|
Committee: Human Rights Council Topic: Surveillance and Privacy
Invasions by Governments and Corporations Author: Donna Kollee, BA(Hons), MA (Hons) Information is power. Control of personal information
and the deprivation of the right to privacy are ways of exercising power over
individuals. The protection of personal information and privacy is central to
the autonomy of the individual and to respect for human rights. - Meryem Marzouki: Statement on Human Rights,
Human Dignity and the Information Society Introduction What if you lived in a world where everything you did was
monitored, from the websites you visited to the concerts you attended to the
books you checked out from the library? What would happen if your government
knew everything about you from your medical history to your sexual preferences
to the amount of money you made each year? How would you feel if all of your
e-mail and text messages were read by someone else who was unauthorized to read
them? What if your school fixed cameras in the bathrooms and listening devices
in the hallways to capture every conversation? What would you do if you were
stopped one day and asked to provide a sample for a random drug test? While all of this may sound like paranoid conspiracy
theories, the grim truth is that this is happening every day, all the time.
Every time you visit a website, renew a prescription, subscribe to a magazine
or purchase something with anything other than cash, information about you is
captured in a database. New laws give authorities the right to read e-mails
without a subpoena. Corporations install cameras to watch their employees.
Lists are compiled of individuals who read “undesirable”
material. Some are jailed for associating with the “wrong” people. Our
modern technological world has broken down barriers and made it possible for us
to accomplish more, but it has also made it easier for more to be known about
us than ever before. Our privacy is at stake. What is privacy, really? In a world where we carry our
cell phones everywhere, are told which celebrity went outside without her
underwear and can check up on what our friends are doing just by accessing
their profile page on Facebook, it’s as if we have given up the right to a
private life to live in the public sphere. Anyone can reach us at any time. In the 21st century, privacy does not mean
being hidden from the public but rather the ability and right to protect
yourself and your personal information from use by others. This is important
because when you have no control over who has access to your personal
information, you have no control over how it is used. When you have no idea
that information is being collected about you, you don’t know who is using it or why. When your conversations
are being monitored, your e-mails read and video cameras are capturing your
movements, your rights to freedom of expression and association are
threatened. When privacy is not
vigorously protected, room is created for totalitarianism, and repression can
occur. When individuals are monitored, they lose their freedom. Committee Background The United Nations Human
Rights Council was created on March 15, 2006 and replaces the former United
Nations Commission on Human Rights. Although it has essentially the same
mandate of addressing human rights violations, the Human Rights Council was
created in response to criticism that the Commission on Human Rights gave
high-profile positions to member states who did not guarantee the rights of
their own citizens. The mandate of the Human Rights Council includes preventing human rights
violations, securing respect for all human rights, promoting international
cooperation to protect human rights, coordinating related activities throughout
the United Nations, and strengthening and streamlining the United Nations system
in the field of human rights. Members of the Council are expected to uphold the highest
standards of human rights protection and promotion. The Human Rights Council
has 47 seats and members are elected for three-year terms by secret ballot in
the General Assembly. Interestingly, the Statement of the Problem The right to privacy is
vigorously proclaimed but rarely upheld. International agreements such as the
Universal Declaration of Human Rights, the International Covenant on Civil and
Political Rights and the European Convention on Human Rights note the human right
to privacy but rarely set forth means of protecting it. A new definition of “privacy”
and means to protecting it must be created. The emergence of a global,
borderless world and new technologies mean that this concept needs to be
expanded and refined for the 21st century. History of the Problem The concept of privacy is not
new but the way it is viewed has changed over time. Two hundred years ago, “private matters”
often referred to personal and domestic affairs. The government had very basic
information about its citizenry. Merchants knew their customers personally and
purchases were often made in person.
When census data began to be collected and more questions began to be
asked about an individual’s income, sex, marital status and location (among
others), the government began compiling detailed records of its citizenry. The
ability to order goods and services by mail and telephone led companies to
start keeping track of their customers. As technology has advanced, governments
and corporations have had increasingly greater access to individual’s personal
information. Individuals have also been increasingly willing to provide it. Article 12 of the Universal Declaration of Human Rights
states, “no one shall be subjected to arbitrary interference with his privacy,
home or correspondence, nor to attacks upon his honour and reputation. Everyone
has the right to protection of the law against such interference or attacks”.
While privacy has been recognized as a fundamental human right, defining what “privacy”
means has proven more difficult. Privacy has been defined as “the right of the individual
to be protected against intrusion into his personal life or affairs, or those
of his family, by direct physical means or by publication of information”
(Calcutt, 1990). It is also “a way if drawing the line at how far society can
intrude into a person’s affairs” (Waak, 2002) and “the right we invoke to
defend our personal freedom, our autonomy and our identity. It is the basis
upon which we assess the balance of power between ourselves and the world
around us” (Davies, 2001). According to Clarke (2006, http://www.anu.edu.au/people/Roger.Clarke/DV/Intro.html ), privacy is important philosophically,
psychologically, sociologically, economically and politically. Having a private
space grants individual’s freedom to think, argue, act, associate and innovate.
Without this freedom, we are repressed and unable to be ourselves. In such an
environment, we are unable to trust others, have sincere relationships or even
go about the daily business of living. When we feel our every movement
is monitored, we are prisoners to nameless, faceless entities. There is no
democracy and no freedom in such an environment. Surveillance is
easier to define. It refers to means of observing or monitoring behaviour. It does not always have a negative
connotation; in the medical community, surveillance is used to monitor diseases
in populations. For the purpose of this study guide however, surveillance is
the primary tool utilized to invade privacy and can be used by governments and
their agents (i.e. the police), corporations and individuals. This can occur
through eavesdropping on conversations, using closed-circuit cameras, tracking
internet usage, and intercepting e-mails, just to name but a few methods. Protecting privacy has become more difficult in the
modern world due to three major factors: globalization, technology and
terrorism. While the borderless world has given people more freedom to work,
travel and do business, it also means that personal information can travel
farther than ever before. When you board a flight, purchase goods from another
country or work abroad, your personal information is exposed. The internet has
allowed us to learn and do more, but whenever you send an e-mail, surf the web
or chat on-line, you leave information behind. The events of 9-11 have led
states to create new and often repressive laws to combat terrorism. The attacks on the
United States on September 11, 2001 and the subsequent terrorist attacks in
Egypt, the United Kingdom, Spain, Bali, Russia, Morocco, and Saudi Arabia led
to a paradigm shift in terms of privacy and human rights. In responding to
these reprehensible acts against the innocent, both individual states and the
international community at large have felt the pressure to quickly enact new
legislation designed to protect citizens while ensuring domestic and
international security. Laws created to identify, disrupt and dismantle
terrorism have significant implications for individuals and their rights. Information gathering, profiling and sharing are
hidden under the rubric of “fighting the
war on terrorism”. The Uniting and
Strengthening America by Providing Appropriate Tools Required to Intercept and
Obstruct Terrorism Act (the USA PATRIOT Act, commonly known as the PATRIOT Act)
represents is a key example of this. The Act gave the Worldwide, legislation
designed to combat terrorism has had implications for privacy and civil rights.
This legislation often includes increased communications surveillance and
search and seizure powers by authorities, requires personal information and
data to be retained for longer periods, demands increased data sharing between
both governments and governments and the private sector, especially with
regards to international travel, and has led to increased profiling and
identification of both nationals and foreigners. The biggest threat to privacy in the 21st
century comes not from laws or increased mobility between borders but from
technology. Advances in technology,
specifically in electronics and the capabilities of computers have allowed us
to communicate with people around the world through phone, internet and e-mail.
We can buy goods in another country, pay bills and renew our prescriptions
online at any time. While undeniably beneficial, an overlooked side effect of
this is that all of the information we supply for these transactions is kept in
databases. Retailers record purchase and credit information. The cable or phone
companies have records of the services you use and your account information,
including your address, social insurance number and the method you use to pay
their bills. Pharmacies hold onto your prescription history. It’s not having
personal information in different databases all over the world that threatens
privacy; it is what is done with this information that can pose a threat to
your privacy. When you supply your personal information, you are
assuming it will be used only for the purpose you gave it. For example, if I am
a Harry Potter fan and I order the latest book online with my credit card, I’m assuming that the bookstore I order it from will use
this information for the sole purposes of processing my order. But what if that
bookstore sells my personal information to a third party, one that has received
information about my lifestyle and spending habits from other stores I have
bought things from or magazines I subscribe to or surveys I have taken?
Suddenly I find myself receiving e-mails about deals on vacations to The above example illustrates a benign invasion of
privacy but represents a privacy invasion nonetheless. Your personal information could potentially
be captured in thousands of government and private databases. Who is
maintaining and regulating these databases? Who regulates the regulators? What
happens to the information you provide? Are you informed when this information
is shared with another party? The remainder of this study guide will focus on
answering these questions through defining key areas of privacy, discussing how
governments and corporations invade privacy through the use of technology and
exploring different methods currently employed to protect privacy. I. A
better definition of privacy: four key areas Although I have provided a general definition of what privacy is and why
it is important, narrowing the concept may allow this committee to direct its
focus. Privacy International is a human rights group formed in 1990 as a
watchdog on surveillance and privacy invasions by governments and corporations.
In its 2005 Privacy and Human Rights report, it defines four key areas of
privacy: 1. Information privacy: the establishment of rules for the collection
and handling of personal data such as credit information, and medical and
government records. Also known as "data protection"; 2. Bodily privacy: the protection of people 3. Privacy of communications: the security and privacy of mail,
telephones, e-mail and other forms of communication; and 4. Territorial privacy: the setting of limits on intrusion into the
domestic and other environments such as the workplace or public space. This
includes searches, video surveillance and ID checks (Privacy and Human Rights
2005 Report, http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-543673).
Although this study guide focuses primarily on information privacy and
privacy of communications, each of these four areas of privacy are important
and worthy of consideration by the committee. II.
Big and Little Brothers: invasions by government and corporations While most countries have laws protecting individual privacy, they also
have laws detailing when privacy can be violated by the state or one of its
agents. Usually this occurs when an individual or group is suspected of
breaking the law or posing a threat to the rest of society. Governments have
the ability to invade privacy through arrest, compelled identification, drug
testing, physical searches, database profiling, genetic testing, polygraph
tests, census enumeration and national identity cards (Rotenberg www.unesco.org/webworld/infoethics_2/eng/papers/paper_10.htm
). Corporations can invade
privacy at two levels: the employee and the consumer. The issues around
entitlement to privacy in the workplace are sticky and vary wildly from state
to state. In From a customer
perspective, corporations violate privacy when they extract commercial value
from consumers in their personally identified transactions (Rotenberg www.unesco.org/webworld/infoethics_2/eng/papers/paper_10.htm
), such as when selling personal information to a third party or using
information to target the customer for other goods and services it may sell.
Corporations may also provide personal information to individuals, groups or
agencies the consumer never intended; for example, a pharmacy disclosing a
worker’s prescriptions to an employer or a government agency obtaining lists of
every resident in a geographic area who subscribes to satellite television. III. Approaches to Protecting Privacy There is currently no
international standard for protecting privacy. The European Union passed the Data Protection
Directive in 1998. It states that information should be collected for specific,
legitimate purposes only, and be stored in individually identifiable form no
longer than necessary. It also specific rights for the person the information
concerns--the "data subject." The entity collecting the information
must give the data subject notice explaining who is collecting the data, who
will ultimately have access to it, and why the data is being collected. The
data subject also is given the right to access and correct the data. The rules
are stricter for companies that want to use data in direct marketing, or to
transfer the data for other companies to use in direct marketing. The data
subject must be explicitly informed of these plans and given the chance to
object. Stricter rules also surround sensitive information relating to racial
and ethnic background, political affiliation, religious or philosophical
beliefs, trade-union membership, sexual preferences, and health. To collect
this information the data subject must give explicit consent. The Directive
allows exceptions for employment contracts, non-profits, or the legal system. (Singleton, http://www.cato.org/pub_display.php?pub_id=5082). Under this concept, privacy is held as a human right that
cannot be transferred or given away. Governments and companies have a duty not
only to protect information but to give the individual control over its use.
Personal information belongs to the individual and the individual therefore has
rights to legal action against anyone who misuses that information. Supporters
of the “privacy-as-human-right” stance hold that it is the government’s
responsibility to legislate and protect individual privacy. Opponents of this
stance feel that legislating privacy is cumbersome and causes inefficiency
because companies will incur a cost to follow the legislation rather than
allowing the market to determine how privacy will be protected. In contrast, the The US approach views
privacy as a property right; that is, privacy is something you own and are
therefore entitled to control what is done with it, similar to the way you buy
and sell goods. Property is something you own and have the ability to sell to
another party. Advocates of this approach argue that it is more effective
because relying upon the market to protect privacy is more effective than
cumbersome government regulations. Individuals can negotiate the amount of
information they wish to provide. The market can offer incentives for
individuals who wish to provide more information. An individual has the choice
to release this information but once released, it becomes the property of the
party it is released to. The downside to this approach is that individuals may
not be aware of what happens to their information after they release it. Their
information can be sold again and again to other parties. Given the difference
between these two approaches, the The EU takes a
comprehensive attitude to privacy while the IV. Attitudes about privacy When it comes to providing
personal information, many people do not think twice. They adopt the attitude
of “I am not doing anything wrong, so I don’t mind providing information about
myself.” The issue with this way of thinking is that you don’t know what
happens with information once you provide it and you don‘t know the
consequences off allowing your privacy to be invaded. Rather than simply
divulging personal data, individuals should be asking why the information is
required and what will happen to it after it has been provided. You may be aware that there are cameras on the property
of your school and you may even support this because it makes your school
safer. People who are not doing anything wrong have nothing to fear, right? But
let’s say that one day you were caught on camera giving Sam a kiss goodbye
after your lunch date. This wouldn’t be a problem if you weren’t dating Pat.
What if someone saw you kiss Sam goodbye and told Pat? Not only has someone
taken your personal information and passed it along to someone else, you will
also have some explaining to do when Pat finds you. Although this is a relatively silly example, it
demonstrates the lack of control we have over our information. Once out there,
we don’t know where it goes or how it will be used in the future. Past UN Committee Actions The United Nations has enshrined privacy in the Universal Declaration of
Human Rights. In the past, the UN has commended that search and seizure,
electronic monitoring, seizing correspondence and wiretapping surveillance
should be prohibited and done on a case-by-case basis. The UN has also issued
this comment: The gathering and
holding of personal information on computers, data banks and other devices,
whether by public authorities or private individuals or bodies, must be
regulated by law. Effective measures have to be taken by States to ensure that information
concerning a person The Human Rights Council
appoints Special Rapporteurs to examine and monitor human rights issues. The
Special Rapporteurs are experts in particular areas of human rights. They
investigate issues, identify trends and bring policies, practices and measures
impacting human rights to the attention of the international community. In the
past, the Special Rapporteur has examined issues of privacy as it relates to
freedom of information. Proposed Solutions and Questions a Resolution Must
Answer As you can see, protecting
privacy is not an easy issue. It is difficult concept to define and there are
many different definitions. There is a balance between protecting the rights of
the individual against those of the state, particularly in regards to security
issues such as terrorism. Determining how to protect these rights depends
entirely on how you view privacy. In the European Union example, privacy is held as a human
right and is heavily legislated. It is a personal right that companies simply
cannot use. For the This committee may wish to look at how privacy will be
protected in the 21st century through seeking to define what “privacy”
means and the view the UN will take towards it. Is privacy a human right that
must be legislated? Or is it like a property right, something that can be
transferred to another party? There is no international agreement setting out
how privacy will be protected. Can this body create such a document? Questions and Suggestions to Guide Research First and foremost, what
approach does your country take to protecting privacy? What legislation has
your country passed regarding privacy? What challenges does your country face
with privacy protection? Knowing your own domestic situation, attitudes and
trends is crucial. Debates are won and lost because of knowledge of foreign policy. Before
you think about proposed solutions and methods of protecting privacy it
essential that you first understand how privacy is threatened and invaded every
day. This study guide is but a brief overview of the topic. There is so much
more out there and information you really do need to know. I highly encourage
you to read further about biometrics, identity cards, travel regulations,
mandatory drug testing, and internet regulation and privacy rights in the
workplace. You
should be aware of the impact of technology on privacy. Read Roger Clarke’s
article about dataveillance because it will help you better understand the ways
databases capture all of our personal information. It is also important that you
understand why privacy is a human rights issues and the ramifications it
can have, particularly in countries where human rights are violated every day.
Privacy is related to freedom of speech, association, equality rights and many
others. Although this study guide is framed from a technology perspective, privacy
and surveillance relate to many other issues. You may wish to bring this
forward in your committee. For less developed countries, new technology may be
a tool for increased 0repression. Web Resources: A List of Links Privacy International is the
Amnesty International of privacy issues. This is an excellent website. Check
out the 2006 Report and Country Reports for specific information about privacy
issues and individual country reports: www.privacyinternational.org The This site provides country
reports from governments and
non-governmental organizations: http://www.law.berkeley.edu/library/online/guides/international_foreign/humanRights/countryReports.html
The American Civil Liberties The “Report on the
Surveillance Society” has a very interesting chapter called “A Week in the Life
of the Surveillance Society 2006” that I consider essential background reading.
Click here
http://www.ico.gov.uk/upload/documents/library/data_protection/practical_application/surveillance_society_full_report_2006.pdf
and then skip ahead to page 48 for this quick (and interesting) read. If you’re too lazy to read
the above report (and shame on you, its really good), here’s a quick list of
ways governments and corporations can monitor you http://www.danbrown.com/secrets/bizarre_facts/digital_fortress.html
Roger Clarke is a giant in
the field of privacy research. He writes
about internet privacy and has introduced the concept of “dataveillance”
(monitoring people through the data trails they leave behind) and protecting
privacy in the 21st century. These articles will be very helpful for
you: http://www.anu.edu.au/people/Roger.Clarke/DV/ICurr9908.html http://www.anu.edu.au/people/Roger.Clarke/DV/PStrat.html http://www.anu.edu.au/people/Roger.Clarke/DV/PP21C.html The Center for Digital
Democracy has a list of sites for privacy research: http://www.democraticmedia.org/ddc/ReformResources/privacylinks.html
This article from the UNESCO
courier provides a good international perspective about privacy: http://findarticles.com/p/articles/mi_m1310/is_2001_March/ai_72299752
This article from the Hoover
Digest examines privacy challenges, particularly in regards to the human rights
vs. property right debate: http://www.hoover.org/publications/digest/3493266.html This article discusses how
technology threatens privacy: http://www.unesco.org/webworld/infoethics_2/eng/papers/paper_10.htm Questions about the
definition of privacy and the right to it? Answers.com is a good place to get you started: http://www.answers.com/topic/privacy-1?cat=biz-fin As always, the United Nations
website is a great place to look for background information, previous UN
actions and current approaches: www.un.org Further Suggested Bibliography Who says all reading should
be non-fictional? There is truth in fiction or, at the very least, something to
get you thinking further. I think these three books provide excellent
perspective on this topic and are guaranteed to get you thinking about privacy,
government and your rights: “Nineteen Eighty-Four” by George Orwell, Franz
Kafka’s “The Trial” and “Digital Fortress” by Dan Brown (yes, the DaVinci Code
guy). Each of these novels demonstrates
what can happen when we allow the government to have control over our personal
information. And if you’re like me with no time to read right now, get an audio
copy and listen to it in the car, at home, on your IPOD or MP-3 player or
anywhere you can. Bibliography Calucutt, David. Report of
the Committee on Privacy and Related Matters. Clarke, Roger. Introduction to
Dataveillance and Information Privacy, and Definitions of Terms. Davies, Simon. “…and the spy
who loves us all - invasion of privacy”. UNESCO Courier, March 2001http://findarticles.com/p/articles/mi_m1310/is_2001_March/ai_72299752
. Marzouki, Meryem. “Statement
on Human Rights, Human Dignity and the Information Society”
http://www.iris.sgdg.org/actions/smsi/hr-wsis/list/2002/msg00388.html Privacy and Human Rights 2005
Report: Overview of Privacy http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-543673
Rotenburg, Marc. “Preserving Privacy
in the Information Society” (article undated) http://www.unesco.org/webworld/infoethics_2/eng/papers/paper_10.htm. Singleton Solveig. “Privacy
and Human Rights: Comparing the United Nations Office of the High Commissioner for Human Rights. “General
Comment No. 16: The right to respect of privacy, family, home and
correspondence, and protection of honour and reputation (Art. 17)” Thirty Second Session, 1998 http://www.unhchr.ch/tbs/doc.nsf/0/23378a8724595410c12563ed004aeecd?Opendocument Waak, Erika. “The Global
Reach of Privacy Invasion” The Humanist. www.thehumanist.org/humanist/articles.waakND02.htm
November/December 2002. |