Reversing the tide on tech & democracy: a conversation with Yaël Eisenstat & Eileen Donahoe

Earlier this month, the Task Force on US Strategy to Support Democracy and Counter Authoritarianism- a bipartisan group of leaders, experts, and former policy makers convened by Freedom House, CSIS, and the McCain Institute- released a new report, Reversing the Tide: Towards A New US Strategy to Support Democracy and Counter Authoritarianism.The report included a range of recommendations related to technology, media and the public sphere.

For Tech Policy Press, Yaël Eisenstat, a former CIA officer, diplomat and Facebook executive who is now a Future of Democracy fellow at the Berggruen Institute and a Researcher-in-Residence at Betalab, discussed the key findings of the report with one of its authors, Eileen Donahoe, who is the Executive Director of the Global Digital Policy Incubator at Stanford University’s Cyber Policy Center and formerly the US Ambassador to the UN Human Rights Council in Geneva.

A recording of this conversation is part of the Tech Policy Press podcast- subscribe here. Below is a lightly edited transcript of the discussion.

Yaël Eisenstat:

So we're here to discuss this report called, Reversing the Tide: Towards a New US Strategy to Support Democracy and Counter Authoritarianism. Throughout the report, which you were involved with, there's really two main ideas that I pulled out, which the report is built on. Which is one, that authoritarianism has been on the rise and democracy is eroding. And that this of course presents a real threat to our national security. And two, that the United States and its democratic allies haven't really addressed the strategic challenge posed by democratic decay and what you're calling a resurgent authoritarianism.

Now for the purpose of this conversation, since this is Tech Policy Press, I really want to focus on two of the seven strategies and recommendations from your report that relate to technology. So I'll just quickly mention those few strategies and then dive right in. Strategy number four is to lead and develop a strategic digital technology policy agenda for the democratic world. And strategy number five is to develop a strategy to rebuild trust in the information or environment and to counter the spread of disinformation, online hate, and harassment.

My first question to you, Eileen, is that to date, much of the technology conversations in government in particular are really focused on cyber security and technology competition. But this idea that technology has a fundamental role in the outcomes of democracy in and of itself is relatively new. So how did you all as a group land on these two technology related strategies?

Eileen Donahoe:

I am so glad you asked that question, because that really goes to the heart of what we were trying to do here. And you are absolutely right. Most people's minds, when you talk about technology and democracy, they go to either the traditional cyber security type threats, or they go to the economic competition. And what we were trying to do is to link the challenges associated with technology directly with that larger threat and our real mission, which is, how do we address the democratic recession around the world in the rise of authoritarianism? And what's the role of technology in that? And I add from my vantage point, even though we were one of five working groups and we became two of seven strategies that ultimately were put into the report as practical recommendations for the U.S. and in particular the Biden administration.

From my vantage point, technology is the universe in which we are operating. And it's the entire context in which democratic government must be practiced. And so what we were trying to do very intentionally is make much more visible to policy makers the extent to which the digital transformation of society, digitization of everything, has so dramatically altered the context for governance. And to look more seriously at how it's challenging the basic obligation of government to protect the liberty and security of citizens. You know, tech has infiltrated everything. Digitization has infiltrated everything, and we know there are many benefits, but those of us who want to be optimistic about the potential for technology and the society going forward, I feel like our job is to look at the downside risks and handle them. And democratic governments really have not done a good job at that. We're essentially failing at addressing not just cyber security, traditional vulnerabilities- but all the threats to liberty and security that come with digitization. And so you hit it that that's what we were trying to do, make this bigger picture much more visible.

And last point here I will say is to us there were really two big parts of this equation. One is, how are democratic governments themselves failing to live up to their own ideals and adhere to their values in this digitized context? And then the other half is, how is digital technology facilitating the rise of digital authoritarianism? And so we sort of addressed both of those sides of the equation.

Yaël Eisenstat:

Yeah. So I hope that our listeners will actually delve into the report, because there's a lot of really good content there. I just picked out a few things out of the report that I would love to get your thoughts and expand a bit more from what was in the report. I am going to read two sentences that were really strong. In the report you say, "Democracies must recognize that we are in a dual political battle over the digital governance model that will dominate the 21st century. This presents an existential threat, not just to U.S. economic and national security, but also to our values-based vision for the internet in an open democratic digital society." This is a really bold statement. Using the words “existential threat” is always bold. And some would argue that a splinternet is not necessarily a bad thing, but as I'm reading your report, it seems you're arguing for why that would be a threat to our future as a democracy. I would love you to elaborate a bit on this point.

Eileen Donahoe:

So I'm going to start with what we hoped to make really visible, which is that digital technology is absolutely facilitating the spread of authoritarianism. And so at the height of the internet freedom movement, we were all incredibly naive thinking technology would be inherently libratory, and that has not turned out to be the case. And we thought authoritarian governments would never be able to catch up with civil society actors, et cetera, when they had access to technology. Now, what we observe instead is that technology is the primary means through which authoritarians are controlling citizens at home, repressing them, surveilling, censoring, they're exporting these technologies abroad and sort of spreading those capacities for repression. They are additionally exporting information infrastructure through which they will gain leverage over societies for decades to come. And last but not least, they are really ramping up their global diplomacy and trying to reshape the norms of 21st century digital society.

And so for us, the move towards cyber sovereignty by authoritarians has sort of two key pieces to it. One is the normative piece, and it really is a restatement of a very old idea, which is that governments are sovereign, and what happens within their borders is their own business. And external parties should no longer be able to utilize a human rights basis for critiquing what we do within our cyber borders. And that is the idea we are really resisting. And part of the authoritarian narrative is about the irrelevance of the international human rights framework. And the idea that it's no longer feasible to adhere to human rights principles in a digitized context. And along with that, what we've seen, on the democratic side of the equation we've seen a loss of confidence in the feasibility of adhering to democratic values and international human rights principles.

And so we are trying to say, "We have a framework of global norms. There are many reasons that it is very well suited to a global environment." First and foremost it is internationally recognized, status of international law, negotiated through multilateral, multi-stakeholder processes. Speaks to virtually all of the threats associated with digital technologies. And our problem is not that we don't have global norms or a global framework. What we don't have is an understanding of how to apply and adhere to those norms in this radically changed context. And so that was one of our top line ideas. Hold on to this framework, but do the hard work of re-articulating those global norms.

Let me get to the splinternet concept. To my ears, cyber sovereignty and splinternets are not exactly the same thing. I hear splinternet as primarily a description of what's going on globally around the world in terms of all kinds of governments, asserting sovereignty, attempting to regulate in some way something that's happening on the internet or in the digital realm. And that's a descriptive term. And some of those regulations are very well-intentioned, and intended to protect citizens, human rights, free expression, privacy, et cetera, and others are less so. Others are much more moving in an authoritarian realm. So, I consider ‘splinternet’ as a descriptive thing, not exactly the same as assertion of a new norm of cyber sovereignty.

And I will also mention another concept that I'm sure you are well aware of, but didn't mention- this idea of digital sovereignty, which has been asserted a little bit more by European governments. And then there are many people in civil society talking about the digital sovereignty of citizens. And I would love to see that concept much more fully developed, and to have technologies and innovation that actually do support the digital sovereignty of citizens. But to my ears that is quite a different move than what China in particular is trying to do with the concept of cyber sovereignty.

Yaël Eisenstat:

There is so much we could unpack there. It's just, it's so fascinating. I want to actually drive a little bit more about this sort of international human rights principles. So, Eileen, your report has a strong focus on the importance of international human rights law and principles, particularly in the digital context. Some argue, and I am one of those people, who are these that it's actually American tech companies that have helped facilitate the major human rights violations and tragedies. I mean, the big example would be Facebook and Myanmar. So I'm curious, how do you see the U.S. role in both reconciling this fact, but in also being a leader in pushing for human rights framework with our democratic partners?

Eileen Donahoe:

So for me there really isn't a tension there. And in fact, the U.S., if you're talking about the U.S. government and what it should be doing about American tech companies and how they may be facilitating human rights violations around the world, the answer is, go directly to the international human rights law framework. So the founding documents, the International Bill of Rights, the core of which in this regard is the International Covenant on Civil Rights, the ICCPR, basically understands that the primary obligation under international law to protect human rights rests with governments. And what that means is, they themselves have to be careful not to violate through their own use of data, use of technology, and their regulation of data and technology. They should not be harming human rights, and they should be doing human rights impact assessments of what they themselves do. But they do have an obligation to regulate private sector entities that may be harming citizens at home or abroad.

And so that's understood to be the obligation of government. In addition to that is the responsibility of the tech companies themselves. And so in 2011, this is a much more recent development and almost can be considered a governance innovation within the international human rights framework itself, is the guiding principles on business and human rights. And there the idea is that private sector entities themselves, they don't have an obligation like governments to protect citizens, but they have a responsibility to respect human rights in their own activities through, think about the impact of their own products and services. Do due diligence processes to make sure that in the design, the deployment, development, and even after the fact, use of their technologies, that human rights are not being negatively impacted, and then to remedy those violations. And so from my vantage point the framework speaks very well to the responsibility of tech companies and to the responsibility of governments, including the United States, to think about the and regulate the impact of tech companies as it relates to human rights.

Yaël Eisenstat:

So, that leads me to really think about our government's capabilities. Do you think the U.S. government is equipped to take on some of these recommendations? And I'm curious if not, what can we do to strengthen our government's capabilities to appropriately manage the technology portions of your report and your strategies and recommendations?

Eileen Donahoe:

So, two parts to my answer there. I have deep confidence that the current administration at the highest level, the President himself, the Secretary of State, the National Security Advisor, and the people that they have appointed and they're relying upon, they get this challenge. They have an organic feel for the link between democratic values and our national security. And they understand that promotion of democracy and human rights are strategic priorities. And that is a 180 from the last administration. And it's even, I would say, a further enhancement of any version of that idea that we've ever had in American history, in any previous administration. I think part of the reason for that, I mean, the move away from sort of the realpolitik kind of approach to foreign policy comes from the fact the perception of the United States has deteriorated around the world, and we have left a vacuum of leadership and the consequences for our own national security and economic security, and the security of citizens is dramatic.

And so they are understanding now that the normative dimensions of technology policy and just U.S. values and democratic values are really important to long-term security. So that part I have deep confidence, and obviously there's going to be this summit for democracy. And I believe that the technology agenda is likely to be a very big piece of that summit. On the part of this situation at home about which I feel much less optimistic, is obviously the regulatory front, which has to happen in the Congress. And there I would say we are so politically divided and our understanding of so many of our core values- such as free expression, and what that entails- is so confused and contested and convoluted, that the likelihood that we will really be able to have Congressional constructive movement on these fronts... I am less sanguine about that, but at least the topics have been raised and people are putting proposals forward.

Yaël Eisenstat:

I've got one more question for you. Zooming out to like-minded democracies, I was really interested to see in the report that there was a focus on some of the current risks between the U.S. and the European Union on our approaches to data, on why those risks are concerning. So I'm curious, do you think the U.S. and Europe will be able to find common ground on data issues? What are some of your key concerns or recommendations in that area?

Eileen Donahoe:

Yeah, that's a great question. Because you know, our top line idea here is we want the U.S. to reassert leadership with our democratic allies and really rally the democratic world around this shared vision. And our sense is, if we can't heal the tech policy riff with Europe, it is very unlikely we are going to be galvanizing the rest of the world around a vision. But I acknowledge, and here again, it's obvious, I'm an advocate for the international human rights framework. We have the global norms, Europe shares them, the United States shares them, our democratic allies share them. That framework has never required homogeneity in how those values are made manifest in domestic regulation or law. It does provide a bottom line and a shared basis and a shared articulation of what the values are, like the idea of protecting free expression, access to information, privacy, et cetera.

And the reality is, a lot of those rights actually are tension with each other in the digital context. And so figuring out what is the right way to hold these competing interests in the digital context is the shared project, but we don't need to have homogeneous laws. We need harmonious and legally interoperable approaches. And the task is, I think no governments, there isn't a single democratic government on the planet today that has done the hard work of really thinking through how to apply the whole framework to which they've committed, and really sorting out these tough challenges, particularly things like the tension between privacy and free expression.

And the last point there, and the practical realm, how likely is it that the U.S. and Europe are going to be able to reconcile these tensions? The first move there, I think, has to be a much deeper conversation about the breakdown of the privacy shield arrangement and why that happened. I mean, the European Court of Justice struck down that arrangement, which was negotiated at the end of the Obama administration on fundamental rights grounds. And what's really interesting, just the basic sense that the fundamental right to privacy of citizens in the EU could not be adequately protected under this arrangement. And that the interesting point there is that it is largely, it's not so much about what the private sector is doing themselves in that instance, it's about the fact that the U.S. government might have access to the data of private sector companies that are American. And so that's really about, again, it's what governments themselves do and what restraint- institutional restraint- democratic governments must be putting on themselves when it comes to use and regulation of data and technology, and then the corresponding responsibility of the private sector to respect human rights.So I do think it's definitely possible.

Here's the last point. Why do I have some optimism about this? I do believe that our allies and our government, U.S. government and our European partners will come to a shared understanding of that existential threat. Not only is the model of digital authoritarian spreading around the world, China's global influence is obviously rising in every possible realm. And I do believe that that fact will motivate allies to come together, because we face the shared threat, and it is to our normative vision. It's not just our economic well being. It's not just military security. Although it's all of the above when it comes to technology. One of these ideas we talked about is that technology is now the source of all forms of power.

And China understands this very well. They have massively invested in technology, its economic power, military power, geopolitical influence, and it normative influence. And I think that is the existential threat, if you care about human rights and you care about democracy as a form of government. And I think that that threat is what will bring democratic allies together and help us heal this transatlantic rift.

Yaël Eisenstat:

Well, I can't argue ending the interview on a note of optimism. You know, sometimes we get so bogged down in tech policy conversations on the details of how this algorithm works or that work, which is all super important, but rising this to the level of how global democracies and like-minded countries will all come together to tackle some of this is a really interesting perspective. Thank you so much for sharing it with us. And again, I hope our listeners will look up the report and read it in more detail. Thanks very much, Eileen.

Eileen Donahoe:

Thanks so much for a great conversation.