Document Type


Publication Date



Human Rights, Corporate Social Responsibility, Dual Use, Dual Use Technology, Cybersecurity, Information Security, Private Sector, Financing, Shareholders, Investors, Investment Firms


It is no secret that technology companies have greased the wheels for human rights abuses around the world — backed by a global web of private sector support and investment that has yielded significant financial returns. For example, the University of Toronto's Citizen Lab recently published research analyzing the use of Internet filtering technology developed by Canadian company Netsweeper in ten countries globally — Afghanistan, Bahrain, India, Kuwait, Pakistan, Qatar, Somalia, Sudan, United Arab Emirates, and Yemen — and concluded these uses likely violated international human rights law. Products like Netsweeper’s Internet filtering systems are often referred to as "dual use" technologies: though they may serve legitimate societal objectives in some cases, they also used to undermine human rights like freedom of expression and privacy. Yet Netsweeper is but one example among a growing number of such dual-use tech companies, within a wider and complex cyber security industry, prepared to facilitate mass censorship and surveillance — and increasingly doing so with the financial backing of specialized and powerful investment firms. This paper cites this and other examples to help document this now billion dollar worldwide market and offers ideas and proposals to help clean it up via stronger human rights norms — including human rights-by-design for dual use technologies — among all stakeholders in the cyber security industry: from governments, to businesses, to their employees and shareholders, to industry associations, and the private investment firms funding it all.


From the Selected Works of Jonathon Penney

Publication Abbreviation