We live in two worlds — real and virtual. The online world is borderless, and it is not clear whether the same laws should apply to it as offline, or if it can exist according to its own rules, without relying on accepted international and national norms. Is there any place, for example, for the right to privacy? Participants of the Valdai Club session, which was held on June 3 within the framework of SPIEF-2021, spoke about virtual (in)violability.
Mikhail Fedotov, UNESCO Chair on Copyright, Neighbouring, Cultural and Information Rights at the National Research University Higher School of Economics, explained what privacy is, in reality and in the digital environment. In offline life, this is a traditional analogue human right, secured in the constitutions of many countries. On the Internet, it turns into a “digital” right of the individual. The sovereignty of an individual is based of his “digital” rights.
In cyberspace, any sovereign person collides with other entities that possess a form of sovereignty: the state and the network. The social network, for example, has properties that the state does not: transboundariness, anonymity, public accessibility and technological unity. Nevertheless, even while in such a network, a person always remains within the limits of state sovereignty — by virtue of either living on the territory or citizenship. However, Fedotov stressed, guarantees of the rights recognised by the state for a person can become a reality online only if the network has undertaken its own commitments, and this requires either making a global conventional decision, or legislating the rules to regulate social networks at the national level. But is it possible?
Igor Ashmanov, General Director of Kribrum JSC, said that he does not believe in any international regulation. Even proposals to introduce legislation in the field of information security have been torpedoed for fifteen years. And it is clear who does this — the leader in this area is the United States, which is not going to concede its primacy to anyone. Social media are a lever of influence on the whole world, and no one will give up on it, unless some measures are taken by force. Therefore, according to Ashmanov, it makes no sense to rely on international agreements: 365 days a year the UN “expresses concern” or “deep concern” about what is happening, including in cyberspace.
There is an opinion that social media have introduced a new form of feudalism, a new state, that they have a larger budget than all the countries of the UN combined. This is also illusory. Most social media are American, that is, they are under the jurisdiction of the United States, in the boards of directors or management of each of them “people from intelligence or defence” are necessarily present.
So, in real life — not only in America, but also in Russia — there are very specific players who need to be brought to obedience in a virtual environment. What for? The fact is that the Internet environment is not safe now, like, for example, the water supply, and the basic human right to security must be ensured. This was confirmed by recent events: attacks on TikTok and YouTube before January 23, then the suicide of a popular TikTok user in February. This is a risk to human rights, especially those of minors.
In addition, there is a grey market for illicit data that is not controlled. Data leaks and privacy breaches on the Internet can lead to real-life problems — for example, based on the data, you may be denied a loan. All kinds of data about a person are consolidated and turned into a commercially-available digital profile. There is no need to wait for self-regulation in this area, primarily because of commercial interest.
Nevertheless, the main threat to a person’s privacy, according to Ashmanov, is the state. In Russia, the excitement of digitalisers is so strong that they jump over all barriers, creating “legislative sandboxes”, and introduce sub-laws that ignore both the Constitution and Federal Law No. 152-FZ on personal data in the Russian Federation. Officials dismiss this simply by saying “we have agreed with the business — we can do it.” However, it is worth asking the public: do people want to share their data?
Sergei Plugotarenko, Director of the Russian Association for Electronic Communications (RAEC) defended the “digital environment” and said that it is undoubtedly possible and necessary to call the networks to order, but not to obedience and dependency. Because we don’t know what the consequences will be.
He recalled that until 2012, the Internet environment had developed almost independently. But the Russian internet, or “Runet”, has grown as a social phenomenon, and it became clear that the state will not leave it overlooked. In 2012, the era of sporadic regulation began, and this was a shock for the industry, which, however, survived it and, moreover, learned to keep a dialogue.
Then the understanding came that together, the state and the Runet can make more money, because when the laws are in effect, it is always easier: if they do not kill you, you conform to them and enter the “white” zone. There is one problem — a legal boomerang when they try to pit international and Russian players against one another: more often than not, the “boomerang” hits the Russians who comply with these laws, whereas their international competitors largely ignore them.
Plugotarenko rejected the perspective voiced by Ashmanov, who “does not believe”, in international regulation. He noted that given the transboundary nature of the Internet and the global digital economy, we have no other choice: either close the borders or cooperate in these fields. Ashmanov replied with a question: “Cooperate by slowing down the sites, right?”
A European perspective on Big Data was presented by Christopher Gerry, Associate Professor of Russian and Eurasian Political Economy and Dean of St. Antony’s College at the University of Oxford. As it turned out, not everything is smooth in Europe either: there are many contradictions in the General Data Protection Regulation (GDPR) adopted by the European Union. For example, Big Data’s task is to collect as much data as possible and store it for as long as possible. But the GDPR principles mean minimisation and limited shelf life. The purpose of this storage and use is not regulated at all. It is about respect for the confidentiality of one’s private life and — at the same time — about transparency. How is it possible to combine them? And again, most importantly, no one asked what people think about protecting their private data.
Igor Pototsky, Chairman of the Committee on Entrepreneurship in the Field of Media Communications at the Chamber of Commerce and Industry of the Russian Federation, and General Director of STP Sales House, philosophically noted that the era of modernism gave rise to individual sovereignty, and the era of post-modernism is destroying it. The conflict between the generations is deepening, a gap in ethical standards is obvious. The Internet environment, of course, can adopt elements of legislation from other areas, but only in part.
All speakers agreed that offline legislation cannot be fully transferred online. New solutions are needed, but the problem is that the real world cannot keep up with the virtual one.
Tatyana Matveeva, Head of the Presidential Directorate for the Development of Information and Communication Technology and Communication Infrastructure, said that people probably do not yet fully understand the virtual space in which they find themselves, and that other norms are applied there.
Offline, we live according to certain rules — we have a passport, a certain circle of friends, honour and dignity, but on the Internet everything is anonymous, no one knows you, which means that user can afford to do what they would never do in reality. So, from a legislative point of view, we need to talk about the de-anonymisation of a person on the Internet. Now social media are trying to do this themselves.
All over the world, states have begun to introduce national legislation to regulate online behaviour in their countries. And multinational companies are forced to listen to them. This trend will make it possible to appreciate, among other things, Russian legislation.
Admitting that the industry has not yet met expectations in terms of self-regulation, Sergei Plugotarenko said that it is quite ready for a dialogue on this topic. When developing the legislative framework for the “digital environment”, he suggested turning to the East and looking at the experience not of China, but, for example, of South Korea, where users are satisfied with the digital environment. This is important because a country that can secure digital sovereignty will be a great power.
Big Data is, of course, important, said Igor Ashmanov, but by limiting the collection of data by law, we cannot do anything about another, much closer problem: user data can be calculated without even collecting anything for this purpose. You enter a query in a search engine, and the robot already knows from it that you are, for example, a cancer patient or that you are pregnant. According to Ashmanov, when developing the Digital Code, which the group in the HRC is engaged in, it is necessary to prescribe exactly the way of using the collected data. In particular, to prohibit the use of data from minors and vulnerable categories of citizens. In addition, it is necessary to strictly limit artificial intelligence, which is also involved in the processing of user requests. Moreover, AI has already reached a new level — the killing of living people through the use of drones has begun, and such an application of AI against humans is unacceptable.
“A robot may not injure a human being or, through inaction, allow a human being to come to harm,” Mikhail Fedotov said, quoting Isaac Asimov’s first law of robotics, formulated in the sci-fi story “Round Dance” back in 1942. Concluding the discussion, moderator Andrey Bystritskiy, Chairman of the Board of the Foundation for Development and Support of the Valdai Discussion Club, said that, first of all, this law of robotics should be inserted into the head of the robot developer.
We remind you that the Valdai Discussion Club held two sessions within the framework of SPIEF-2021. The summary following the first discussion on the risks of sanctions for the global financial system and international business can be found on our website. You can find more details about the Valdai Club’s participation in SPIEF-2021 and text broadcasts of the sessions on our social networks. We are on Facebook, Vkontakte, Telegram and Twitter. The photos can be viewed in our Instagram account. Stay tuned!