Photo courtesy of redeweb

Since September 2023, the discourses on online safety and digital spaces in Sri Lanka have been dominated by the implications of the proposed Online Safety Bill. The Bill has attracted criticism for its draconian provisions, lack of public consultation and attempts to concentrate state power. Subsequently, the Bill was challenged in the Supreme Court by 30 petitioners and there has been a clear concern regarding the implementation of such a law in Sri Lanka in various public fora. The Supreme Court has since determined that the Bill can be passed in the parliament with a simple majority, subject to 31 amendments to the original Bill. However, concerns about potential human rights abuse prevail.

In this article, I will not dwell on the implications of the proposed Online Safety Bill on digital rights, as much has already been written about it; the continued resistance against the Bill within public spaces indicates that there is firm consensus on the threat to human rights posed by such proposed law. My focus is on what is largely missed in the discussion on human rights threats and digital spaces in Sri Lanka – the “big other” stakeholder in the rights discourse, i.e. the internet intermediaries or what is known as tech businesses. In the context of the proposed Online Safety Bill, there was a concern about whether the proposed laws would drive digital platforms out of Sri Lanka when the Bill was initially published in the gazette. At the outset, this is a legitimate concern given the impact of such platforms on the economy. However, one cannot overlook the inherent complexities with regard to the role and impact of internet intermediaries on the human rights landscape in Sri Lanka. Therefore, it is vital to move beyond the economic utility argument and attempt to understand the nuanced implications of the proposed laws, particularly the question of whether legal interventions reinforce digital repression at multiple levels.

Internet intermediaries: intersection between businesses and human rights

It is undeniable that internet intermediaries have played a pivotal role in connecting people across the globe and enabling individuals and groups to participate meaningfully in their socio-economic as well as political lives. However, the concentration of unprecedented power on a handful of technological companies has also alarmed human rights defenders. Amnesty International (2019), notes that Google and Meta have created a “systemic cost” where the surveillance based business model has created a dilemma where for one to access digital spaces, they have to surrender to potential human rights abuse perpetrated by the surveillance business model. With the threat to privacy at the helm, there are cross-cutting violations of other rights including freedom of thought and expression, right to dissent and the right to equality and non-discrimination. Further, investigations on internet intermediaries have revealed that these business entities profit expansively from utilising targeted advertisements on engagement-based algorithmic systems, where ideally the “users” continue to engage on internet platforms for a prolonged period of time. Therefore, internet intermediaries have been critiqued for promoting inflammatory content and creating online echo chambers of violence, hatred and discrimination. This surveillance business model is based on “surveillance capitalism”, a term academically coined by Shoshana Zuboff. It is a new economic order premised on extracting human experiences as raw material and concentrating unprecedented power on business entities, which also have the power to modify human behaviour online and offline.

The impact of internet intermediaries, which are technically transnational business entities/private actors, warrants a newer set of questions to better understand the challenges and threats to human rights in the digital age. Traditionally while the state’s role was to refrain from infringing human rights, with the advent of internet intermediaries, states also have the obligation to act in order to ensure due diligence of such businesses. In countries such as Sri Lanka, there is the added layer of concern on ensuring that interaction between the state and the internet intermediaries do not further concentrate power on authoritarian actors (regimes and or private actors). Therefore, any and all legal interventions aiming to regulate public engagement in digital spaces and broadly the use of internet intermediaries should critically scrutinise the threats to human rights from a range of stakeholders, including private actors.

As transnational corporations, internet intermediaries operate in multiple countries and regions while being legally housed in a specific jurisdiction. This has been a serious accountability concern, especially in holding digital platforms accountable for human rights violations. At present Meta faces several lawsuits in the United States, United Kingdom and Ireland for facilitating violent content and hate speech on its platforms against the Rohingya people and the subsequent failure to comply with human rights due diligence in its operations in Myanmar.

Failure to comply with human rights due diligence by internet intermediaries is not a new subject for Sri Lanka as well. In 2020, Facebook formally apologised for the violent content shared on its social media platforms in the 2018 Digana riots, which resulted in deadly violence against an ethnic minority in the country. These examples evince the issues within the surveillance business model of internet intermediaries, which causes inflammatory content online to perpetuate violence offline. It is important to recall that the liability of tech businesses in human rights violations is a discussion that has gained traction in international legal and policy discourses. The United Nations Guiding Principles on Business and Human Rights is a pragmatic (as well as ambitious) approach to engage private actors in promoting respect for human rights. In 2020, the Danish Institute for Human Rights also published an extensive set of guidelines regarding Human Rights Impact Assessment on digital activities, with the intention of promoting in-depth human rights due diligence practices.

However, within the Sri Lankan digital rights discourse there is a gap in scrutinising the role of private business actors and their impact on rights and digital spaces. Even in the proposed Online Safety Bill, the attempt has been to primarily pose penal sanctions against the “end user” as opposed to critically understanding the multi-level engagements within digital spaces and the causes of online violence. Being from the global South, the question of how and to what extent the surveillance business models of internet intermediaries have rendered multi-dimensionally vulnerable groups even more vulnerable to human rights violations requires critical attention.

Digital authoritarianism and repression

It is clear that the question of tech businesses’ complicity in human rights violations remains a concern. There is a long running critique on the complicity of certain transnational business actors to human rights violations, especially in the context of environmental matters in the global South. In such contexts, the intersection between businesses and the state has often resulted in the repression of the human rights of vulnerable communities. Examples across the globe include the case of Chevron in Ecuador, Shell in Nigeria and the construction of pipelines on Indigenous lands in Canada.

In the digital age, scholars have theorised the use of digital information technologies for the purposes of reinforcing authoritarian rule and extending surveillance, social control and repression as digital authoritarianism. However, one should bear in mind that digital authoritarianism is not only relevant to regimes lacking accountability and largely digressing from democratic norms but also remains a crucial consideration for democratically advanced societies. The use of digital spaces to exert and centralise control has become a crucial factor and states and businesses are critiqued for their role in eroding digital rights to exert control over voices and spaces online. In Vietnam and Hong Kong, human rights defenders critique tech companies for complying with authoritarian surveillance and censorship requirements to suppress dissent against the state. Therefore, in relation to internet intermediaries and proposed Sri Lankan laws intending to “guarantee online safety”, it is crucial to scrutinise all stakeholders that have the power to interfere with digital rights. In doing so, it is equally imperative to open spaces for dialogue and discussions on human rights due diligence, particularly the need to account for potential threats to digital rights by private actors. In different parts of the world, the question of business due diligence of internet intermediaries is being dealt with through legal processes that involve multiple stakeholders to best balance the concerns on regulating the internet. The Digital Services Act of the European Union (DSA) is a useful example in this regard. The DSA ensures safeguards through specific procedures guaranteeing transparency and due diligence obligations for internet intermediaries.

Way forward

In the context of Sri Lanka, the Aragalaya or the People’s Protest in 2022 exemplified the people’s clear demand for democracy, rule of law and sovereignty. Undoubtedly, the lifeline of democracy is embedded in the ethos of open spaces and the ability to critique and dissent power. The role played by digital media platforms during the Aragalaya has shown the power of digital spaces in mobilising masses both online and offline in the exercise of their right to dissent and to autocratic regimes this is the challenge. Thus, if open spaces are being targeted by the state and there is little discussion on the surveillance business models of internet intermediaries, there is a dire need to re-evaluate the impact of public-private actors on human rights in digital spaces.

As Paulo Freire iterated, “To glorify democracy and silence people is a farce; to discourse on humanism and to negate people is a lie”. Thus, it is important, for such debates to also serve the interests of human rights, democracy and people’s sovereignty at the crux. Perhaps then we can attempt to better formulate laws that address real issues concerning online safety and digital rights.

The author is an Attorney-at-Law. She took part in the “Defending Human Rights Online and in Business” seminar at the Friedrich Naumann Foundation International Academy for Freedom from October 8 to 20 in Gummersbach, Germany. The author acknowledges drawing key insights regarding the Human Rights Due Diligence of internet intermediaries from the seminar in writing this article, particularly the presentations by Frederic Kupsch, Enikö Gal, Hussam Erhayel and Glacier Kwong. The author currently works as a researcher at the Centre for Policy Alternatives and this article does not reflect the views of her employers.