Technical Standards in Service to Humanity

By Mallory Knodel

The Office of the High Commissioner for Human Rights (OHCHR) took another significant step toward reshaping how the technical community can consider human rights in standards setting by releasing a new report, published this week titled, “Tech and Human Rights Study: Making technical standards work for humanity - New pathways for incorporating international human rights into standards development for digital technologies.”

Technical standards, the shared rules that make digital systems like the internet work, help shape the conditions for human rights online. After a year of consultations, this OHCHR report outlines an informed agenda for how standards development organizations can integrate human rights into both their processes and the standards of the technologies they design. It also describes the current landscape of global standards bodies, identifies the barriers that prevent meaningful human rights engagement, and highlights practices that support openness, inclusivity, transparency, and accountability.

Today’s tech raises critical questions about human rights

The office began work on the new report following its 2023 Human Rights Council resolution on the importance of integrating human rights into the work of technical standards bodies. That earlier resolution recognized that internet and digital technologies shape the most basic conditions for people’s rights. This new report focuses on a specific and long overdue question: how can standards development organizations support human rights through both their processes and the technical standards they create?

The report shows that technical standards play a critical role in shaping whether human rights are upheld or undermined depending on the choices embedded in their design. Standards that promote openness, interoperability, and secure communication help safeguard freedom of expression and access to information, while those that introduce filtering, traffic controls, or shutdown mechanisms can restrict them. The report also highlights that the architecture of standards shapes whether people can assemble and associate online in safe and reliable ways. And because standards determine how data is transmitted, stored, or exposed, they have significant implications for privacy, a right enshrined in Article 12 of the Universal Declaration of Human Rights. Standards can either protect users from surveillance or make intrusive monitoring easier. In short, the report shows that technical standards are not neutral: they encode decisions that can strengthen human rights by design or facilitate their erosion.

The work with the OHCHR throughout the year focused on supporting this effort. This included helping to design and run a consultative process with six focused conversations involving stakeholders from across standards development, human rights advocacy, internet governance, and emerging technology communities. One consultation also took place as a side meeting at the IETF. It gave participants a chance to speak directly to the relationship between human rights and technical standards in an engineering-focused environment. Each conversation brought different experiences into the room.

Bringing the technical and human rights communities together

The report builds on more than a decade of work by human rights organizations and public interest technologists who engage in standards development. Their work focuses on the design, development, and deployment of internet and digital technologies, including artificial intelligence. These communities analyze how technical choices influence surveillance, censorship, discrimination, and other rights concerns. Their long-term engagement shows why standards work needs direct human rights input.

All six consultations led into a final online meeting that brought every participant together with a goal of confirming that the draft captured what people shared throughout the process and to ensure that the material was accurate, clear, and useful. We circulated an early version of the report to all participants and invited written feedback. Their comments strengthened the final text and helped shape the recommendations.

The pathways towards human rights respecting standards

The timing of this report also matters. The Global Digital Compact, adopted at the United Nations General Assembly, directs the OHCHR to coordinate human rights considerations across global internet governance institutions. That includes multilateral bodies like the ITU and multistakeholder communities like the IETF. The compact reinforces the idea that governments, civil society, and standards bodies share responsibility for integrating human rights into technical work.

The report describes the current landscape of standards development organizations and outlines how each organization structures participation, transparency, documentation, and decision-making. It identifies clear points where human rights considerations can enter these processes. It also provides concrete recommendations for standards bodies, governments, and civil society. These recommendations address process design, risk assessment, participation support, and the need for sustainable engagement by public interest technologists.

This work continues. Next month the AI Standards Summit in Seoul will host a session on human rights in technical standards. Many participants from our consultations will attend. The ITU Telecommunication Standardization Advisory Group will meet in January to continue its own discussions about how to incorporate human rights considerations into its processes.

The recommendations give governments, standards bodies, and advocates practical steps they can take today. Broader awareness and stronger participation will help build an internet that better protects human rights for everyone.

Building Human Rights Into the Social Web (with Mallory Knodel)

Two weeks ago, Mallory and the IX team hosted a series of events related to human rights and the social web at MozFest 2025 in Barcelona. While there, Mallory joined the legendary Rabble, a.k.a Evan Henshaw-Plath (Twitter's first employee) to talk about who controls Web 2.0 and how the fediverse gives us a second chance; how she convinced the IETF to evaluate protocols for human rights implications; and why content moderation should be contextual, not universal. They also discuss how Edward Snowden’s revelations changed global internet standards, the 2025 funding crisis and how Ghost provides a model for sustainable open-source businesses.

From the Group Chat 👥 💬

This week in our Signal community, we got talking about:

Cloudflare, one of a handful of companies that together provide a stack of critical internet infrastructure services, went offline on Tuesday affecting millions of companies including ChatGPT, X and, annoyingly for me, Moodle, my university’s online learning platform. In the IX group chat, we noted that an outage at a company used by 81.5% of all websites that rely on a reverse proxy is a reminder of how much of the internet is reliant on a few big companies. This one happens to also be moving into identity, payments, and standards-setting in ways that look a lot like building the power to paywall and ID-wall the web.

We’re Keeping An Eye On: Chat Control

EU governments have agreed on a draft of the Chat Control law that legally allows platforms to scan private messages on a voluntary basis while confirming there is no obligation to do so. The Commission wanted platforms to be obligated to scan all user communications for signs of crime and report suspicious content. The European Parliament called this mass surveillance and insisted that scanning should apply only to unencrypted content of specific suspects. The resulting draft is a compromise: there will be no obligation to scan, but voluntary scanning will be legally allowed.

Privacy experts warn the plan is unlawful, ineffective and easy to abuse, and say its age verification rules risk major privacy violations and the loss of online anonymity. Netzpolitik.org has published the classified negotiation protocol and the draft law: https://netzpolitik.org/2025/interne-dokumente-eu-staaten-einigen-sich-auf-freiwillige-chatkontrolle/

For regular coverage on this fast-moving legislation, this former MEP is posting regular detailed updates https://digitalcourage.social/@echo_pbreyer

This Week's Links

Open Social Web

• Decentralised social networks highlight the value of a model that redistributes power to users and communities. In this recorded session from Decidim, Amandine Le Pape (Element), Robin Berjon (Free our Feeds), Andy Piper (Mastodon) and moderator Marta G.Franco (Laintersección) discuss the challenges and opportunities of building truly democratic social networks that are truly ours. https://www.youtube.com/watch?v=mWX8O2HWGMY 

Internet Governance

• The Franco-German Summit on European Digital Sovereignty largely avoided sensitive geopolitical issues and instead promoted a “first innovate, then regulate” agenda centered on deregulation, investment incentives and support for European start-ups. https://www.techpolicy.press/at-the-sovereignty-summit-europe-put-startups-on-stage-and-kept-big-tech-in-control 
  • Related: Europe’s digital sovereignty agenda is far too focused on economics, says the European Partnership for Democracy, and ignores a deeper threat. While governments debate industrial competitiveness, a handful of tech corporations still shape public discourse, decide what information people can access, and determine how (or whether) they follow democratically adopted laws. https://epd.eu/news-publications/if-europe-wants-digital-sovereignty-it-must-reinvent-who-owns-tech 
• After more than a decade of aggressively regulating the technology industry, the EU is crafting changes to scale back and simplify landmark rules for AI and data privacy because policymakers and major industries increasingly believe strict regulation is harming Europe’s economic competitiveness. www.nytimes.com/2025/11/17/technology/europe-big-tech.html?unlocked_article_code=1.108.DbKs.SeK6KNeH2ump 
  • Related: Abeba Birhane and Kris Shrishak warn that the EU’s shift in AI policy is being driven less by science and more by Silicon Valley–fuelled hype, pushing lawmakers toward speculation-based decisions that carry real social, environmental and economic costs. https://www.techpolicy.press/ai-hype-is-steering-eu-policy-off-course 
• Consumer Reports is calling on the FTC and state attorneys general to take enforcement action against Meta for knowingly allowing over 15 billion scam advertisements that led to over $16 billion dollars in profits for the corporation. I hope they’re successful because my dad has fallen for two such scams. Does he read this far down in the newsletter? I’m about to find out. https://advocacy.consumerreports.org/press_release/consumer-reports-calls-on-the-ftc-and-state-attorneys-general-to-take-action-against-meta-for-its-failure-to-mitigate-harmful-scam-advertisements 
• ICANN has published the latest monthly metrics for RDRS. The October report highlights trends in request volumes, system activity, and global participation from registrars and requestors. These insights help inform ongoing community discussions about access to generic top-level (gTLD) nonpublic registration data. https://www.icann.org/en/system/files/files/rdrs-usage-metrics-14nov25-en.pdf 
• The European Commission has opened a public consultation on revising the EU Standardisation Regulation (Regulation 1025/2012). This is the law that governs how technical standards that shape everything from cybersecurity and AI specifications to product safety, environmental norms, and industrial processes are developed and adopted across the EU. https://single-market-economy.ec.europa.eu/consultations/public-consultation-proposal-revision-regulation-eu-no-10252012-also-called-eu-standardisation_en 

Digital Rights

• As Republicans push the FDA to restrict mifepristone, the international online abortion service Women on Web is reassuring Americans that they will continue to support access to abortion pills in all 50 states. https://msmagazine.com/2025/11/17/abortion-pills-usa-women-on-web-fda-trump-rfk 
• YouTube deleted the official channels of three major Palestinian human rights groups, erasing over 700 videos documenting alleged Israeli human rights violations in Gaza and the West Bank. YouTube confirmed the removals were a direct response to State Department sanctions issued by the Trump administration. https://theintercept.com/2025/11/04/youtube-google-israel-palestine-human-rights-censorship 
• Europol has been quietly amassing data to feed an ambitious but secretive AI development program that could have far-reaching privacy implications for people across the bloc. One important point of contact has been the non-profit Thorn. https://www.computerweekly.com/news/366634419/Hungry-for-data-Inside-Europols-secretive-AI-programme 

Technology for Society

• Renée DiResta warns that the growing right-wing assault on Wikipedia isn’t just culture-war theatre but a strategic bid to rewrite the information infrastructure that shapes what AI systems, and eventually the public, understand as reality. https://www.theatlantic.com/ideas/2025/11/right-wing-attack-wikipedia-bias-musk-cruz/684886 
• Western outlets across the political spectrum overwhelmingly adopt Israeli framing and marginalize Palestinian context in their Gaza coverage, finds a massive text analysis of 54,000+ articles by Media Bias Meter, a Tech for Palestine project. https://www.mediabiasmeter.com/framing-gaza-media-bias-report-2025 
• A new analysis shows that most political deepfakes aren’t designed to be deceptive, and organizes them into four distinct forms that help policymakers craft more precise, proportionate responses. https://www.techpolicy.press/scrutinizing-the-many-faces-of-political-deepfakes 
• A new case study warns that “synthetic-washing” is letting development projects hide old power imbalances behind the supposed safety of synthetic data. https://journals.sagepub.com/doi/full/10.1177/20539517251381670?mi=ehikzz 

Privacy and Security

• WhatsApp has billions of users, and a new study shows how easy it is for outsiders to figure out who many of them are. Researchers found that by repeatedly asking WhatsApp a simple question your phone already asks: “Is this number using the app?” they could check hundreds of millions of phone numbers per hour. This method, called enumeration, does not break encryption, instead it takes advantage of how contact-based apps identify users. The result is a major privacy risk that allows large-scale mapping of WhatsApp accounts and links to old data leaks. Read about it in Wired: https://www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers And the report: https://github.com/sbaresearch/whatsapp-census?tab=readme-ov-file 
• Dozens of civil society groups, industry associations, and digital rights organizations including the Internet Society, the Center for Democracy and Technology, Open Media, FICom, the App Association, and many others, signed a global statement urging governments to protect strong encryption and reject efforts to weaken it. https://actonline.org/2025/11/17/global-statement-on-the-role-of-encryption-in-securing-trust-and-enabling-the-digital-economy 
• The US Department of the Treasury, together with Australia and the United Kingdom, announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider that supports ransomware groups and other cybercriminal operations. https://home.treasury.gov/news/press-releases/sb0319 
• Jen Caltrider argues that AI is accelerating the collapse of privacy and calls for a new era of data portability that lets people reclaim control over their personal information. https://www.fastcompany.com/91435189/ai-privacy-openai-tracking-apps 

Upcoming Events

• Running a workshop, training, or meeting soon? Join The Session Design Lab to explore practical, inclusive session design, dig into adult learning frameworks, and design and peer-review your own session in a supportive, pay-what-you-can environment. It’s offered at two different times to accommodate multiple time zones, and as a past participant, I can personally vouch for its awesomeness. 10th-11th December. Online.   https://www.fabriders.net/session-design-lab 

Careers and Funding Opportunities

• Mozilla Corporation: Senior Counsel, IP & Competition. Remote US. https://www.mozilla.org/en-US/careers/position/gh/7172120 
• The CyberPeace Institute: EU Project Support. Geneva, CH. Hybrid/Remote options. https://cyberpeaceinstitute.org/careers/eu-project-support 
• ICANN:  Technical Engagement Sr. Specialist - MEA. Turkey. https://phe.tbe.taleo.net/phe03/ats/careers/v2/viewRequisition?org=ICANN&cws=37&rid=3006 
• Alan Turing Institute: Research Associate, Privacy Enhancing Technologies. London, UK. https://cezanneondemand.intervieweb.it/turing/jobs/research-associate-privacy-enhancing-technologies-58870/en
• Internet Society: Director, Fund Management and Compliance. Remote. https://internetsociety.bamboohr.com/careers/306 

Opportunities to Get Involved

• The CPDP Call for Papers for the 2026 conference is now open. Under the 2026 theme Competing Visions, Shared Futures, researchers across disciplines are invited to submit original work that explores how innovation, governance, and fundamental rights will shape the digital society ahead. Submissions by January 24. https://www.cpdpconferences.org/call-for-papers-2026 
• The European Commission is seeking experts to join a new Multi-Stakeholder Forum that will guide the deployment of key Internet standards under NIS2, shaping practical security guidance for DNS, email, routing, and next-generation network protocols. Apply by December 12. https://digital-strategy.ec.europa.eu/en/news/european-commission-seeks-participants-multi-stakeholder-forum-internet-standards-deployment 

What did we miss? Please send us a reply or write to editor@exchangepoint.tech.