• Media Enquiries

    07505 448925(24hr)

Office of the United Nations High Commissioner for Human Rights report on “The right to privacy in the digital age”

Image3Whilst the DRIP Bill process is coming to an end in Parliament, it is certainly timely that the Office of the United Nations High Commissioner for Human Rights has published his report on “The right to privacy in the digital age” (PDF).

The report raises some important questions regarding the legitimacy of mass data retention, the role of private companies, and the potential impact on privacy and human rights.

We have picked out (the many) key points from the report:

GENERAL COMMENTS

  • As noted by the Special Rapporteur on the right to freedom of expression and opinion, technological advancements mean that the State’s effectiveness in conducting surveillance is no longer limited by scale or duration (p.3)
  • Deep concerns have been expressed as policies and practices that exploit the vulnerability of digital communications technologies to electronic surveillance and interception in counties across the globe have been exposed. Examples … government mass surveillance emerging as a dangerous habit rather than an exceptional measure. (p.3)

COOPERATION FROM COMMUNICATION SERVICE PROVIDERS

  • Government’s reportedly have threatened to ban the services of telecommunication and wireless equipment companies unless given direct access to communication traffic, tapped fiber-optic cables for surveillance purposes, and required companies systematically to disclose bulk information on customers and employees (p.3)
  • Mandatory third party data retention – a recurring feature of surveillance regimes in many States, where Government’s require telephone companies and Internet service providers to store metadata about their customers’ communications and location for subsequent law enforcement and intelligence agency access – appears neither necessary nor proportionate. (p.9)
  • If a country seeks to assert jurisdiction over the data of private companies as a result of the incorporation of those companies in that country, then human rights protections must be extended to those whose privacy is being interfered with, whether in the country of incorporation or beyond. This holds whether or not such an exercise of jurisdiction of lawful in the first place, or in fact violates another State’s sovereignty. (p.12)
  • This conclusion is equally important in light of ongoing discussions on whether “foreigners” and “citizens” should have equal access to privacy protections within national security surveillance oversight regimes. (p.12)
  • The enactment of statutory requirements for companies to make their networks “wiretap-ready” is a particular concern, not least because it creates an environment that facilitates surveillance measures. (p.14)
  • There may be legitimate reasons for a State to require that an information and communications technology company provide user data; however, when a company supplies data or user information to a State in response to a request that contravenes the right to privacy under international law, a company provides mass surveillance technology or equipment to States without adequate safeguards in place or where the information is otherwise used in violation of human rights, that company risks being complicit in or otherwise involved with human rights abuses. (p.15)

NSA AND GCHQ

  • Concerns have been amplified following revelations in 2013 and 2014 that suggested that, together the NSA in the USA and GCHQ in the UK have developed technologies allowing access to much global internet traffic, calling records in the US, individuals’ electronic address books and huge volumes of other digital communications content. These technologies have reportedly been deployed through a transnational network comprising strategic intelligence relationships between Government’s regulatory control of private companies and commercial contracts. (p.3)

SAFEGUARDS

  • In December 2013 the General Assembly adopted resolution 68/167, without a vote, on the right to privacy in the digital age … the Assembly affirmed that the rights held by people offline must also be protected online and called upon all States to respect and protect the right to privacy in digital communication. It further called upon all States to review their procedures, practices and legislation related to communications surveillance, interception and collection of personal data, emphasising the need for States to ensure the full and effective implementation of their obligations under international human rights law. (p.4)
  • Article 12 of the Universal Declaration of Human Rights provides that “no one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor attacks on his honour or reputation. Everyone has the right to the protection of the law against such interference or attacks.” (p.4)
  • Surveillance of electronic communications data can be a necessary and effective measure for legitimate law enforcement or intelligence purposes. Revelations about digital mass surveillance have, however, raised questions around the extent to which such measures are consistent with international legal standards and whether stronger safeguards are needed to protect against violations of human rights. Specifically, surveillance measures must not arbitrarily or unlawfully interfere with an individual’s privacy, family, home or correspondence; Governments must take specific measures to ensure protection of the law against such interference. (p.6)
  • Addressing these questions requires an assessment of what constitutes interference with privacy in the context of digital communications; of the meaning of “arbitrary and unlawful”; and of whose rights are protected under international human rights law, and where. (p.6)
  • Article 17 of the International Covenant of Civil and Political Rights …. “Correspondence should be delivered to the addressee without interception and without being opened or otherwise read.” (p.6)
  • According to one report “a reality of big data is that one data is collected, it can be very difficult to keep anonymous. While there are promising research efforts underway to obscure personally identifiable information within large data sets, far more advanced efforts are presently in use to re-identify seemingly ‘anonymous’ data. Collective investment in the capability to fuse data is many times greater than investment in technologies that will enhance privacy.” (p.6)
  • As the European Union Court of Justice recently observed, communications metadata “taken as a whole may allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained.”(p.7)
  • Any capture of communications data is potentially an interference with privacy and, further, that the collection and retention of communications data amounts to an interference with privacy whether or not those data are subsequently consulted or used. Even the mere possibility of communications information being captured creates an interference with privacy, with a potential chilling effect on rights, including those of free expression and association. (p.7)
  • Any communications surveillance programme must be conducted on the basis of a publicly accessible law, which in turn must comply with the State’s own constitutional regime and international human rights law. (p.10)
  • The State must ensure that any interference with the right to privacy, family, home or correspondence is authorised by laws that (a) are publicly accessible; (b) contain provisions that ensure that collection of, access to and use of communications data are tailored to specific legitimate aims; (c) are sufficiently precise, specifying in detail the precise circumstances in which any such interference may be permitted, the procedures for authorising, the categories of persons who may be placed under surveillance, the limits on the duration of surveillance, and procedures for the use and storage of the data collected; and (d) provide for effective safeguards against abuse. (p.10)
Posted on by Emma Carr Posted in Home

3 Responses to Office of the United Nations High Commissioner for Human Rights report on “The right to privacy in the digital age”

  1. Andy A

    I wonder if GCHQ etc. are already checking our e-mails as we are part of a possibly “difficult” group of people that prize individual freedom and privacy.
    Interesting that the government say we should stay part of the EU but do not want to comply with selected EU legislation ?

  2. Nicholas Dove

    All sensible people will find the report to be reasonable and responsible. The tragedy is that there is no hope that our government will accept it. It is a pity that our government is incapable of acting rationally, and that the majority of MPs chose to betray their duty to scrutinise the bill, to protect the rights of their constituents, and to consider possible unintended consequences; they also chose to surrender their sovereignty when it comes to legislation; the administration is supposed to be subject to the house.
    Not satisfied with that they now wish to opt out of human rights legislation; farewell freedom and welcome to the Dictatorship.

  3. Alan

    The ‘reported’ world brings nothing but state abuse of power. It seems our darkest cynicism is continually fulfilled. The majority of people actually just want to do the best they can irrespective of legal diktat. From communications to government, there are alternatives. It is up to us to make the change on an individual level. Those that claim leadership will never stop.

Add a Comment