# Digital Human Rights *Open, secure, personal, independent, trustworthy, selective, resilient, portable & safe systems* By [Friction Observer](https://friction.observer) · 2025-05-30 --- I'm working on a few projects at the moment that have me struggling to ensure we're considering the full slate of baseline infrastructure capabilities. Juan Benet has proposed a set of 8 Digital Human Rights. They cover a lot of important ground. You can get the full download in this video, starting ~7:00. [![](https://paragraph.com/editor/youtube/play.png)](https://www.youtube.com/watch?v=jxmsiRxS5Hc) I felt like they could use a bit of editing for clarity. As I was editing, I also realized there might be a missing 9th human right regarding "safety". Thus, I have arrived for now at the conclusion that all digital infrastructure must be _open_, _secure, personal, independent, trustworthy, selective, resilient, portable_ and _safe_. Would love your feedback. **1\. Open: I can speak freely** -------------------------------- > _I can share my thoughts, ideas, and work without needing permission — and without fear of censorship or erasure._ **Technical Corollaries:** * Content-addressable storage (e.g. IPFS) * Censorship-resistant publishing (e.g. peer replication, no single point of takedown, permissionless blockchains) * Signature-based authorship (e.g. Ed25519) **2\. Secure: I can speak privately** ------------------------------------- > _I can share, organize, and express myself without being tracked, recorded, or overheard._ **Technical Corollaries:** * End-to-end encryption (e.g. Noise Protocol, Double Ratchet) * Metadata minimization (e.g. oblivious routing, mixnets) * Ephemeral communication with no server storage **3\. Personal: I own my data** ------------------------------- > _My files, messages, and memories belong to me. I decide who can see them — and I can take that access away at any time._ **Technical Corollaries:** * Local-first storage models (e.g. WNFS) * Capability-based access control (e.g. UCANs, ZCAP-LD) * Revocable, time-scoped, and minimal grants of access * Timestamped proof of custody or ownership (e.g. NFT metadata as a pointer to user-controlled data) **4\. Independent: I connect directly** --------------------------------------- > _I use systems that link people and devices without needing companies, platforms, or governments in the middle._ **Technical Corollaries:** * Peer-to-peer networking (e.g. libp2p, WebRTC) * Overlay networks (e.g. WireGuard, Headscale) * Decentralized rendezvous and discovery (e.g. DHT, mDNS) * Public key infrastructure without central certificate authorities **5\. Trustworthy: I can verify what happens** ---------------------------------------------- > _I don’t have to guess or assume. Every action leaves a trail I can check for myself._ **Technical Corollaries:** * Signed logs / event sourcing (e.g. Merkle DAGs, transparency logs) * Verifiable credentials & attestations (e.g. DID + VC standards) * Reproducible builds and cryptographic audit trails * Append-only public ledgers **6\. Selective: I decide what to share** ----------------------------------------- > _My information is private by default. Others only see what I choose to show — and only as much as they need._ **Technical Corollaries:** * Granular access delegation (e.g. CACAOs, UCANs) * Principle of least privilege enforced at the data layer * Encrypted blockstores with access via proxies or keys * Zero-knowledge proofs for selective disclosure * _E.g. “I’m over 21” without revealing my birthday_ * _E.g. “I earn over $50K” without revealing my salary_ **7\. Resilient: I can count on my tools** ------------------------------------------ > _My systems keep working — even offline, under pressure, or outside the mainstream. They don’t break when someone says so._ **Technical Corollaries:** * Offline-first architecture with sync (e.g. CRDTs, IPFS) * Open protocols and standards (e.g. no vendor lock-in) * Redundant infrastructure, mesh routing, error tolerance **8\. Portable: I own my identity** ----------------------------------- > _My identity moves with me. It’s under my control, not tied to any platform — and I decide who can use it._ **Technical Corollaries:** * Decentralized identifiers (DIDs) * Mnemonic-seeded cryptographic identity (e.g. BIP39 → keypair) * Non-custodial identity wallets / portable agent keyrings **9\. Safe: I can define my boundaries** ---------------------------------------- > I choose how others can reach me, interact with me, and affect my experience. My tools help me set limits, avoid harm, and stay in control. **Technical Corollaries:** * Consent-based interaction models (e.g. request-to-contact, scoped delegation) * Local filtering and blocklists * Agent behavior transparency and override mechanisms * Rate-limiting, abuse detection, and feedback tooling built in --- *Originally published on [Friction Observer](https://friction.observer/digital-human-rights)*