Today the Green party released their draft Internet Rights and Freedoms Bill. The bill is a response to government interference in cyberspace via the GCSB Act, TICS, and the Skynet law, and is intended to limit government control. Interestingly, they're crowdsourcing it, setting up a website to solicit feedback on the draft before introduction.
I've been reading the full bill as well as the surrounding material. While the aim is admirable, the implementation is flawed.
Firstly, the good: the bill is a strong statement of principles for a free and open internet. It proposes creating an office with the role of defending internet rights and mediating disputes (but see below for the pitfalls in this). It also proposes a "Chief Technology Officer", a specialist adviser to the Prime Minister similar to the existing Chief Science Advisor, to advise on internet and IT policy generally. The name is unforgiveably corporate, but the idea is a good one. And it includes generic "safe harbour" provisions to ensure ISPs and network service providers are protected from the acts of their users and so able to function as common carriers.
The bad? As mentioned above, the bill is a great statement of principles. The problem is the implementation. The bill is strongly based on the New Zealand Bill of Rights Act 1990 (complete with a "justified limitations" clause); however where the BORA applies only to the government or bodies performing a public function, the Internet Rights and Freedoms Bill also applies to "any agency, department, Internet service provider, online content host, network service provider, organisation, or telecommunications service provider". In English, that means Xtra, TradeMe, Kiwibank, Google and Facebook. As for enforcement, that will be the responsibility of the Internet Rights Commisisoner, Human Rights Commission and the Human Rights Review Tribunal. That's right - the HRC and HRRT, specialist bodies based around human rights - will be policing account suspensions, comment deletions and website blockings. I'm not sure that they're really the best venue for that. They'll also be policing wider issues such as traffic shaping, data discrimination, and open source development. I'm not sure that they're the best venue for that either.
The enforcement of privacy on the net will also be the responsibility of the new Internet Rights Commissioner. I'm really not sure why the existing Privacy Commissioner can't handle that.
With respect to government action, there's a section 7-style reporting mechanism (which the government can of course ignore, just as it does when deciding to lock people up without trial after their prison sentence has been completed). There's some redundancy in the rights, in that the freedoms of expression and association (and indirectly, anonymity, encryption, and freedom from filtering) are already covered by the BORA; re-enacting them here could ironicly weaken existing BORA protections. As for the other rights, there will be some benefit in forcing Ministers to consider these issues before pursuing policy, and justify any departure from the principles in the Bill.
But overall, I think this is the wrong approach. Yes, there needs to be some general remedy for internet users against mistreatment by ISPs and service providers. Structuring it as a position like the Banking Ombudsman is probably better than putting it within the Human Rights Commission. As for the broader policy issues around net neutrality, filtering etc, Napoleon's principle applies. "If you want to take Vienna, take Vienna". And if you want to outlaw ISPS shaping customer traffic for anti-competitive reasons or erecting toll-gates on the information superhighway, then amend the Telecommunications Act to outlaw it. It wouldn't sound as great as an "internet bill of rights", but it would do the job better, and with more certainty of the outcome. Trying to use a general law to do it, without checking the underlying policy details, doesn't just risk failure - it also comes across as lazy.