1 of 39

Shifting Left on

Human Rights

Dan Appelquist

Open Source Strategist, Samsung

W3C Advisory Board Member

2 of 39

What future are we building?

3 of 39

4 of 39

Standards are architecture.

5 of 39

Standards cannot be �developed in a vacuum.

6 of 39

Wide review is essential.

7 of 39

What facilitates wide review?

Open access

Transparency

Public comment

Connections

Inclusive culture

Willingness to listen

Royalty-free licensing

Published values

8 of 39

W3C Wide Review

9 of 39

Accessibility (A11Y)

Internationalization (I18N)

Privacy

Security

Architecture & Design

Sustainability (coming soon)

10 of 39

11 of 39

Special review groups

Accessible Platform Architectures

Internationalization Interest Group

Privacy Working Group

Security Interest Group

Technical Architecture Group (TAG)

12 of 39

Special review documents

Accessibility Checklist & Questionnaire…

Internationalization Checklist…

Privacy Principles (Statement)…

Self-Review Questionnaire: Security and Privacy…

Web Platform Design Principles…

13 of 39

Accessibility

Visual rendering? Author control over color? User input? User interaction? Document semantics? Time-based visual media? Time limits? Content fallback Mechanisms?

14 of 39

Internationalization

Natural language text? Character encoding? Typographically appealing text? Capturing user input? Names, addresses, time & date formats? Cultural norms?

15 of 39

Privacy & Security

Data minimization? Personally-identifiable information? Data that persists across sessions? Access to underlying platform features? Functionality in private modes? Privacy & security considerations sections? Threat modeling?

Privacy Principles Statement: https://www.w3.org/TR/privacy-principles/

16 of 39

Design Review

17 of 39

Priority of constituencies.

18 of 39

User needs come before the needs of web page authors, which come before the needs of user agent implementors, which come before the needs of specification writers, which come before theoretical purity."

Web Platform Design Principles: https://www.w3.org/TR/design-principles/

c.f. RFC 8890

19 of 39

Ethical Principles for the Web

Started with an idea: we already have ethics encoded into the web platform, so let’s write these things down.

Core principles on top of which we can build actionable advice.

“Put internationally recognized human rights at the core of the web platform.”

Ethical Web Principles Statement: https://www.w3.org/TR/ethical-web-principles/

20 of 39

There is One Web

Do not cause harm to society

Support healthy community

The web is for all people

Respect people’s privacy

The web is secure

Enable freedom of expression

The web is transparent

Possible to verify the provenance of information

Enhance individuals’ control and power

The web is environmentally sustainable

Multi-browser, multi-OS, multi-device

People may render content as �they wish

21 of 39

Technology without ethics makes �social inequality worse.

22 of 39

“But we’re not ethicists!”

23 of 39

Shift left.

24 of 39

Shift left on security…

Shift left on privacy…

Shift left on accessibility…

Shift left on ethics.

25 of 39

This is our responsibility.

26 of 39

Ethics can help standards to �encode human rights.

27 of 39

What do Standards have to do with Human Rights?

Technical standards are rules that tell systems what they can and can’t do; therefore they can tell people what they can and cannot do, and what can be done to them.

We can build standards that accommodate the needs of the people outside of the mainstream of society, or we can choose to ignore those needs.

We can build standards that resist surveillance or we can build them to accommodate it.

28 of 39

“But technology is neutral!”

29 of 39

Turns out, no.

30 of 39

All human endeavours are political.

31 of 39

Case Study: Securing the Web (2014)

  • TAG, IAB, other groups, identified a problem: �pervasive monitoring.
  • OK, Snowden identified the problem.
  • RFC 7258: "pervasive monitoring is an attack".
  • TAG issued a finding: "Securing the Web".
  • We worked together to put together workshop ("STRINT").
  • Many actions by many people.
  • Now, majority of the web is encrypted.
  • Pervasive monitoring is (still) not illegal.

https://www.w3.org/2014/strint/

32 of 39

Standards are transnational.

33 of 39

34 of 39

Not just the what, but the how.

35 of 39

United Nations High Commissioner for Human Rights recommended technical standards orgs:

  • “Put in place adequate human rights due diligence processes”
  • Adopt policy commitments to respect human rights”
  • “Make standard-setting processes as transparent, open and inclusive as possible”

https://digitallibrary.un.org/record/4031373

36 of 39

Inclusivity, transparency, openness facilitate wide review.

37 of 39

These principles are now enshrined in the Vision for W3C.

Draft Statement: https://www.w3.org/TR/w3c-vision/

38 of 39

Wide review, informed by ethics & human rights, contributes to a better future.

39 of 39

Estamos empezando.

(We are just beginning.)

Dan Appelquist

@torgo@mastodon.social

W3C Wide Review: https://www.w3.org/guide/documentreview/

Ethical Web Principles: https://www.w3.org/TR/ethical-web-principles/

Privacy Principles: https://www.w3.org/TR/privacy-principles/

Vision for W3C: https://www.w3.org/TR/w3c-vision/