Just like the business adage, ‘you can’t manage what you can’t measure’, it is also true that ‘you can’t change what you don’t map’ – an important reality relevant to the nexus between cybersecurity and human rights in the Western Balkans.
Definitions of cybersecurity usually emphasize the protection of state and other institutions’ assets
and digital environment1. However, these definitions neglect many security challenges that individuals face online. This publication examines national cybersecurity policies in the economies of the Western Balkans through a human-centric approach and evaluates levels of cybersecurity in terms of human rights protections. Put another way, cybersecurity merits a more human-centred analytical approach that highlights not only issues affecting state actors, but also issues that the actors cause for people.
This human-centric approach to cybersecurity follows from the broader theory of good security sector governance (SSG).2 Good SSG focuses on protecting not only the state’s networks, systems and stability but also the rights of individuals within democratic society. It incorporates principles such as accountability, participation, inclusiveness, effectiveness, efficiency, and transparency. This leads to better provision
of security and allows for its democratic oversight, which in turn prevents abuse of power by security providers. ‘Cybersecurity’ can thus be defined as security of the people and their human rights online, and of the networks and services that are essential for this objective, which together protect the democratic order and the rule of law.
A considerable body of research already exists on the links between cybersecurity and human rights.3 For decades, activists, academics, and representatives of governments and the private sector have been working to define what we mean by ‘human rights online’, ‘human rights on the Internet’, and ‘cybersecurity and human rights’.4 Country assessments looking at cybersecurity also regularly assess how governments have incorporated existing human rights standards in the online sphere.
