20 September 2013, 12:00 to 14:00
Room XXI, Palais des Nations, Geneva
Excellencies, distinguished delegates, ladies and gentlemen,
I thank the Permanent Missions of Austria, Germany, Hungary, Liechtenstein, Norway and Switzerland for inviting me to open this discussion on the protection of the right to privacy in the digital age.
Modern communications technology provides a powerful tool for democracy, by vastly increasing individuals’ access to information and facilitating their active participation in society. However, it has also contributed to a blurring of lines between the public and private sphere, and made possible unprecedented levels of interference with the right to privacy. Concerns have been raised recently over the broad scope of security surveillance regimes and the potential for intrusions which have been facilitated by modern technologies used in this context.
Today’s panel discussion is an important opportunity to address these issues, as well as to identify examples of good practice for the protection and promotion of the right to privacy, and explore ways to safeguard privacy and other related human rights in the digital age.
The right to privacy is anchored firmly in international human rights law. The modern benchmarks for the right to privacy at the international level are the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights, to date ratified by 167 States around the world.
Under its article 17, the ICCPR provides, and I quote, that “No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation”. It further states that “Everyone has the right to the protection of the law against such interference or attacks.”
The Human Rights Committee has provided important guidance in its General Comment 16 on the interpretation of article 17. According to the Committee, the term “unlawful” means that no interference can take place “except in cases envisaged by the law. Interference authorized by States can only take place on the basis of law, which itself must comply with the provisions, aims and objectives of the Covenant”.
The expression “arbitrary interference”, in the Committee’s view, can also extend to interference provided for under the law. The introduction of this concept, the Committee has explained, “is intended to guarantee that even interference provided for by law should be in accordance with the provisions, aims and objectives of the Covenant and should be, in any event, reasonable in the particular circumstances”.
It its General Comment 16, the Committee emphasizes that the right reflected in article 17 must be guaranteed against all such interferences and attacks whether they emanate from State authorities or from natural or legal persons. This guidance should be read together with that provided by the Committee in its General Comment 31 on the nature of the general legal obligation imposed on States Parties. There, the Committee has specified that “the positive obligations on States Parties to ensure Covenant rights will only be fully discharged if individuals are protected by the State, not just against violations of Covenant rights by its agents, but also against acts committed by private persons or entities that would impair the enjoyment of Covenant rights in so far as they are amenable to application between private persons or entities.”
The Committee has noted that there may be circumstances in which a failure to ensure Covenant rights would give rise to violations by States Parties of those rights, as a result of States Parties’ permitting or failing to take appropriate measures or to exercise due diligence to prevent, punish, investigate or redress the harm caused by such acts by private persons or entities. In this regard, the Committee has highlighted the requirement that privacy-related guarantees under article 17 must be protected by law.
So what are the challenges and questions that may need to be further explored in applying this legal framework and to promoting and protecting the right to privacy in the digital age? For today’s purposes, allow me to focus on five specific challenges.
A first challenge relates to the manner in which respect for the right to privacy is guaranteed by legislative, administrative or judicial authorities. Effective national legal frameworks are critical to ensuring protection against unlawful or arbitrary interference. Yet, in general, national legislation has not been adopted to match developments in communications technology and the surveillance measures these developments have facilitated. In addition, in some jurisdictions there is a lack of independent oversight to review surveillance measures, as a safeguard against abuse.
A second challenge is related to the fact that, even where adequate legislation and oversight mechanisms do exist, a lack of effective enforcement is bound to contribute to a lack of accountability for arbitrary or unlawful intrusions on the right to privacy.
A third challenge relates to the rapid and significant advances in communications and information technology, and a blurring of lines between the public and private sphere, which has prompted some to call for greater attention to the scope of the right to privacy. What is the meaning of ‘privacy’ or ‘private communication’, in the digital age? What are the privacy interests inherent in communications data transmitted over the internet or by mobile phone?
In recent years, UN special procedures mandate-holders have addressed some of these complex issues. In his report to the 23rd session of the Human Rights Council, the UN Special Rapporteur on the right to freedom of opinion and expression, Frank LaRue, explored the relationship between state surveillance, privacy and freedom of expression. I look forward to hearing more on his views from his presentation as a panellist here today.
A fourth related challenge concerns the definition of legitimate parameters for national security surveillance, which, increasingly, impacts on the right to privacy of individuals.
In the pursuit of legitimate national security interests, governments are entitled to gather and protect certain sensitive information, as well as to restrict access of the public to certain information (such as that pertaining to operations, sources and methods of intelligence services).
In so doing, however, they must ensure full compliance with international human rights law. Serious concerns are raised over the potential for national security overreach, without adequate safeguards to protect against abuse.
In his report to the Human Rights Council in 2010, the former Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, Martin Scheinin, highlighted the erosion of the right to privacy in the fight against terrorism, as a result of the use of surveillance powers and new technologies which are used without adequate legal safeguards. He noted that the increasing use of “data mining” by intelligence agencies “blurs the boundary between permissible targeted surveillance and problematic mass surveillance which potentially amounts to arbitrary or unlawful interference with privacy”.
The current Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism Ben Emmerson, also has addressed these issues recently, noting that “that there should be a debate on the extent to which the public in both States is prepared to tolerate official access to meta data.”
The last challenge I would like to draw to your attention relates to the responsibility of businesses themselves to respect privacy rights in the digital age. How to ensure that corporations in the communications and technology industry respect the right to privacy and other related human rights?
Again, States have an obligation to protect individuals against violations not only by their own agents, but also against acts of private persons or entities, including businesses. The Guiding Principles on Business and Human Rights, endorsed by the Human Rights Council in 2011, set out a global standard for preventing and addressing adverse impacts on human rights linked to business activity. There have been important multi-stakeholder efforts to clarify their application to the communications and information technology industry. One of the challenges, of course, lies in the transnational nature of the communications and information technology industry, which can create legal and jurisdictional hurdles to the effective protection of the right to privacy.
The challenges to protecting and promoting human rights in the face of fast-paced technological developments are complex. Civil society has contributed in important ways to addressing these difficult issues and I am pleased to see NGOs so well-represented here today. I hope that this side event will contribute to clarifying the complex issues related to the right to privacy in the digital age and to take these discussions forward. Thank you.