5.4 Governance of the Lantern Program • Accountability and responsibility related to the Lantern Program is shared between the Tech Coalition and participating companies. The Tech Coalition clearly states that each participating company is responsible for how they share and use signals as part of the program, and each participant is individually accountable for risks associated with their use of the signals. The Tech Coalition, on the other hand, is responsible for putting in place appropriate measures and mitigations to incentivize and enable participants to use the Lantern Program appropriately, and to identify and act upon instances when they do not. This structure of shared responsibility has implications for the Tech Coalition’s attribution to human rights impacts and its leverage to address those impacts, which is discussed in the Human Rights Impacts section (Section 6, below) in more detail. • The use of Meta’s ThreatExchange platform may have implications for the governance and autonomy of the Lantern Program. Meta serves as an infrastructure provider to the Tech Coalition and makes adjustments to the signal sharing database and its technical features because the Lantern Program is built on Meta’s ThreatExchange platform. This may take away some independence and control from the Tech Coalition, and may lead to challenges if the Tech Coalition needs more resources than Meta can provide. • Transparency is a critical component of the Tech Coalition’s governance approach for the Lantern Program, and it constitutes an important risk mitigation measure in itself. If the Tech Coalition and participants of the Lantern Program fail to provide adequate information about the use of the database, the lack of transparency may lower the effectiveness of the program. For example, companies may upload or action signals based on biased assumptions and this may go unchecked. This would not only limit the impact of signal sharing, but may also lead to stakeholder skepticism about the program. Transparency may also come with risks. For example, transparency about the Lantern Program may expose participating companies to legal scrutiny and disincentivize them from engaging with the database (see above). Similarly, it may attract governments and law enforcement to coerce the Tech Coalition or participating companies to share user information. The Tech Coalition will need to continuously consider these risks and strike a balance between openness and potential risks. • External communications about the Lantern Program will be critical to the success of the program. The ongoing public policy debate about the relationship between child safety, privacy, and other rights necessitates that the Tech Coalition and companies participating in the Lantern Program carefully consider the external communications around the program. The program may be perceived to skew on either side of this debate if messaging and communications are not undertaken in a balanced and nuanced manner. In turn, perception issues may disincentivize companies from engaging with the Lantern Program, create distrust among certain stakeholder groups, and ultimately limit its impact. BSR TECH COALITION HUMAN RIGHTS IMPACT ASSESSMENT 30