The U.S. and EU now have new tools to obstruct governments who might use Internet technologies to violate human rights. In the U.S., an Executive Order issued on Monday targets entities providing technologies to the Iranian and Syrian governments that allow them to disrupt networks and monitor and track citizens. President Obama articulated sanctions that will narrowly target certain uses of technology – and sales of technology to certain regimes – that present immediate, clear threats to human rights. The EU also announced that it is strengthening restrictions on the export of technologies that have aided repression in Syria.
The U.S. Executive Order identifies entities (including companies) that have been complicit in the Iranian and Syrian governments’ “malign use” of technology to violate human rights. With the goal of deterring the sale or use of surveillance or network disruption technologies in Iran or Syria, the sanctions block people associated with these entities from entering the U.S. and allow their assets and property in the U.S. to be seized. While the Order identifies seven entities immediately subject to action, the Treasury Secretary (in consultation with the State Department) may add new entities to that list, including persons or companies who have assisted the governments of Iran and Syria by:
- Operating technology that facilitates computer or network disruption, monitoring, or tracking that could assist in human rights abuses [emphasis ours];
- Selling, leasing, or providing (directly or indirectly) goods, services, or technology that enables disruption, monitoring, or tracking; or
- Materially assisting any entity engaged in the above activity, or that is sanctioned under the Order.
The Executive Order also reflects the need to ensure access to ICTs for Iranian and Syrian citizens. It is narrowly targeted to minimize collateral damage to tools and infrastructure that enable human rights defenders and citizens to communicate. This is no small task: regulatory sanctions and controls on technology can often limit access to the very tools activists use to mobilize locally and direct international attention to human rights abuses. The administration has chosen to keep a narrow focus on Iran and Syria, countries that have a clear track record of extensive abuses aided by ICTs.
Whether and how sanctions can be used to address abuses by other governments—those that may not be engaged in widespread violence against their own citizens—raises a critical question: because restrictions on sales of technology can also impede citizens’ use of communications tools, to what is the most effective way to promote human rights and access to ICTs in this context? EU Member States will be confronting similar questions as they implement their new Syrian sanctions, as well as how to control “dual-use” technologies that can be put to both beneficial and detrimental use.
Sanctions against Syria and Iran are not new; state entities in both countries are already subject to broad sanctions under current U.S. law. However, the Executive Order and the EU sanctions send a clear message: ICT companies have a responsibility to avoid complicity in governmental human rights abuses. Companies that manufacture surveillance and monitoring technologies need to know their customers. If they sell their products in regions where human rights abuses are likely to occur, they must address this risk. Companies are obligated to evaluate their practices and engage with human rights experts in order to better understand and mitigate the potentially grave consequences of their business practices.
With these sanctions, U.S. and EU governments also must work with companies to minimize collateral damage to citizens’ access to communications technology. Internet and mobile phone infrastructure and online tools are increasingly vital to civic engagement and activism in these societies; controls and sanctions must be carefully crafted in order to avoid interference with these critical tools.