A neutral, international framework is needed to manage cross-border requests related to the cyber sphere, says Bertrand de la Chapelle, director of the Internet & Jurisdiction Project.
A neutral, international framework is needed to manage cross-border requests related to the cyber sphere, according to Bertrand de la Chapelle, director of the Internet & Jurisdiction Project.
Bertrand de la Chapelle was speaking at a panel discussion on "The Future of Data: Territory and Jurisdiction", organised by the Observer Research Foundation and the National Internet Exchange of India on February 16. He was joined by Dr Govind, CEO of NIXI and Pavan Duggal, advocate at the Supreme Court of India. The panel was moderated by Ranjana Kaul, partner at Dua Associates.
The panel explored the competing notions of national sovereignty and a borderless cyber sphere through the difficulties in applying jurisdiction to cross-border cyber transactions. It was noted that jurisdiction is linked to sovereignty, which is linked to responsibility, itself ultimately leading to the idea of liability for both individuals and states. However, jurisdiction is not clear cut since the internet is an all-encompassing medium which breaks down the concept of territoriality - it has made geography history. Many countries have embraced the ’effects test’, allowing them to claim jurisdiction in cases where actions taken elsewhere by nationals of other states have effects in their state. In a post-Snowden world, jurisdiction is being used as leverage in political power plays. Panellists highlighted the growing concern about the balkanisation of the internet, pointing out that the benefits of the internet risk being lost if strict territoriality is imposed. One clearly visible aspect of this is the difference in the terms of service for different domains of the same website (for example, Google.fr and Google.com).
While the international legal system as it stands is based on a separation of sovereignties and jurisdictions, architecture does exist for international cooperation, like mutual legal assistance treaties (MLATs) between countries. However, the panel pointed out that this is not an efficient system; India’s elite law enforcement agency the Central Bureau of Investigation (CBI) reports that it takes on average 3 years and 4 months for them to get a response through the MLAT system - if they get a response at all. Time is a pressing factor since cyber transactions can be instantaneous, so the bureaucracy must be able to move more quickly than it does.
The panellists also praised the Budapest Convention on Cybercrime, which takes steps to harmonise laws and encourage cooperation between countries which are signatories to the convention. Agreements often hinge on dual criminality provisions, which ensure that assistance will be rendered in case an action taken is a criminal offence in both the requesting and assisting countries. Countries often have significantly different legal and cultural approaches to certain topics. The example of free speech was given: a statement which would be classified hate speech in one country may be protected speech in another. There was agreement that there should not be complete harmonisation on content or substance; the differences that arise are based on culture and identity. The focus should rather be on standardising the procedure and handling of requests. In this regard the framework proposed by the Internet & Jurisdiction Project is something of a neutral platform.
The globalising economy means that there are already cross-border transactions taking place, and multinational companies in operation. Therefore requests for information and user data are already taking place, but there is a lack of predictability, accountability and transparency in the process. Decisions taken are not coherent because there are different procedures taken by different entities. The panel acknowledged that while large companies could afford to build databases of information and authenticate users and requests, smaller companies almost certainly could not. Furthermore, having every company and government building their own systems is not only time-consuming and expensive, but a duplication of work.
Other benefits of a single procedure were discussed, including how it would aid dispute management. The term ’dispute resolution’ was avoided, since it would be difficult to arbitrate between a service platform and a state. However, some kind of dialogue and an appeals system could be established. A project like that of the Internet & Jurisdiction project would be voluntary, with progressive adoption. One point raised was that the legitimacy of any kind of platform like the one suggested would depend, in the end, on representation. It must simultaneously be broad (encompassing as many stakeholders as possible) and deep (having enough information to be useful).
A large number of internet users today are accessing services through mobile platforms -- in India, that figure is as high as 60% of all internet users. The panel reiterated that this was an important facet that should be incorporated into discussions of jurisdiction. A user on a mobile phone can be easily tracked using geo-location services and IP addresses. However, they may be using different service providers as they move, and they may be using over-the-top services based in other countries. These factors add complexity to what may otherwise be a simple question of which court has jurisdiction over their case.
While 90% of the internet may be commerce, the other 10% is dominating the global discourse. This includes discussions of privacy, surveillance and more. Net neutrality and minimum broadband speeds, which ostensibly are purely national issues, have become global internet governance concerns.
The discussion concluded with a consensus that setting aside national objectives, cooperation was the best way forward for security. However, until an international legal framework is accepted, countries will continue to push their own national jurisdictions as the only for a for resolving cross-border issues.
(This report is prepared by Anahita Mathai, Junior Fellow, Observer Research Foundation, Delhi)
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
PREV
