Written By Joshita Pai
The office of the Special Rapporteur on the Right to Privacy in the Digital Age, was created last year by the UNHRC, and today, in the 33rd session of the Human Rights Council, the Special Rapporteur, Joseph A. Cannataci submitted the Report on the Right to Privacy. The mandate of the UNHRC requires the Special Rapporteur to present annual reports starting from this year. The pioneering report released today while preliminary in nature, identifies a range of issues related to privacy, observed across different nations. The report states that “The report to the March 2016 session of the HRC will not attempt to prioritise risks or landmark improvements in privacy protection but simply refer to a few cases which illustrate particular progress or difficulties.”
Highlights of the Report
The report revolves around the concept of informational privacy and seeks to address the issues without prioritizing them. The Report in several places notes the handicap of the lack of definition on privacy. There is no universally constructed or accepted definition of privacy and it varies from culture to culture. To add to the impairment, the report stresses, are the ever-changing dynamics of Time, Place, Economy and Technology (TPET), which are variables that blur the notion of a settled definition. The Special Rapporteur observed that privacy has been recognized as a negative right and not as a positively affirming one. The Report observed that various legislations have been introduced across the board over the past year to legitimize privacy-intrusive techniques and measures by citing security reasons. The submission lists out the most contentious issues around such rushed legislative measures:
- the adequacy of oversight mechanisms;
- the distinction between targeted surveillance and mass surveillance (or bulk surveillance as it is euphemistically called in some countries);
- the proportionality of such measures in a democratic society;
- the cost-effectiveness and the overall efficacy of such measures.
It builds on the aspects of privacy which has surfaced at a global level in the past year. It throws light on the controversial UK Investigatory Powers Bill which has, despite much resistance, only undergone cosmetic changes to its surveillance provisions. The report further ropes in the European Court’s finding on the US safe harbour provisions in the Schrems matter, the refusal by the Dutch government to engage in backdoor encryption, which Cannataci refers to as wise restraint. Listing out the highlights in the 2015-16 period, the report touches upon the back and forth efforts by US and China in a vision for cyberpeace. The Report states that “Cyberspace risks being ruined by Cyberwar and Cyber-surveillance” and that “Governments and other stakeholders should work towards Cyberpeace.” The report notes the increasing trend in DNA databases and observes that ‘25% of the UN’s member states, have implemented national criminal offender DNA database programs.’ The report urges that different stakeholders engage in a constructive discourse on building the most appropriate guidelines and safeguards in this regard.
The Special Rapporteur addresses the concern over the nexus between privacy and reputation, and states that he will be collaborating with the Special Rapporteur on Freedom of Expression to explore concrete safeguards and remedies for privacy, dignity and reputation on the internet. Proceeding to the wide use of biometric devices and techniques, the Rapporteur commits to evolving workable guidelines on the same, in congruence with vital stakeholders.
The Report carves out an outline for what it addresses as the ‘Ten point plan’ with the object of expanding on the dimension of right to privacy and its inter-relationship with other human rights. The agenda is generic in nature and is referred to as the ‘To do List’. It includes delving into a more comprehensive legal understanding of the concept of privacy, raising awareness on the need for privacy, creating dialogue spaces, a focused dialogue with corporate houses, and devising technical and legal safeguards. The outline also stresses on creating curiosity and dialogue on the issues in cyberspace.
The report flags the challenges applicable to and arising from Big Data and Open Data, and the difference between the two. In continuation to this, the report also throws light on the principles that generally govern regulations on data protection, such as purpose limitation, security of data, data destruction, access to data, and consent of the data subject. The Rapporteur expressed concern over the existing provisions on anonymisation of data in the EU and its adequacy. The report states that “trading blocs including major nations or regional federations such as China, the European Union and the United States have adopted or are adopting Open Data and Big Data policies the far-reaching consequences of which may not as yet be properly understood and which may unintentionally put in peril long-standing social values as well as the fundamental rights to privacy, dignity and free development of one’s personality.”
The Report concludes with the Rapporteur emphasizing on the need for legislators, private actors and citizens to engage in a cordial dialogue process.