Human Rights and the Global Digital Surveillance Infrastructure

I. Introduction: Human Rights and the Global Digital Surveillance Infrastructure

Human Rights and the Global Digital Surveillance Infrastructure have emerged as a defining concern in the digital age. The growing integration of biometric systems, artificial intelligence (AI), location tracking, and intrusive spyware into state and corporate infrastructures has transformed the ways information is gathered, used, and controlled. These technologies, while promoted for public safety and operational efficiency, increasingly intersect with fundamental rights such as privacy, freedom of expression, association, and access to information.

The expansion of surveillance capabilities across borders—spanning democratic and authoritarian regimes—poses systemic risks to human dignity and democratic governance. Mass surveillance is no longer limited to intelligence agencies. It is embedded into public-private partnerships, consumer platforms, and smart cities, often implemented without adequate legal oversight or meaningful public debate. From facial recognition cameras in urban streets to predictive policing algorithms targeting minority populations, surveillance technologies have reached a level of pervasiveness that challenges the boundaries of human rights protection.

The post-Snowden era catalyzed global awareness of state-driven surveillance practices. Yet, a decade later, private actors have become equally instrumental in building and maintaining the global digital surveillance infrastructure. Commercial surveillance tools are sold to governments with a record of human rights abuses, and multinational corporations collect, share, and monetize personal data on an unprecedented scale. Surveillance is no longer an exceptional tool used in high-risk contexts; it is routine, normalized, and often opaque.

This article examines the architecture, risks, and governance of digital surveillance through the lens of international human rights law. Drawing from authoritative panel discussions, recent legal developments, and documented case studies, it explores how the infrastructure supporting surveillance is shaped and regulated—or left unregulated—across jurisdictions. The objective is to identify the legal, ethical, and institutional frameworks necessary to ensure that surveillance technologies do not undermine the core values of autonomy, accountability, and democratic participation. In doing so, the article contributes to the global discourse on protecting human rights in an era defined by datafication and algorithmic control.

II. From Security to Control: Reframing the Surveillance Debate

The dominant justification for surveillance technologies has long rested on the promise of enhancing security. Governments and private actors frequently defend the deployment of biometric scanners, facial recognition systems, and AI-enabled monitoring tools as necessary responses to terrorism, crime, and social unrest. This framing, built on the binary of freedom versus security, simplifies a deeply complex issue and obscures the evolving function of surveillance in contemporary society.

As digital infrastructures expanded, surveillance capabilities grew not only in scale but in purpose. No longer confined to the realm of counterterrorism or law enforcement, surveillance now serves a wide range of administrative, commercial, and political goals. This shift requires a reframing of the debate: surveillance is not merely a security tool—it is a mechanism of control.

The use of surveillance for social and behavioral regulation is increasingly evident in both democratic and authoritarian regimes. AI-driven systems are deployed to detect “pre-crime” behavior, assess creditworthiness, manage welfare access, and suppress dissent. These functions, while presented as governance tools, often rely on opaque algorithms and unregulated data collection practices that erode public trust and reduce individuals to data points in risk matrices.

Control is exercised through information asymmetry. Citizens are often unaware of the extent to which their data is collected, analyzed, and shared. Consent mechanisms are superficial, buried in lengthy privacy policies or implicit in the use of basic services. As noted in the Geneva Centre's panel report, this creates an imbalance of power that favors institutions and undermines individual autonomy.

Crucially, the effects of surveillance are not evenly distributed. Communities that are already marginalized—such as refugees, political dissidents, ethnic minorities, and the economically disadvantaged—bear a disproportionate burden. Surveillance tools are frequently concentrated in public housing, low-income neighborhoods, and border zones, reinforcing structural inequalities. As surveillance becomes more predictive and preemptive, it risks shifting legal standards from “reasonable suspicion” to “algorithmic inference,” thereby increasing the likelihood of wrongful targeting and exclusion.

International human rights bodies have recognized that both privacy and security are enabling rights rather than competing values. As Professor Joseph Cannataci emphasized in his report to the Human Rights Council, these rights are interdependent: security cannot be meaningful without respect for privacy, and vice versa. A meaningful response to the proliferation of surveillance technologies requires moving beyond the simplistic dichotomy of freedom versus safety. The real challenge lies in governing the infrastructure of digital control in ways that uphold human rights, transparency, and democratic accountability.

III. Mapping the Global Digital Surveillance Infrastructure

The global digital surveillance infrastructure is a vast, interlinked system composed of state-run programs, private sector technologies, and public-private partnerships that together collect, analyze, and exploit massive volumes of personal data. This infrastructure is not uniform; it adapts to national regulatory environments and market demands, but it is unified by a common objective: extracting behavioral insights for purposes ranging from national security to commercial targeting.

Surveillance technologies today extend far beyond traditional tools. Core components include:

These technologies are integrated across platforms, often with little transparency. Governments use biometric databases to issue national ID cards and control access to welfare systems. Law enforcement agencies deploy predictive tools that flag individuals based on location or social connections. Municipalities install surveillance-enabled “smart city” infrastructure with data-sharing agreements involving corporate vendors.

Private companies play a central role. Major tech corporations such as Amazon (Rekognition), Alphabet (through Google services), Palantir, and Huawei contribute software, hardware, and analytics capabilities. Many operate globally, selling surveillance tools to governments with poor human rights records. The NSO Group’s Pegasus spyware, for example, has been linked to the targeting of journalists and activists in countries such as Mexico, Saudi Arabia, and India.

The business model behind these companies often hinges on the commodification of personal data. Mobile apps, cloud services, and web trackers silently harvest sensitive information and sell it to third-party brokers. These brokers feed data into commercial and governmental systems, creating detailed profiles of individuals’ habits, affiliations, health, and finances. This ecosystem operates with limited regulatory oversight and significant opacity.

What makes this infrastructure truly global is its interoperability. Data flows transcend borders, regulations lag behind technology, and enforcement mechanisms are fragmented. This creates a digital surveillance environment in which accountability is difficult to establish. For example, a mobile application developed in Europe may share user data with advertisers in the United States while storing it on servers in Asia. Each jurisdiction has different standards, but none offer comprehensive protection.

The COVID-19 pandemic accelerated the deployment of surveillance technologies, normalizing contact tracing, digital vaccine passports, and facial recognition in public health. These tools, while introduced as temporary measures, have in many cases persisted beyond the crisis, reinforcing the architecture of surveillance.

Mapping this infrastructure reveals a system designed for pervasive observation. It blends public interest rhetoric with powerful tools of control and monetization. Understanding its architecture is essential to developing a rights-based governance model that limits misuse, enforces transparency, and prioritizes the protection of individuals over the convenience of institutions.

IV. Legal Gaps and Normative Frameworks

The global expansion of digital surveillance technologies has outpaced the development and enforcement of legal frameworks intended to safeguard human rights. While international and regional instruments offer foundational protections—particularly for the right to privacy—these standards are inconsistently applied, often lack enforcement mechanisms, and are insufficient in addressing the technological complexity and transnational nature of today’s surveillance infrastructure.

International Human Rights Law

The right to privacy is recognized under Article 17 of the International Covenant on Civil and Political Rights (ICCPR) and Article 8 of the European Convention on Human Rights (ECHR). These provisions prohibit arbitrary or unlawful interference with one’s privacy, family, home, or correspondence. However, these rights are not absolute; they may be restricted for legitimate aims such as national security or public order, provided that such measures are lawful, necessary, and proportionate.

In practice, the interpretation of these limitations varies widely across jurisdictions. National security is often invoked broadly, allowing for disproportionate and indiscriminate surveillance practices. As noted in the Geneva Centre's panel discussions, vague language in national laws enables governments to expand surveillance powers without meaningful oversight or judicial scrutiny.

Convention 108 and GDPR

The Council of Europe Convention 108+ is the only binding international treaty specifically focused on data protection. It outlines principles of transparency, purpose limitation, data minimization, and accountability. The modernized version of the Convention (Convention 108+) restricts exceptions for national security and requires independent supervision, offering a benchmark for international convergence.

In the European Union, the General Data Protection Regulation (GDPR) has become a global reference point for privacy legislation. It imposes obligations on data controllers and processors, mandates consent for data collection, and provides individuals with enforceable rights. However, the GDPR’s territorial scope does not prevent abuses in countries lacking similar safeguards, nor does it apply to national security activities by EU member states.

Fragmentation and Extraterritorial Challenges

A central legal challenge is the fragmented nature of data protection regimes. While over 160 countries have enacted data protection laws, their levels of stringency and enforcement capacity vary dramatically. In many African and Latin American countries, data protection authorities (DPAs) remain under-resourced and lack independence, making them vulnerable to political interference. As observed by panelist Allan Sempala Kigozi, in Uganda, for example, the national DPA has only a handful of staff, limiting its ability to oversee widespread surveillance and protect citizens’ data rights.

Moreover, the extraterritorial nature of data processing creates regulatory blind spots. Multinational corporations headquartered in jurisdictions with strong privacy laws often operate in weaker legal environments, exporting surveillance technologies or extracting personal data without equivalent legal safeguards. This regulatory arbitrage enables surveillance companies to bypass restrictions while maintaining a veneer of legality.

Oversight and Accountability Mechanisms

Many states lack robust oversight mechanisms for intelligence and law enforcement activities. Where oversight exists, it is often secretive, politically influenced, or ineffective. Judicial authorization for surveillance measures is not uniformly required, and when it is, courts often defer to executive claims of national security without critical scrutiny.

International mechanisms—such as the UN Special Rapporteur on the right to privacy—offer normative guidance but lack binding enforcement powers. Domestic litigation has produced landmark rulings (e.g., the European Court of Human Rights decision in Big Brother Watch v. United Kingdom), but these rulings are often implemented slowly or selectively.

Key Normative Gaps:

Toward Legal Convergence

There are promising efforts to align global standards. The modernization of Convention 108, the extraterritorial scope of the GDPR, and regional dialogues through networks like the Global Privacy Assembly all support convergence. Yet, soft law and voluntary principles—such as the OECD Privacy Guidelines or the UN Guiding Principles on Business and Human Rights—still dominate the field, leaving critical gaps in enforcement.

To close these gaps, states must commit to harmonizing national laws with international norms, strengthening independent oversight, and ensuring that surveillance measures are subject to judicial review and public scrutiny. Without these reforms, the digital surveillance infrastructure will continue to operate in a legal vacuum, where human rights are subordinated to state power and corporate interests.

V. Business and Human Rights: Corporate Accountability in Surveillance

Private companies have become indispensable actors in building and operating the global digital surveillance infrastructure. They provide the hardware, software, data analytics, and cloud services that enable mass surveillance by governments, intelligence agencies, and law enforcement. Yet, these corporations often operate in opaque environments with little regulatory oversight or legal accountability—creating serious risks for human rights.

The business model of many tech companies is based on data extraction and monetization. Firms such as Alphabet, Meta, Amazon, and Microsoft manage platforms and ecosystems that gather vast quantities of personal data—often beyond what users knowingly consent to. This data is then used for targeted advertising, sold to third-party brokers, or provided to governments upon request. In some cases, companies design and directly market surveillance tools to state actors, as seen with Amazon’s Rekognition software and Clearview AI’s facial recognition services.

Worse, many of these companies supply surveillance capabilities to regimes with poor human rights records. The Pegasus spyware, developed by the Israeli NSO Group, has been used to target journalists, political dissidents, and human rights defenders in countries including Mexico, Saudi Arabia, Morocco, and India. According to the Geneva Centre's panel discussion and Citizen Lab investigations, surveillance technologies have been used to monitor members of truth commissions, disrupt activism, and silence opposition.

Such activities raise significant questions under the United Nations Guiding Principles on Business and Human Rights (UNGPs), which affirm that businesses have a responsibility to respect human rights, avoid causing or contributing to adverse impacts, and conduct due diligence across their operations. However, adherence to these principles remains largely voluntary, and most surveillance-linked firms do not meaningfully implement human rights due diligence processes.

The Business & Human Rights Resource Centre (BHRRC) has developed a database of over 10,000 companies, many of which are involved in the surveillance ecosystem. Their research highlights critical failures in corporate transparency and accountability. For example, only a small fraction of companies facing allegations of surveillance-related abuses publicly respond or take remedial action. Even fewer publish human rights impact assessments or disclose their due diligence mechanisms.

In addition to direct deployment, companies also contribute indirectly. Cloud providers store sensitive government data, telecom companies share user information with security agencies, and data brokers enable profiling by selling behaviorally rich datasets. In many jurisdictions, corporate cooperation with governments occurs without judicial warrants or public notification.

Effective regulation remains elusive. Current legal regimes, including the EU General Data Protection Regulation (GDPR), focus primarily on consumer protection rather than corporate complicity in state surveillance. Furthermore, companies based in jurisdictions with strong privacy laws often operate subsidiaries or export technologies to countries with minimal safeguards, bypassing accountability.

To mitigate these risks, several reforms are essential:

• Mandatory human rights due diligence (HRDD): Governments should require tech companies to identify, prevent, and mitigate surveillance-related human rights impacts.

• Enhanced transparency and reporting obligations: Firms must publicly disclose their surveillance-related business operations, data-sharing agreements, and risk assessments.

• Stronger enforcement mechanisms: Civil and criminal liability should be established for companies knowingly supplying tools used to violate human rights.

• Investor scrutiny: Asset managers and institutional investors must conduct human rights evaluations of tech holdings and divest from companies involved in abusive surveillance practices.

• Global cooperation: International organizations should develop binding frameworks to ensure that human rights obligations are upheld in the digital surveillance market.

Without clear obligations and consequences, private sector actors will continue to profit from surveillance practices that undermine fundamental freedoms. Protecting human rights within the global digital surveillance infrastructure requires not only regulating states, but holding corporations to account for their role in sustaining and expanding systems of control.

VI. The Most Vulnerable: Disproportionate Impact on At-Risk Groups

Digital surveillance technologies rarely affect populations equally. Within the global digital surveillance infrastructure, the most severe and unjust consequences are often borne by those who are already socially, economically, or politically marginalized. Surveillance does not operate in a vacuum—it amplifies existing inequalities and exposes vulnerable communities to heightened scrutiny, repression, and exclusion.

Racial and Ethnic Minorities

Facial recognition systems and predictive policing tools have repeatedly been shown to disproportionately target racial and ethnic minorities. Multiple studies, including those by the MIT Media Lab and the American Civil Liberties Union, have documented significantly higher error rates in facial recognition for individuals with darker skin tones. These inaccuracies have led to false arrests, mistaken identity, and wrongful prosecutions, particularly in countries such as the United States and the United Kingdom.

In public housing facilities across the U.S., for example, surveillance systems funded by federal grants have been deployed with facial recognition capabilities. These tools, far from improving security, have been used to track and penalize residents for minor infractions—effectively criminalizing poverty. As Meredith Veit explained in the Geneva Centre’s panel, the surveillance burden falls heavily on the poorest and most racially marginalized groups, replicating patterns of systemic discrimination.

Migrants, Refugees, and Stateless Persons

People on the move—refugees, asylum seekers, and undocumented migrants—face intense digital monitoring. Host countries often collect biometric data at border crossings, refugee camps, and asylum application centers, sometimes in cooperation with private firms. According to the Business & Human Rights Resource Centre, companies like IrisGuard, Thales Group, and Cellebrite are involved in data collection and surveillance services across Europe, the Middle East, and North Africa.

These technologies may be used to restrict movement, deny benefits, or flag individuals as security risks. The lack of robust legal protections in many host states means refugees often have no clear path to redress if their data is misused or exposed in a breach. In some cases, biometric databases have been used for deportation or passed on to repressive regimes, placing lives at risk.

Women and Gender Minorities

Surveillance systems can reinforce gender-based discrimination. In countries like Iran, AI-based technologies have been deployed to monitor and punish women for violating dress codes. In workplaces and digital platforms, women—especially from minority or lower-income backgrounds—are subjected to algorithmic surveillance that monitors productivity, social interactions, and even emotional responses.

The gendered impact of surveillance extends to digital abuse. Women are more likely to be victims of doxxing, spyware attacks, and non-consensual surveillance by intimate partners. Yet, existing legal remedies often fail to address these forms of digital violence, and law enforcement may lack the tools or willingness to investigate them properly.

Political Dissidents and Human Rights Defenders

Journalists, activists, lawyers, and opposition leaders are frequently targeted using commercial surveillance tools. Pegasus spyware, for instance, has been found on the phones of dozens of human rights defenders across Mexico, Saudi Arabia, India, and Morocco. The threat of targeted surveillance creates a climate of fear, discouraging political participation and silencing dissent.

In authoritarian contexts, surveillance is part of a broader strategy of repression. It enables governments to monitor protest movements, intercept communications, and gather evidence to pre-empt activism. Even in democracies, national security laws are used to justify surveillance against environmental defenders and social justice movements.

Children and Youth

Children’s data is routinely harvested through educational platforms, gaming apps, and social media. AI-based tools used in schools may monitor facial expressions, emotional responses, or screen activity in real time, often without parental consent or adequate safeguards. In public spaces, minors are subjected to surveillance just like adults, despite their enhanced rights under international law.

The normalization of surveillance for children raises profound questions about consent, autonomy, and developmental impacts. Exposure to constant monitoring can affect behavior, erode trust in institutions, and inhibit critical thinking.

Groups Disproportionately Affected by Surveillance

Surveillance infrastructure is not merely a technological issue—it is a social justice concern. The risks it poses to already vulnerable populations are real, documented, and escalating. Legal frameworks and policy debates must reflect this reality by ensuring that surveillance systems are designed, implemented, and governed in ways that protect the rights and dignity of all individuals, especially those who have the least power to resist them.

VII. Democratic Integrity and Chilling Effects

The global digital surveillance infrastructure poses a direct challenge to the health of democratic societies. Beyond its technical functions, surveillance reshapes how individuals interact with public institutions, exercise fundamental freedoms, and engage in civic life. When citizens suspect that their actions, movements, or communications are being constantly monitored, democratic participation becomes constrained—not by law, but by fear. This phenomenon is known as the chilling effect.

Surveillance undermines democracy by discouraging free expression, deterring public assembly, and weakening the role of independent journalism. These are not abstract harms. They occur in everyday contexts: protestors avoiding demonstrations, whistleblowers choosing silence, journalists refraining from sensitive reporting, and citizens disengaging from political discourse online. Over time, such behavioral modifications corrode the foundational freedoms that enable democracy to function.

One of the most well-documented examples of chilling effects occurred in the aftermath of Edward Snowden’s revelations about mass surveillance by the U.S. National Security Agency. A Pew Research Center study found that nearly a third of Americans altered their behavior online due to concerns about government monitoring. Similar patterns have emerged in Europe, where awareness of state and corporate surveillance has led to self-censorship, particularly among ethnic minorities and activists.

The risk extends far beyond advanced democracies. In countries with limited press freedom and weak legal protections, surveillance operates as an explicit tool of political control. In Myanmar, Egypt, and Iran, digital surveillance technologies—including spyware and social media monitoring—are used to intimidate or prosecute dissidents. Activists are detained for their posts; union leaders are monitored during organizing efforts; opposition groups are mapped and preemptively dismantled.

In many cases, mass surveillance is introduced in the name of national security or public safety, then quietly extended to monitor political opposition or civil society. For example, during the 2024 Olympic Games, France authorized the deployment of AI-driven video surveillance in public spaces. Although framed as a temporary measure, the lack of clear sunset clauses and independent oversight raised significant concerns about normalization of surveillance during democratic events.

Even when surveillance does not result in direct action, the perception of being watched alters behavior. As shown in empirical studies (e.g., Penney 2017), individuals tend to avoid controversial topics online, limit participation in forums, or refrain from joining certain organizations if they believe their digital footprint is monitored. The psychological weight of surveillance—especially when invisible or unverifiable—leads to a culture of compliance and disengagement.

This erosion of democratic integrity is compounded by opaque algorithmic systems used in surveillance. Predictive policing and social credit algorithms lack transparency and often rely on biased data. Their outputs are treated as objective, even though they may reinforce existing discrimination or penalize legitimate political activity. Without access to the logic of these systems, citizens cannot contest the decisions made about them—violating due process and procedural fairness.

Journalists, too, face unique risks. In environments where state-linked surveillance is pervasive, investigative reporting on corruption, national security, or abuse of power becomes dangerous. Surveillance tools like Pegasus have been used to compromise the phones of reporters, editors, and their sources. This not only puts individuals at risk but also undermines media freedom, a cornerstone of democratic accountability.

The cumulative effect of these practices is a shrinking civic space. Public discourse is stifled, dissent is curtailed, and trust in democratic institutions erodes. The surveillance infrastructure does not simply observe democracy—it modifies its structure by redefining the limits of acceptable behavior.

To safeguard democratic integrity, surveillance must be subject to strict legal limitations, transparent governance, and independent oversight. Democratic societies cannot rely on mere procedural safeguards. They must affirmatively protect the right to dissent, the right to organize, and the right to speak without fear. Otherwise, the promise of participatory governance will be gradually suffocated under the quiet, relentless pressure of ubiquitous surveillance.

VIII. Toward a Human Rights-Based Surveillance Governance Model

Confronting the global digital surveillance infrastructure demands more than isolated policy changes or reactive legislation. It requires a comprehensive governance model grounded in international human rights law, democratic accountability, and ethical technology development. As surveillance tools grow increasingly sophisticated, only a proactive, rights-based approach can prevent the normalization of excessive monitoring and the erosion of fundamental freedoms.

A human rights-based surveillance governance model begins with four foundational principles:

Core Principles for Surveillance Governance

These principles are embedded in instruments such as the International Covenant on Civil and Political Rights (ICCPR) and the European Convention on Human Rights, and reinforced by soft law instruments like the UN Guiding Principles on Business and Human Rights. However, implementation often lags behind aspiration.

Independent Oversight and Strong Data Protection Authorities (DPAs)

Effective governance requires robust, independent oversight bodies with the legal authority and resources to investigate, audit, and enforce compliance. As emphasized by panelist Tamar Kaldani, DPAs must be institutionally autonomous, adequately staffed, and empowered to intervene before and after surveillance systems are deployed. In many jurisdictions, especially in the Global South, DPAs remain structurally weak and politically influenced, limiting their ability to protect rights.

Transparency, Notification, and Redress

One of the most significant deficits in surveillance regimes is the absence of transparency. Individuals are often unaware of being surveilled, unable to challenge misuse, and left without meaningful access to remedies. A rights-based model must ensure:

• Public registers of surveillance tools used by public bodies.

• Mandatory human rights impact assessments (HRIAs) prior to deployment.

• Clear mechanisms for individual redress, including complaint procedures and judicial remedies.

• Protocols for notification, where possible, to individuals subject to surveillance.

Privacy by Design and Data Minimization

Technological design choices must prioritize privacy from the outset. This includes limiting data collection to what is strictly necessary (data minimization), employing strong encryption, and avoiding built-in tracking features. “Privacy by design” must become a standard requirement, not an afterthought, particularly for companies supplying software and devices used in surveillance ecosystems.

Corporate Obligations and Mandatory Due Diligence

Corporations involved in surveillance technologies must be held legally responsible for respecting human rights. Voluntary guidelines have proven insufficient. Instead, states should require:

• Mandatory human rights due diligence across global operations.

• Disclosure of surveillance-related contracts and exports, especially when involving high-risk jurisdictions.

• Binding obligations to remediate when harm is caused or facilitated.

The European Union’s proposed Corporate Sustainability Due Diligence Directive is a positive step, but to be effective, it must cover surveillance activities and ensure liability for non-compliance.

Democratic Participation and Public Scrutiny

Surveillance policies must not be crafted in secrecy. Public consultation, civil society engagement, and legislative scrutiny are critical to building legitimacy and ensuring checks on executive power. Democratic institutions must resist the temptation to quietly expand surveillance under vague mandates such as “national security” or “public interest.”

International Legal Harmonization

Given the cross-border nature of data flows, a patchwork of national laws is inadequate. International legal harmonization—modeled on the modernized Convention 108+—is needed to ensure consistent protections across jurisdictions. Regional organizations (e.g., the African Union, ASEAN, and Mercosur) can also facilitate convergence on surveillance safeguards.

Key Components of a Rights-Based Model

The normalization of surveillance is not inevitable. A rights-based model offers a practical and ethical path forward—one that balances security with freedom, innovation with accountability, and data governance with dignity. It is no longer sufficient to react to abuses after they occur. Surveillance governance must be anticipatory, participatory, and anchored in the universal values of transparency, proportionality, and justice.

Also Read

• The Evolution of Universal Jurisdiction in Human Rights Enforcement

• Human Rights in the Digital Age: Privacy and Data Protection

• The Struggle for Human Rights in Authoritarian Regimes

• The Universal Declaration of Human Rights

• International Law and Municipal Law

• Territorial Disputes and International Law: Principles, Cases and Resolutions

IX. Conclusion: Building Ethical Surveillance Frameworks for the Future

The evolution of human rights and the global digital surveillance infrastructure represents one of the most urgent governance challenges of the 21st century. As surveillance tools become more embedded in daily life—shaping public safety measures, commercial strategies, and political control—the need for ethical, legal, and rights-respecting frameworks becomes increasingly critical.

Current surveillance practices, often justified under broad national security or technological advancement narratives, are operating in a space marked by legal ambiguity, fragmented oversight, and power asymmetries. Vulnerable groups continue to face disproportionate harm, and democratic norms are weakened by opacity, impunity, and self-censorship. This trajectory is unsustainable and incompatible with international human rights principles.

Reversing this trend requires a structural shift. Surveillance must no longer be treated as a technocratic inevitability but as a domain of public governance subject to rigorous ethical scrutiny and binding legal controls. The path forward must be defined by a global commitment to transparency, accountability, and the primacy of human dignity.

A future-oriented surveillance framework must include the following pillars:

• Universal legal standards based on proportionality, necessity, and legitimacy.

• Empowered oversight institutions, capable of enforcing compliance and protecting individual rights.

• Robust mechanisms for redress, ensuring victims of surveillance abuses can access justice.

• Corporate accountability for firms that profit from or enable digital surveillance systems.

• Participatory policymaking, where civil society, researchers, and affected communities are fully included in shaping surveillance norms.

Additionally, states must close the regulatory gaps that allow surveillance to transcend borders and escape responsibility. International cooperation should focus on harmonizing protections through updated treaties, regional standards, and new global instruments that reflect the realities of the digital age.

Ultimately, safeguarding human rights in the digital surveillance era is not a technical issue—it is a political and ethical imperative. The legitimacy of institutions, the resilience of democracies, and the freedom of individuals all depend on how societies choose to regulate surveillance today. The choice is not between innovation and rights—it is about building digital futures rooted in accountability, equity, and justice. Only then can surveillance technologies serve the public good without becoming tools of exclusion, fear, and repression.

References

1. Geneva Centre for Human Rights Advancement and Global Dialogue. (2023). Surveillance Technologies and Human Rights: Beyond the Security-Freedom Dilemma [Online Panel Report].

2. United Nations Human Rights Council. (2016). Report of the Special Rapporteur on the Right to Privacy (A/HRC/31/64).

3. United Nations Human Rights Committee. (1966). International Covenant on Civil and Political Rights, Article 17.

4. Council of Europe. (1950). European Convention on Human Rights, Article 8.

5. Council of Europe. (1981, modernized 2018). Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108+).

6. European Union. (2016). General Data Protection Regulation (GDPR), Regulation (EU) 2016/679.

7. Business & Human Rights Resource Centre. (2023). Technology and Human Rights Dashboard. www.business-humanrights.org

8. Privacy International. (2018). How Apps on Android Share Data with Facebook. https://privacyinternational.org

9. Citizen Lab. (2021). Pegasus Project Investigations. Munk School of Global Affairs, University of Toronto.

10. Feldstein, S. (2019). The Global Expansion of AI Surveillance. Carnegie Endowment for International Peace.

11. Penney, J. W. (2017). Internet Surveillance, Regulation, and Chilling Effects Online: A Comparative Case Study. Internet Policy Review, 6(2). https://doi.org/10.14763/2017.2.692

12. Chin, C., & Lee, N. T. (2022). Police Surveillance and Facial Recognition: Why Data Privacy is Imperative for Communities of Color. Brookings Institution.

13. Lyon, D. (2014). Surveillance, Snowden, and Big Data: Capacities, Consequences, Critique. Big Data & Society, 1(2). https://doi.org/10.1177/2053951714541861

14. Kayyali, B., Knott, D., & Van Kuiken, S. (2013). The Big-Data Revolution in U.S. Health Care: Accelerating Value and Innovation. McKinsey & Company.

15. Van Dijck, J. (2014). Datafication, Dataism and Dataveillance: Big Data between Scientific Paradigm and Ideology. Surveillance & Society, 12(2), 197–208. https://doi.org/10.24908/ss.v12i2.4776

16. UN Guiding Principles on Business and Human Rights. (2011). Office of the High Commissioner for Human Rights (OHCHR).

17. OECD. (2020). Oversight Bodies for Access to Information. In Review of the Kazakhstan Commission on Access to Information.

18. The Brussels Times. (2023). France is First EU Country to Legalise AI-Driven Surveillance.

19. Information Saves Lives (Internews). (2020). Privacy and Welfare Surveillance among Vulnerable Communities.

20. MIT Sloan Management Review. (2023). Manage AI Bias Instead of Trying to Eliminate It.