Victoria ToujilinaCS 495 11/4/2018
Privacy and Civil Liberties: International Implications
Victoria Toujilina
CS 495 – Senior Seminar
Assignment due: 10/19/04
Abstract
Page 1 of 8
Victoria ToujilinaCS 495 11/4/2018
With the recent development of the technology people became concerned with the problem of privacy protection. The Internet created the opportunities to efficiently and inexpensively collect and analyze data about people and their online activities. As a result, governments all over the world are beginning to react to these concerns and enact legislation aimed at controlling the collection and use of data about private citizens. The question is, can legislation really provide protection in the Cyberspace?
What is privacy?
Privacy became one of the fundamental human rights of the modern age. It underpins human dignity and other values such as freedom of association and freedom of speech. Privacy is recognized around the world in different regions and countries. Nearly every country in the world includes a right of privacy in its constitution. In many of the countries where privacy is not explicitly recognized in the constitution, the courts have found that right in other provisions. In many countries, international agreements that recognize privacy rights have been adopted into law.
Privacy is a relatively recent idea (10). In the 21st Century individuals in western countries expect that, with some exceptions, personal details about themselves remain private unless they choose otherwise. Prior to this, individuals had few notions about privacy, and even less opportunity to experience it. People now believe that “data about themselves should generally not be available to other individuals and organizations” (9); that is where the information is held by another party and this party guarantees the individual that this information will be protected from unauthorized access and misuse; and that “the individual must be able to exercise a substantial degree of control over that data and its use” (9).
In the century where the Internet became the part of everyday life, the world discovered the new flavor of the privacy issue – privacy invasion in the Cyberspace. Every time we make the Internet connection and start either browsing around or using different services such as newsgroups and e-mail, we “go international”. Having the Internet connection gives you an exciting opportunity to access many valuable resources all over the world. At the same time, being online makes you vulnerable for anybody whose goal is to invade your privacy.
The new type of the privacy in the contest of the Internet can be defined as data privacy, “the evolving relationship between technology and the legal right to, or public expectation of privacy in the collection and sharing of data”(19).The biggest problem is that even if you are a citizen of a civilized country and generally feel protected by the laws of that country, that does not mean that you can feel safe in the online world. What are the possible ways of dealing with this issue? Let’s take a look at how the right of privacy online is protected by different international organizations around the world.
World privacy organizations (advocates)
One of the biggest and most successful international privacy organizations, Privacy International (PI) (14), was formed in 1990 as a human rights group. The main purpose of PI is to watch on surveillance and privacy invasions by governments and corporations. The headquarters of PI is based in London, The United Kingdom. Privacy International also has an office in Washington, D.C., the United States of America. PI has conducted campaigns and research throughout the world on issues ranging from wiretapping and national security, to ID cards, video surveillance, data matching, police information systems, medical privacy, and freedom of information and expression.
The Global Internet Policy Initiative (GIPI) was formed by Center for Democracy & Technology (CDT) and its partner Internews in 2001. The major goal of GIPI is to promote and support adoption in developing countries of legislative and regulatory policies that will support development of an open, democratic and affordable Internet. Working with partners on a country-by-country basis, GIPI is defining and promoting legal and regulatory reforms that will foster Internet development. It also hires full-time Internet policy experts on the ground. As of May 2003, GIPI has policy coordinators in 17 countries.
Electronic Privacy Information Center (EPIC) (4) is a public interest research center in Washington, D.C. EPIC was established in 1994 with the main focus on public attention on emerging civil liberties issues and the protection privacy, the First Amendment, and constitutional values. EPIC frequently hosts and participates in various events and policy briefings on important privacy and First Amendment-related issues. It also regularly publishes the report on state of privacy, security, and civil liberties.
Cyber-Rights & Cyber-Liberties (The United Kingdom) (3) is a non-profit civil liberties organization founded in 1997. Its main purpose is to promote free speech and privacy on the Internet and raise public awareness of these important issues. Cyber-Rights & Cyber-Liberties covers such important issues as the regulation of child pornography on the Internet and UK Government’s encryption policy. The organization provides up-to-date information related to free speech and privacy on the Internet.
The main purpose of Statewatch (15), a non-profit-making voluntary group founded in 1991, is monitoring the state and civil liberties in the European Union.It consists of lawyers, academics, journalists, researchers and community activists. Its European network of contributors is drawn from 13 European countries. Statewatch encourages the publication of investigative journalism and critical research in Europe the fields of the state, justice and home affairs, civil liberties, accountability and openness.
Australian Computer Society (ACS) (1) was founded in 1966. Its objectives are to further the study, science and application of Information Technology; promote, develop and monitor competence in the practice of ICT by people and organizations; maintain and promote a Code of Ethics (2). It is one of the major Australia privacy protection organizations as of today.
The voice of multiple international organizations that work hard to protect the right of privacy is forcing the governments of the countries around the world into certain legal changes. From the list above we can conclude that data protection and privacy in the Cyberspace became a big concern for most countries in Europe, North America and Australia. As a result, countries such as USA, Canada, several countries in the European Union have already made considerable changes in the law system in order to meet the demand. Unfortunately, we cannot say the same about the countries of Asia, South America, and Africa.
Privacy Legislation
In 1995, the European Union (EU) issued a Directive on the Protection of Personal Data (the Directive) with a dictate that all EU members must adapt their national laws to comply with the Directive by 1998 (16). The Directive defines specific conditions that have to be met in order to legally process personal data. Although there is considerable variation between EU member countries in the level of legislated privacy protection for their citizens, people within the EU currently have one of the highest levels of privacy protection in the world. The high level of protection, however, creates problems for countries that want to trade with the EU (6). For example, the EU prohibits exchange of personal data with countries that do not have the same level of privacy protection as the one if the Directive. As a result, the countries that want to continue to have business with the EU have to have privacy legislation, which complies with the EU privacy Directive.
On June 25, 2002 the European Union Council adopted the new Privacy and Electronic Communications Directive as voted in the Parliament (13). Under the terms of the new Directive, member states may now pass laws mandating the retention of the traffic and location data of all communications taking place over mobile phones, SMS, e-mails, chat rooms, the Internet, or any other electronic communication device.
January 2002, the European Commission (5) recognized that the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) provides adequate protection for certain personal data transferred from the European Union to Canada. The Commission's decision of adequacy does not cover any personal data held by federal sector or provincial bodies or information held by personal organizations and used for non-commercial purposes, such as data handled by charities or collected in the context of an employment relationship. The Commission is currently looking into the privacy protection schemes in several other non-European Union countries, including New Zealand, Australia, and Hong-Kong.
The situation in the United States, until recently, was following a more passive path towards privacy protection. Historically preferring self-regulation to legislation for the control of the private sector, the United States has recently responded to public concern with legislation. Considerable discussion and debate is taking place over the benefits of protecting the privacy of the individual online consumer, balanced against the cost of implementing and managing privacy control on the part of business. The main opponents of legislation appear to be businesses either seeking to avoid the costs involved in implementing protection measures or seeking to continue to profit from the collection, processing and salve of private data.
In Australia, privacy legislation has developed along similar lines to those of the United States. Individual state and territory governments have enacted privacy legislation in an attempt to provide protection and controls for online consumers. Federal privacy legislation, the Privacy Act 1998 (12), was enacted in 1998 to define national privacy principles. Initially the Act was only applying to public sector agencies. Although when the issue of online privacy continued to gain the attention of the media, amendments were passed in December 2000 to extend the Act to private sector organizations as well.
The situation in the Asia-Pacific region significantly differs from on in the EU or the United States (view Diagram 1). When comparing, we can see that the privacy legislation is Asia is not developed as good as that in Western countries. Some of the countries, such as New Zealand, Hong Kong and Taiwan, are changing the situation and have already enacted legislation to protect privacy (18). It is interesting to note that none of the countries that were established from the republics of the former Soviet Union has the privacy legislation or any other law that can relate to that issue.
Several countries that do not have a comprehensive act still have a commissioner. A major power of these officials is to focus public attention on problem areas, even when they do not have any authority to fix the problem. They can do this by promoting codes of practice and encouraging industry associations to adopt them. They also can use their annual reports to point out problems. For example, in Canada, the Federal Privacy Commissioner announced in his 2000 report the existence of an extensive database maintained by the federal government. Once the issue became public, the Ministry disbanded the database.
In several countries, this official also serves as the enforcer of the jurisdiction's Freedom of Information Act. These include Hungary, Estonia, Thailand and the United Kingdom. On the sub-national level, many of the German Lund Commissioners have recently been given the power of information commissioner, and most of the Canadian provincial agencies handle both data protection and freedom of information.
Conclusion
Unfortunately, simply having legislation in place does not guarantee the protection: the legislation should be enforced. At the same time, higher levels of legislated privacy protection have not necessarily result in a higher level of protection. There is a shortage of skilled technical people in the IT industry, a lack of resources. The individuals that believe that they have the right of privacy must take certain steps to protect themselves. Legislation is simply not capable of completing this task by itself.
References
(1) Australian Computer Society
(2) Australian Computer Society Code of Ethics
(3) Cyber-Rights & Cyber-Liberties
(4) Electronic Privacy Information Center
(5) European Commission
(6) European Convention on Human Rights
(7) Universal Declaration of Human Rights
(8) International Covenant on Civil and Political Rights
(9) Internet Privacy Concerns Confirm the Case for Intervention by Roger Clarke
(10) Medieval Life: Squires, Maidens and Peasants by Benjamin Gorman
(11) Principles of Fair Information Practices
(12) Privacy Act 1998
(13) Privacy and Electronic Communications Directive
(14) Privacy International
(15) Statewatch
(16) The Directive on the Protection of Personal Data (the Directive)
(17) The Global Internet Policy Initiative
(18) The Privacy act and you
(19) Wikipedia
Biography
Victoria Toujilina is a senior student working on her Bachelor Degree in Computer Science in SUNY Binghamton, Binghamton, NY. She has recently accomplished the Associate degree in Computer Science in Broome Community College, Binghamton, NY. Victoria is currently working as a software tester for BAE Systems, Johnson City, NY.
Contact Information:
Victoria Toujilina
2668 Camelot Rd., Apt. 2
Endwell, NY 13760
607 785 4239
Page 1 of 8
Victoria ToujilinaCS 495 11/4/2018
Diagram 1. Data Protection Around the World
Source:
Page 1 of 8