37 (Jan 25, 2021), paras. 27-49 (including guiding principles with a human rights perspective on the use of personal and nonpersonal information in AI and its implications on the right to privacy); Committee on the Rights of the Child, General Comment no. 25 on children’s rights in relation to the digital environment, CRC/C/GC/25, March 2nd, 2021, paras. 22-49 (urging states to adopt a range of measures to protect children’s rights in technologically driven spaces, including but not limited to the adoption of legislation, policies, strategies, and access to justice). The UN General Assembly (UNGA) and the UN Human Rights Council (HRC) have adopted several resolutions expressing concern over the activity of public and private actors in the areas of surveillance, hacking, and AI; encouraging human rights compliance and respect for the rights of all individuals to live free from discrimination and violence; and confirming that international law is applicable in cyberspace.¹¹ See, for e.g., the Final Report of the 2013 UN Group of Governmental Experts (GGE) A/68/98 (June 24, 2013), where states first agreed that international law and the UN Charter apply to state conduct in the use of ICTs and reiterated in 2015 and 2021 GGE reports: First Committee Report A/70/455 (Nov. 18, 2015). This statement was affirmed in the final report of the first UN Open-Ended Working Group (OEWG) in 2021 [G.A Report A/AC.290/2021/CRP.2 (Mar. 10, 2021, and reinforced in subsequent Annual Progress Reports (2022-2023). Also, G.A. Res. A/RES/78/213 (Dec. 22, 2023), (recognizing the potential for abuse in the digital world and encouraging states to adopt adequate legislation, sanctions, and remedies to protect individuals from human rights violations in this context); UN Human Rights Council Resolution 20/8, A/HRC/RES/20/8 (July 16, 2012), (affirming that the same rights that apply offline, apply online).

This is a highly evolving area of the law, with many future developments to come. One critical dichotomy that international human rights bodies are exploring is the fact that digital technologies, such as the internet, have become central to the exercise, defense, and enforcement of human rights, including those related to participation, association, information, and freedom of expression. However, the digital space has also turned into another scenario in which human rights violations take place, including forms of violence, discrimination, and threats to meaningful participation.

It is important to underscore that a set of UN norms has been crafted promoting that states protect human rights in cyberspace and to encourage the respect of UN resolutions in this area.¹² G.A. Res. A/RES/70/237 (Dec 23, 2015) and First Committee Report A/70/455 (Nov. 18, 2015). The GGEs recommended 11 voluntary, nonbinding norms of responsible state behavior and recognized that additional norms could be developed over time. See also UN Norms of Responsible State Behavior in Cyberspace, which shed light on what states should do and not do in cyberspace, including human rights protection as a goal, March 2022, The-UN-norms-of-responsible-state-behaviour-in-cyberspace.pdf (unoda.org). It is key to note that UN resolutions continue to be adopted in this high-evolving area, including a 2024 resolution on AI, promoting the respect of human rights in its development, deployment, and design. See UN General Assembly Resolution, Seizing the opportunities of safe, secure, and trustworthy artificial intelligence systems for sustainable development, A/78/L.49 (March 11, 2024).12 G.A. Res. A/RES/70/237 (Dec 23, 2015) and First Committee Report A/70/455 (Nov. 18, 2015). The GGEs recommended 11 voluntary, nonbinding norms of responsible state behavior and recognized that additional norms could be developed over time. The UN Norms for Responsible State Behavior in Cyberspace (hereinafter “UN Norms” or “UN Cyberspace Norms”) are critical in recognizing that international law applies to state conduct in cyberspace.¹³ See United Nations General Assembly, Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, A/70/174 (July 22, 2015), para. 13. The sixth and most recent UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE) provided further guidance to states on how to operationalize this specific set and other norms. The GGE guidance outlines that states need to respect and protect human rights both online and offline, including freedom of expression, access to information, the right to nondiscrimination and the eradication of the gender digital divide.¹⁴ See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 36. States are encouraged to invest in technical and legal measures to guide the development and use of information and communications technologies (ICTs) in an inclusive and accessible manner, benefitting marginalized communities and groups.¹⁵ See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), paras. 40-41.

An important goal in the design of these norms was the preservation of international peace and security as well as the promotion of the safety and well-being of individuals.¹⁶ See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 8. Voluntary norms of this kind can also lead to state cooperation to act proactively to respect and ensure human rights in cyberspace, by promoting an “open, secure, stable, and accessible ICT environment.”¹⁷ See id., page 4, para. 5.

In addition, the GGE has recognized a range of malicious criminal activity, which is increasingly occurring in digital spaces, including terrorism perpetrated by both state and nonstate actors and arbitrary mass surveillance.¹⁸ See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), paras. 13-14, 37. The GGE also emphasized that the implementation of the UN Cyberspace Norms should be consistent with the UN Charter and other binding international law treaties.¹⁹ See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 18. Norms—even when they are voluntary and nonbinding—can be salient in setting standards for responsible behavior from state and nonstate actors and the expectations of the international community.²⁰ See United Nations General Assembly, Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, A/70/174 (July 22, 2015), para. 10.

In addition, the rules already codified in the human rights framework—in treaties and other legal instruments—apply to the cybersecurity realm. Therefore, the human rights approach to cybersecurity concerns does not begin from zero when it comes to binding obligations. There are key treaties and interpretative guidance that have already been identified as relevant to the digital realm and cyberspace, which protect freedom of expression, access to information, privacy, data protection, property, equality and nondiscrimination, and the right to be free from violence.²¹ See Rep. of the UN High Commissioner for Human Rights, The Right to Privacy in the Digital Age, A/HRC/51/17 (Aug. 4, 2022), para. 2 (confirming that the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and other global and regional treaties can be central in managing digital threats to human rights).

The cyber realm does have the added challenge of engagement by many nongovernmental actors, which IHRL was not designed to address. However, international principles—including both binding rules and voluntary norms—have been evolving to address these challenges and identify a set of responsibilities and remedies when needed.²² See for example, UN Ruggie Principles on Business and Human Rights, (2011), guidingprinciplesbusinesshr_en.pdf (ohchr.org) (emphasizing the responsibility of businesses to prevent human rights harm and provide remedies when this occurs).

Even though these reflections are mostly centered on the IHRL framework, there are other relevant areas of international law that can be useful to regulate cybercrime and address cybersecurity threats. These areas include international criminal law, which has the goal of bringing accountability and justice to perpetrators of some of the most alarming human rights violations and cybercrime, including genocide, crimes against humanity, war crimes, and crimes of aggression. The International Criminal Court has recently issued several arrest warrants in the context of Russia’s invasion of the Ukraine revealing its potential to prosecute cybercrime in the future.²³ For more reading, see Lindsay Freedman, Evidence of Russian Cyber Operations Could Bolster New ICC Arrest Warrants, https://www.lawfaremedia.org/article/evidence-of-russian-cyber-operations-could-bolster-new-icc-arrest-warrants Evidence of Russian Cyber Operations Could Bolster New ICC Arrest Warrants | Lawfare (lawfaremedia.org), March 13, 2024.

Indeed, concern about the potential negative impacts on human rights from cybercrime has been central in the negotiations of a global cybercrime treaty at the UN. This process began in UNGA’s Third Committee, which is responsible for the protection of human rights. In 2021, an Ad-hoc Committee (AHC) was established by resolution and tasked with developing a “comprehensive international convention on countering the use of ICTs for criminal purposes.” Over the course of the treaty’s negotiation, it has become evident that member states have very different views on how, and even if, human rights will be protected by a future treaty.

International humanitarian law is also noteworthy, including rules of what can be done or not done during an armed conflict, such as the distinction between civilians and combatants, the principles of necessity and proportionality, and the prohibition to inflict unnecessary suffering.

One avenue for improving cyber accountability may be through the Universal Periodic Review procedure (hereinafter “UPR procedure”) of the UN HRC. As part of the UPR procedure, all UN member states report periodically before the HRC on their human rights records and interventions to respect, protect, and fulfill human rights.²⁴ For more information on how the UPR procedure works, see Basic facts about the UPR | OHCHR. The UPR working group examines the following documents during its review: a national report prepared by the state involved; already-issued reports by UN special procedures and civil society organizations; and information presented by national human rights institutions and civil society entities. Within this process, states have an interactive and peer-review dialogue that leads to recommendations to each state on how to improve their human rights record. Several states have already been the subject of recommendations encouraging the adoption of policies to ensure cybersecurity on the internet, which will surely increase in the future given the magnitude of the problems involved.²⁵ See, for e.g., UN General Assembly, Report of the Working Group on the Universal Periodic Review: Jordan, A/HRC/40/10 (Jan. 7, 2019), para. 136 (Recommendation 136.15); UN General Assembly, Report of the Working Group on the Universal Periodic Review: China, A/HRC/40/6 (Dec. 26, 2018), para. 28 (Recommendation 28.204).

Key Takeaways and Recommendations

This chapter proposes that current human rights accountability mechanisms can serve to shape state behavior to address cybercrime and cybersecurity concerns. These mechanisms can also motivate states to respond to these crimes as a priority human rights issue, which is meritorious of the states’ legislation, policies, and an adequate justice response. It is important to acknowledge the limitations of these mechanisms, including delays, scarce human and financial resources, the influence of politics, and compliance issues. Therefore, the author suggests the use of human rights accountability mechanisms as only part of the strategy to address concerns related to cyberspace.

The UN charter-based and treaty-based organs are already addressing issues concerning cybercrime and the need for human rights accountability as a priority concern. Important examples are the UNGA and HRC resolutions in this realm, as well as the norms for responsible state behavior in cyberspace. These instruments—even though considered forms of “soft law”—can place important pressure on states to develop interventions at the national level to respond to and prevent these crimes as part of their human rights agenda. There is scope to better integrate concerns about cybersecurity and cybercrime within existing human rights peer-review mechanisms, such as the UPR. It may also be relevant to consider developing a similar model to evaluate operationalization of the UN cyber norms for example, respecting their voluntary nature, or to use peer review in the development and use of offensive cyber capabilities according to international law.²⁶ For more reading, see ICT for Peace Foundation, ICT4 Proposed “States Cyber Peace Review Mechanism” for State-Conducted Foreign Cyber Operations, March 1st, 2020, https://ict4peace.org/wp-content/uploads/2020/03/ICT4Peace-Proposed-States-Cyber-Peer-Review-3.pdf.

The current focus on digital violence against women, children, and minorities is also noteworthy and will surely grow in the future, as there is a better understanding of the features of these human rights violations and their impact on groups who are historically marginalized and often victims of discrimination.²⁷ For a broad overview of the gender digital divide, which has affected women and girls historically and current international legal developments in this area, see Celorio, Women and International Human Rights in Modern Times, chap. 13: The Human Rights of Women in the Digital World, 326-347 (Edward Elgar Publishing, 2022).

Important UN HRC procedures, such as the UN Rapporteur on Violence against Women,²⁸ For more discussion of violence against women and girls, which takes place in digital contexts, such as the internet and social media, see Dubravka Šimonović (Special Rapporteur), Rep. of the Special Rapporteur on Violence against Women, its Causes and Consequences, Online Violence against Women and Girls from a Human Rights Perspective, A/HRC/38/47 (June 18, 2018), paras. 12-42. have documented the vulnerability of women and girls to digital attacks, including cyberbullying, revenge porn, and hate speech. Such documentation is crucial for ensuring accountability and fostering transparency by building the evidence base and shaping collective understanding about what is, or is not, acceptable cyberspace behavior. These protections are particularly acute for women and girls who voice their opinions in social media outlets and who undertake activities as politicians, journalists, and human rights defenders. Establishing and refining terminology is an area in which the UN Charter and treaty-based organs can make critical contributions to these protection efforts, and they have already begun doing so when addressing digital threats to the human rights of these groups.

The UN Charter and treaty-based organs should continue urging states to prioritize cybersecurity and protect critical rights in an insecure internet environment, including life, personal integrity, participation, freedom of expression, privacy, and others. These groups can sound the horn on the human rights implications of problems such as internet shutdowns, hacking, terrorism, the misuse of AI, arbitrary mass surveillance, and violence in the realm of social media. Cybercrime will more than likely be prominent in future human rights analysis, which will require regulation to reaffirm the need to protect freedom of speech and the free flow of information. Laws and regulations adopted to advance cybersecurity can also inform the future development of international legal standards, benchmarks, and best practices in this area.

The creation of new human rights mechanisms can also occur at the UN level. The UN HRC frequently establishes new procedures to address emerging human rights issues, as it recently did with privacy and climate change. It could potentially create a working group on human rights and technology, which could produce important analysis on the connection between cybercrime and human rights and identify best practices and challenges in state behavior. Current UN initiatives like the Global Digital Compact can support the identification of human rights issues and needed steps to take for both state and nonstate actors on how to address these challenges most effectively.²⁹ For more information on the UN Global Digital Compact Initiative, see UN Global Digital Compact: Background Note (Jan. 17, 2023), Global-Digital-Compact_background-note.pdf. The zero draft of the compact emphasizes that states should refrain from the use of internet shutdowns, for example. If retained, how to operationalize that commitment could be further fleshed out.

States can also propose to adopt new treaties or protocols to existing treaties, but adoption and ratification processes can be lengthy and onerous, which can impede real effectiveness. Any new human rights treaty developed in this field needs to be proportional in its provisions and respect critical human rights, such as freedom of expression, access to information, and privacy. Given the challenges in adopting new treaties, another alternative is to work with existing treaties and develop interpretations of the applicability of their provisions to cyberspace and cybercrime. The UN and regional bodies working on issues concerning human rights protection in the digital realm can issue in the future interpretative guidelines and resolutions addressing cybersecurity concerns.

Lastly, it is key to underscore the potential of individual case petition mechanisms—popular at the level of UN treaty-based organs and in the regional human rights systems in the Americas and Europe—when human rights violations take place in cyberspace at the national level. These mechanisms can provide a second avenue of justice when domestic judicial institutions fail to adequately respond to human rights violations. Cases have already been presented before regional entities such as the European Court of Human Rights,³⁰ See Eur. Ct. H.R., GLUKHIN v. RUSSIA, App. No. 11519/20 (July 4, 2023), paras. 64-91 (in which the European Court of Human Rights found violations to the rights to privacy and freedom of expression protected by the European Convention on Human Rights with the use of facial-recognition technology against a protester in Moscow). which evidence the potential for case litigation to promote accountability for crimes related to the use of technology and taking place in cyberspace.

Notes

• 1
  See, for example, United Nations High Commissioner for Human Rights, Human rights should be at the heart of tech governance. Number record here? Stimson SG ex “SC/11018,” Sept. 1st, 2022, Human rights should be at the heart of tech governance | OHCHR.
• 2
  For a broad overview, see United Nations High Commissioner for Human Rights, Building a common front against the digital dimension of violence against women. Number record here, if press release, March 15, 2022, Building a common front against the digital dimension of violence against women | OHCHR; Human Rights Watch, It is time to treat cybersecurity as a human rights issue (March 26, 2020), It’s Time to Treat Cybersecurity as a Human Rights Issue | Human Rights Watch (hrw.org).
• 3
  See for example, United Nations High Commissioner for Human Rights, UN Experts Alarmed by Growing Use by Mercenaries in Cyberspace. Number record here? Stimson SG ex “SC/11018,” Oct. 28, 2021, UN experts alarmed by growing use of mercenaries in cyberspace | OHCHR.
• 4
  For a discussion of current international law and institutions related to human rights and salient human rights issues, see Chapter 1: Introduction to International Human Rights in Hurst Hannum, Dinah Shelton, S. James Anaya & rosa Celorio, international human rights; problems of law, policy, and practice, 2-23 (Wolters Kluwer Publishers, 7th edition, 2023). In the context of this article, “rules” refer to binding or mandatory obligations assumed by states in the context of a diversity of treaties, legal instruments, and international customs. “Norms” are used to refer instead to principles agreed upon by the international law community of a voluntary nature.
• 5
  See generally, Universal Declaration of Human Rights, G.A. res. 217A (III), U.N. Doc A/810 at 71 (1948); International Covenant on Civil and Political Rights [ICCPR], G.A. res. 2200A (XXI), 21 U.N. GAOR Supp. (No. 16) at 52, U.N. Doc. A/6316 (1966), 999 U.N.T.S. 171, entered into force Mar. 23, 1976; International Covenant on Economic, Social and Cultural Rights [ICESCR], G.A. res. 2200A (XXI), 21 U.N. GAOR Supp. (No. 16) at 49, U.N. Doc. A/6316 (1966), 993 U.N.T.S. 3, entered into force Jan. 3, 1976.
• 6
   See generally International Convention on the Elimination of All Forms of Racial Discrimination, G.A. res. 2106 (XX), Annex, 20 U.N. GAOR Supp. (No. 14) at 47, UN doc. A/6014 (1966), 660 U.N.T.S. 195, entered into force Jan. 4, 1969 [hereinafter CERD]; Convention on the Elimination of All Forms of Discrimination against Women, G.A. res. 34/180, 34 U.N. GAOR Supp. (No. 46) at 193, UN doc. A/34/46, entered into force Sept. 3, 1981 [hereinafter CEDAW]; Convention on the Rights of the Child, G.A. res. 44/25, annex, 44 UN GAOR Supp. (no. 49) at 167, UN doc. A/44/49 (1989), entered into force Sept. 2,1990 [hereinafter U.N. Convention on the Rights of the Child].
• 7
  For information on the history and work of the regional human rights protection systems in Europe, the Americas, and Africa, see Alexandra Huneeus and Mikael Rask Madsen, “Between Universalism and Regional Law and Politics: A Comparative History of the Americas, European, and African Human Rights Systems,” International Journal of Constitutional Law, vol. 16, no. 1, 136-160, https://doi.org/10.1093/icon/moy011.
• 8
  For more information on the structure and work of the UN treaty-based organs, see United Nations High Commissioner for Human Rights, The United Nations Human Rights Treaty System (Fact Sheet 30, 2012), FactSheet30Rev1.pdf (ohchr.org).
• 9
  For a broad overview of UN charter-based organs and connected institutions, see United Nations System Chart, 23-00013_un_system_chart_11x8.5_print_e.pdf.
• 10
  For examples of recent statements, see Rep. of UN Special Rapporteur on Privacy, Artificial Intelligence and Privacy, and Children’s Privacy, A/HRC/46/37 (Jan 25, 2021), paras. 27-49 (including guiding principles with a human rights perspective on the use of personal and nonpersonal information in AI and its implications on the right to privacy); Committee on the Rights of the Child, General Comment no. 25 on children’s rights in relation to the digital environment, CRC/C/GC/25, March 2nd, 2021, paras. 22-49 (urging states to adopt a range of measures to protect children’s rights in technologically driven spaces, including but not limited to the adoption of legislation, policies, strategies, and access to justice).
• 11
  See, for e.g., the Final Report of the 2013 UN Group of Governmental Experts (GGE) A/68/98 (June 24, 2013), where states first agreed that international law and the UN Charter apply to state conduct in the use of ICTs and reiterated in 2015 and 2021 GGE reports: First Committee Report A/70/455 (Nov. 18, 2015). This statement was affirmed in the final report of the first UN Open-Ended Working Group (OEWG) in 2021 [G.A Report A/AC.290/2021/CRP.2 (Mar. 10, 2021, and reinforced in subsequent Annual Progress Reports (2022-2023). Also, G.A. Res. A/RES/78/213 (Dec. 22, 2023), (recognizing the potential for abuse in the digital world and encouraging states to adopt adequate legislation, sanctions, and remedies to protect individuals from human rights violations in this context); UN Human Rights Council Resolution 20/8, A/HRC/RES/20/8 (July 16, 2012), (affirming that the same rights that apply offline, apply online).
• 12
  G.A. Res. A/RES/70/237 (Dec 23, 2015) and First Committee Report A/70/455 (Nov. 18, 2015). The GGEs recommended 11 voluntary, nonbinding norms of responsible state behavior and recognized that additional norms could be developed over time. See also UN Norms of Responsible State Behavior in Cyberspace, which shed light on what states should do and not do in cyberspace, including human rights protection as a goal, March 2022, The-UN-norms-of-responsible-state-behaviour-in-cyberspace.pdf (unoda.org). It is key to note that UN resolutions continue to be adopted in this high-evolving area, including a 2024 resolution on AI, promoting the respect of human rights in its development, deployment, and design. See UN General Assembly Resolution, Seizing the opportunities of safe, secure, and trustworthy artificial intelligence systems for sustainable development, A/78/L.49 (March 11, 2024).12 G.A. Res. A/RES/70/237 (Dec 23, 2015) and First Committee Report A/70/455 (Nov. 18, 2015). The GGEs recommended 11 voluntary, nonbinding norms of responsible state behavior and recognized that additional norms could be developed over time.
• 13
  See United Nations General Assembly, Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, A/70/174 (July 22, 2015), para. 13.
• 14
  See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 36.
• 15
  See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), paras. 40-41.
• 16
  See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 8.
• 17
  See id., page 4, para. 5.
• 18
  See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), paras. 13-14, 37.
• 19
  See United Nations General Assembly, Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, A/76/135 (July 14, 2021), para. 18.
• 20
  See United Nations General Assembly, Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, A/70/174 (July 22, 2015), para. 10.
• 21
  See Rep. of the UN High Commissioner for Human Rights, The Right to Privacy in the Digital Age, A/HRC/51/17 (Aug. 4, 2022), para. 2 (confirming that the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and other global and regional treaties can be central in managing digital threats to human rights).
• 22
  See for example, UN Ruggie Principles on Business and Human Rights, (2011), guidingprinciplesbusinesshr_en.pdf (ohchr.org) (emphasizing the responsibility of businesses to prevent human rights harm and provide remedies when this occurs).
• 23
  For more reading, see Lindsay Freedman, Evidence of Russian Cyber Operations Could Bolster New ICC Arrest Warrants, https://www.lawfaremedia.org/article/evidence-of-russian-cyber-operations-could-bolster-new-icc-arrest-warrants Evidence of Russian Cyber Operations Could Bolster New ICC Arrest Warrants | Lawfare (lawfaremedia.org), March 13, 2024.
• 24
  For more information on how the UPR procedure works, see Basic facts about the UPR | OHCHR.
• 25
  See, for e.g., UN General Assembly, Report of the Working Group on the Universal Periodic Review: Jordan, A/HRC/40/10 (Jan. 7, 2019), para. 136 (Recommendation 136.15); UN General Assembly, Report of the Working Group on the Universal Periodic Review: China, A/HRC/40/6 (Dec. 26, 2018), para. 28 (Recommendation 28.204).
• 26
  For more reading, see ICT for Peace Foundation, ICT4 Proposed “States Cyber Peace Review Mechanism” for State-Conducted Foreign Cyber Operations, March 1st, 2020, https://ict4peace.org/wp-content/uploads/2020/03/ICT4Peace-Proposed-States-Cyber-Peer-Review-3.pdf.
• 27
  For a broad overview of the gender digital divide, which has affected women and girls historically and current international legal developments in this area, see Celorio, Women and International Human Rights in Modern Times, chap. 13: The Human Rights of Women in the Digital World, 326-347 (Edward Elgar Publishing, 2022).
• 28
  For more discussion of violence against women and girls, which takes place in digital contexts, such as the internet and social media, see Dubravka Šimonović (Special Rapporteur), Rep. of the Special Rapporteur on Violence against Women, its Causes and Consequences, Online Violence against Women and Girls from a Human Rights Perspective, A/HRC/38/47 (June 18, 2018), paras. 12-42.
• 29
  For more information on the UN Global Digital Compact Initiative, see UN Global Digital Compact: Background Note (Jan. 17, 2023), Global-Digital-Compact_background-note.pdf.
• 30
  See Eur. Ct. H.R., GLUKHIN v. RUSSIA, App. No. 11519/20 (July 4, 2023), paras. 64-91 (in which the European Court of Human Rights found violations to the rights to privacy and freedom of expression protected by the European Convention on Human Rights with the use of facial-recognition technology against a protester in Moscow).