Where now for the Goldstone report?

In short, there are no new facts that could possibly have led Richard Goldstone to change his mind a

In an op-ed in the Washington Post, Richard Goldstone, the former South African constitutional court judge and prosecutor of the International Criminal Tribunal for the Former Yugoslavia, expresses misgivings about the central finding of the UN Human Rights Council fact-finding mission report on the Gaza conflict of 2008-2009 (named, after its chairman, "the Goldstone report") that Israel's indiscriminate attacks on civilians in Gaza were intentional.

The op-ed makes strange reading.

It states that the Goldstone report would have been a different document "had I known then what I know now", but fails to disclose any information that seriously challenges the findings of the Goldstone Report.

It claims that investigations published by the Israeli military and recognised by a follow-up UN committee report chaired by Judge Mary McGowan Davis, which appeared in March, "indicate that civilians were not intentionally targeted as a matter of policy". But the McGowan Davis report contains absolutely no such "indication" and instead seriously questions Israel's investigations, finding them to be lacking in impartiality, promptness and transparency.

Goldstone expresses "confidence" that the officer responsible for perhaps the gravest atrocity of Operation Cast Lead (Israel's code name for its assault on Gaza) – the killing of 29 members of the al-Samouni family – will be punished properly by Israel, even though the McGowan Davis report provides a critical assessment of Israel's handling of the investigation into this killing.

Finally he claims that the McGowan Davis report finds that Israel has carried out investigations "to a significant degree", but in fact this report paints a very different picture of Israel's investigations of 400 incidents, which have resulted in two convictions, one for theft of a credit card, resulting in a sentence of seven months' imprisonment, and another for using a Palestinian child as a human shield, which resulted in a suspended sentence of three months.

Cold, calculated and deliberate

In short, there are no new facts that exonerate Israel and that could possibly have led Goldstone to change his mind. What made him change his mind therefore remains a closely guarded secret.

The Goldstone report was not the only fact-finding report on Operation Cast Lead. Amnesty International, Human Rights Watch and the League of Arab States (whose mission I chaired) all produced thorough reports on the conflict.

In all the reports, including the Goldstone report, there were accounts of the killings of civilians by Israel Defence Forces (IDF) in a cold, calculated and deliberate manner. But the principal accusation levelled at Israel was that during its assault on Gaza, it used force indiscriminately in densely populated areas and was reckless about the foreseeable consequences of its actions, which resulted in at least 900 civilian deaths and 5,000 wounded.

In terms of the Rome Statute of the International Criminal Court, it is a war crime to direct attack so intentionally against a civilian population (Article 8(2)(b)(i)). Such an intention need not be premeditated: it suffices if the person engaging in such action meant to cause the consequence of his action, or "is aware that it will occur in the ordinary course of events" (Article 30).

Goldstone's op-ed may be interpreted to mean that he is now satisfied (though there is no evidence to support this) that Israel did not as a matter of policy deliberately and in a premeditated manner target civilians, and that where the calculated killing of civilians occurred this was without the blessing of the Israeli military and political leadership.

But he could not possibly have meant that Israel did not "intentionally target civilians as a matter of policy" in the legal sense of intention. That Israel's assault was conducted in an indiscriminate manner with full knowledge that its consequences would be the killing and wounding of civilians is a matter of public record fully substantiated by the Goldstone report and other, equally credible findings.

In his op-ed, Goldstone declares that Hamas's indiscriminate firing of rockets into Israel, which resulted in the killing of four civilians, was an "intentional" targeting of civilians and consequently a war crime. But it is a mystery how he can suggest that the indiscriminate bombing and shooting of Palestinians in Gaza by the IDF, which resulted in nearly a thousand civilian deaths, was not "intentional".

Goldstone does not, like his critics, describe his op-ed piece as a retraction of the Goldstone report. This is not surprising. Richard Goldstone is a former judge and he knows full well that a fact-finding report by four persons, of whom he was only one, like the judgment of a court of law, cannot be changed by the subsequent reflections of a single member of the committee.

This can be done only by the full committee itself with the approval of the body that established the fact-finding mission – the UN Human Rights Council. And this is highly unlikely, in view of the fact that the three other members of the committee – Professor Christine Chinkin of the London School of Economics, Ms Hina Jilani, an advocate of the Supreme Court of Pakistan, and Colonel Desmond Travers, formerly an officer in the Irish Defence Forces – have indicated that they do not share Goldstone's misgivings about the report.

Fight for accountability . . . from Israel and Hamas

Last month the Goldstone report was referred to the General Assembly of the United Nations by the Human Rights Council with the request that it be referred by the Assembly to the Security Council, and that the Security Council submit the matter to the prosecutor of the International Criminal Court, as it has done in the cases of Darfur and Libya.

Doubtless the General Assembly will refer the report to the Security Council, despite Goldstone's op-ed, but it will end there as the customary United States veto will ensure that Israel remains unaccountable.

The Goldstone report is a historical milestone. It is a credible, reasoned, comprehensive and thoroughly researched account of atrocities – war crimes and crimes against humanity – committed by Israel in the course of Operation Cast Lead, and of war crimes committed by Hamas in the indiscriminate firing of rockets into Israel. It is a serious attempt to secure the accountability of a state that has for too long been allowed by the west to behave in a lawless manner.

That the credibility of the Goldstone report has been undermined by Goldstone's strange op-ed in the Washington Post cannot be denied.

Although the report was authored by four experts with the backing of a team from the office of the High Commissioner for Human Rights, it has undoubtedly come to be associated with the name of Richard Goldstone. Inevitably the misgivings he has expressed about his own role in the report will weaken its impact as an historical record of Operation Cast Lead.

Already, the Israeli government has expressed delight at what it construes to be a retraction of the report, and demanded both a contrite apology from Goldstone and a refutation of the report by the United Nations. Predictably the US department of state has welcomed Goldstone`s op-ed, and one fears that European governments will find in it an excuse to justify their continued support for Israel.

Richard Goldstone has devoted much of his life to the cause of accountability for international crimes. It is sad that this champion of accountability and international criminal justice should abandon the cause in such an ill-considered but nevertheless extremely harmful op-ed.

John Dugard is professor of law at the University of Pretoria, emeritus professor of the University of Leiden and former UN special rapporteur on human rights in the occupied Palestinian territory.

Image: Shutterstock
Show Hide image

Are you ready to comply with the EU GDPR?

Alan Calder, the founder and executive chairman of IT Governance, discusses the EU General Data Protection Regulation (GDPR) and how your organisation can achieve compliance.

The EU General Data Protection Regulation (GDPR) will supersede the UK Data Protection Act 1998 on 25 May 2018, introducing new obligations for all organisations that process the personal data of EU residents.

The GDPR introduces significant changes in the areas of data subject and child consent, privacy by design, data breach notification, international data transfers and data protection officers, among others.

With the prospect of multi-million pound fines for non-compliance, and less than two years until the Regulation is enforced, organisations in the UK should urgently be considering what they need to do to comply.

The skills and resources required under the GDPR

The GDPR requires certain organisations to appoint a data protection officer (DPO). The role of a DPO includes informing and advising the controller and processor of their data protection obligations, monitoring the organisation’s compliance and performance, providing advice on data protection impact assessments, and giving due regard to risks associated with data processing operations. DPOs must have the legal and information security knowledge and skills necessary to help organisations achieve compliance with the Regulation.

As an expert in information security and data protection compliance, IT Governance has developed Europe’s first certified EU General Data Protection Regulation Foundation and Practitioner training courses to help individuals who are involved in data protection or who are looking to fulfil the role of data protection officer in order to achieve compliance with the Regulation. The certified training programme is designed to equip individuals with a comprehensive understanding of the GDPR requirements and a practical guide to planning, implementing and maintaining compliance with the GDPR.  

Inform GDPR transition planning through data flow mapping and gap analysis

An important first step in achieving compliance with the GDPR is to review your organisation’s data flows. A data flow audit will allow your organisation to map the locations of all personally identifiable information (PII), gain visibility over your data flows, develop effective strategies to protect PII, improve data lifecycle management and introduce efficiencies into your processes, and reduce privacy-related risks. 

Organisations that plan to comply with the GDPR but that lack visibility over their data flows are encouraged to conduct a data flow audit. The process involves mapping out the organisation’s data flows to get a comprehensive understanding of the sources from which the data flows. IT Governance can help organisations prepare for the GDPR with an extensive data flow audit that will enable you to identify the measures, policies and procedures needed to reduce the risk of a data breach.

Implement technical and organisational measures with ISO 27001

ISO 27001 is the international best-practice standard for information security management and encompasses three essentials aspects: people, processes and technology. The Standard is designed not only to defend your company against technology-based risks but also to prevent common security issues such as those caused by lack of staff awareness around current threats or ineffective information security procedures.  

Moreover, the GDPR clearly states that “the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk”. These measures relate to personal data encryption and pseudonymisation; access and availability of data; the confidentiality, integrity and availability of processing systems and services; and regular assessment and evaluation of technical and organisational measures to ensure the security of processing.

An ISO 27001-compliant information security management system (ISMS) is founded on an enterprise-wide a culture of information security, led by the board. It necessitates that your organisation’s information security strategy be constantly monitored, updated and reviewed, and this process is amenable to helping you implement the technical and organisational measures of the GDPR.   

ISO 27001 can help you meet parallel GDPR and NIS Directive requirements

The NIS Directive, which is set to come into force at the same time as the GDPR, is designed to help organisations within the EU achieve a common level of security across their networks and information systems. The Directive applies to organisations providing essential services in sectors such as finance, energy and transport, as well as digital service providers.

Similar to the GDPR, the NIS Directive requires a robust ISMS and encourages a security culture. As a result, more and more organisations preparing to comply with both the GDPR and the NIS Directive are also seeking certification to ISO 27001. The Standard contains information security requirements that, when met, can allow your organisation to centralise and simplify your compliance efforts for the NIS Directive and the GDPR.

IT Governance’s ISO 27001 packaged solutions can help you tackle your organisation’s GDPR and NIS Directive compliance requirements as well as implement a robust  ISMS. The ISO 27001 packaged solutions provide a unique blend of expertly developed tools and resources that complement your organisation’s skills and resources at a fixed price and in a timely manner.

To find out more about GDPR compliance or ISO 27001 packaged solutions please visit (www.itgovernance.co.uk/iso27001-solutions.aspx), email servicecentre@itgovernance.co.uk, or call us on +44 (0)845 070 1750.

Alan Calder is the founder and executive chairman of IT Governance.