In Asia — a region that at various points in its recent history has been a hotbed for civil unrest, secessionist movements and political instability — the line between national security and public interest can be difficult to draw.

A session organised by the Internet Society at the recently held RightsCon Southeast Asia in Manila shed some light on the perceived trade-offs between national security objectives and digital rights, in particular freedom of expression and privacy.

Mobile as the new frontline for Internet freedom

Insights shared on the panel highlighted how mobile seems to have become a new frontline for users' push backs against perceived invasive security measures.

In South Korea, moves to oblige local texting app Kakaotalk to hand over the exchanges of activists speaking against the state's response to last year's ferryboat incident led to a mass exodus of users to other instant messaging platforms (such as privacy-focused app Telegram, which drew a reported 1.5 million new registrants in the days following the events in Korea). Consequently, Kakaotalk vowed never to hand over private information to authorities again and introduced opt-in encryption features for its customers.

Last year as well, the 'umbrella revolution' in Hong Kong — during which the government threatened to cut off data and mobile connectivity — led a large number of people to start using Firechat, a mesh networking mobile app allowing peer-to-peer communications without the need for Internet connection.

Fragility of online freedoms in the face of "national security"

In a region that does encounter legitimate external and internal security risks, moves to maintain peace and order, even at the price of privacy and freedom of expression, are quite frequent. But among legitimate aims, many civil society groups also argue that some online security measures in Asia are, more than anything, fundamentally designed to limit any threat to state instruments, interests and structures.

Irrespective of the motivations, Internet technical measures in the name of public order or national security often seem to overlook concepts of proportionality, rule of law, public accountability or transparency.

In Pakistan, the Peshawar school massacre in 2014 triggered a renewed vigour for the state to pursue a controversial cybercrime bill that has thus far shunned public input.

In Thailand, which last year experienced its 19th coup d'Etat since it became a constitutional monarchy in 1932, stricter restrictions on online speech were deemed necessary to prevent further violence from erupting among different faction supporters. Social media, which is extremely popular in Thailand (the country has about 24 million Facebook users), has frequently been the target of authorities willing to track down rumors or to monitor online activities.

Even in the Philippines, which enjoys a good level of Internet freedoms and has a high use of texting apps and social media, the visit of the Pope in January 2015 prompted the government to request telecoms to temporarily block network communications.

Checks and balances

But perhaps more notable than these offensives are the checks and balances that citizens themselves assert, pointing to the importance of public sentiment and action in establishing boundaries to broad and sweeping security frameworks.

In Pakistan, amidst laws that forbid them, citizens continue to employ encryption and use virtual private networks. Similarly, following widespread protests, the Thai government was forced to unblock Facebook in the country after less than an hour of it denying access to the site last year.

While they may be considered essential and legitimate in certain contexts, security provisions must always be accompanied by an equal measure of transparency and just regard for due process.

The discussion also underscored the necessity to engage with the private sector, on the grounds that overbroad security policies may not only disrupt business and escalate operational costs (both for pure players and companies relying on Internet access), but may also violate the trust placed on them by their customers.

Proportionality — an essential yet elusive concept — needs to be better applied to the assessment of technical measures used to achieve security goals. Non-government actors, including citizens, can and should play an important role in assisting national authorities on the trade-offs they may consider as they develop security policies.

Next steps

The insights shared during the RightsCon session will help us continue shaping our policy work in the region and globally.

Illustrations from the panelists also reinforced ISOC's views on the importance of focusing on security approaches (broadly) that should be premised on trust and respect of fundamental rights and values. Security policies should protect opportunities for economic and social prosperity, as opposed to a model that is based simply on preventing perceived harm.

If you are interested in learning more about our views on security and resilience, please view our paper on Internet security and resilience and our approach to cybersecurity policy.