We tend to talk about rights without ever mentioning their corresponding duties. Every right needs an obligation to support it. At the very least we have a duty to grant the same rights to others, but more consequentially, rights have trade-offs: things we have to do or surrender in order to earn the right. The right to vote entails the duty to pay taxes. The right of free speech entails the duty of using it responsibly, not inciting violence, harm, insurrection.

So it is with rights in our information age. Every cyber right entails a cyber duty.

For example, security. Modern security is an attribute of systems. Your thing, your home, your company, cannot maintain security alone outside of a system. Once a digital device is connected, everything it connects with needs to be secure as well. In fact, any system will only be as secure as the weakest part of that system. If your part is 99% secure, but your colleague is only 90% secure, you are actually only 90% secure as well. This small difference is huge in security. There are documented cases where an insecure baby monitor in a household system became the back door to unauthorized entry into that family’s network. In this way, the lax security of one piece sets the security for the whole system

Therefore, every part of a system has a duty to maintain the required level of security. Since one part’s security in part determines and impacts all parts’ security, every part of the system can rightfully demand that all parts level up. It is therefore the duty of each part (person, organization) to maintain the proper security.  It is not hard to imagine protocols that say you and your devices can’t join this network unless you can demonstrate you have proper security. In short you have the right to connect to the public commons (without permission), but you have the duty to ensure the security of your connection (and the commons as a whole).

This is not much different from what most nations say, which is you have a right to use any public road, but you must demonstrate you are responsible for its safety and security by passing a driver’s test. Your right is mobility on the roads; your duty is drive responsibility (no drinking!), and to get a license to prove it.

There are other rights/duties animated by digital tech, such as your identity. You don’t really need a name yourself. Your name is most useful to other people, so they can identify you, and in turn, trust you. Like your face, your name is at once the most personal thing about you and the most public thing about you. Your name and face are both indisputably “yours” and also indisputably in the commonwealth. Our faces are so peculiarly public that we are spooked about people who hide their face. And legally, many activities require that we keep our face public, like getting a license, flying in a plane, entering a secure facility, or voting. We have a right to look however we like, but we also have an obligation to keep our face public.

Names are similar, both intensely personal and outright public. We can try to hide our names behind pseudonyms and anonymity, but that diminishes some of our powers to affect change in the world, and also reduces trust from others. Privacy is part of a tradeoff. In order to be treated as an individual, with respect, we have to be transparent as an individual. We have a history, we have a story, we have context, we have needs and talents. All this is wrapped in our identity. So in order to be treated as an individual we have to convey that identity. Personalized individuality is a right that demands a duty of transmitting our identity. We also have (and must have) the right to remain opaque, unknown, and hidden, but the tradeoff for that right is the duty to accept that we will be treated generically, as not-an-individual, but as a number. The right of obscurity is the duty of silence; the right of individuality is the duty of transparency.

As more of our lives are connected constantly, the distinction between digital rights and rights in the rest of the world tend to vanish.  I don’t find it useful to separate them. However, there will still be new “rights” and “responsibilities” arising from new technology. They will first appear in high tech, and then as that tech becomes the norm, so will the rights. Currently, generative AIs demand we think about the rights – and responsibilities – of referencing a creation. The right of copy, or copyright, addressed the need to govern copies of a creation. Generative AI does not make copies, so copyright norms are helpless with this. We realize now that there might be the need for articulating a new right/duty around training an intelligence. If my creation is referenced to be used to train a student, or train an AI, that is, an agent that will go to create things themselves influenced by my work, should I not receive something for that? Should I have any control over what is made from my influence? I can imagine an emerging system such that any creation that is granted copyright is duty bound to be available for reference training by others, with the corresponding right for anyone to train upon a creation with a duty to pass some of the credit (status and monetary) back to creators.

The mirroworlds of AR and XR will necessitate further new pairs of rights/responsibilities around the messy concerns of common and shared works, for the mirrorworld is 100% a commons. What do I get from a collaborative creation, and what do I owe the others who contribute, when those boundaries are unclear? Because every new technology generates new possibilities, I expect it to also produce new pairs of duties and rights.