A presentation at the 'Information Privacy, Security and Forensics in the Digital Age' Symposium - a National Library of Wales / Aberystwyth University event 6th September 2012
Discourse on the public and private spheres in the digital age has aroused much critical commentary and has occasioned a revisioning of the meaning of public and private in the realm of information. Developments in on-line communication and commerce have popularised this debate and the question of what information is, or should be, public and private, is one which reflects the complexity and interconnectivity of personal and public personas.
In exploring the perceived potential for transparency and accountability, finding the balance between consumerism and control, collaboration and cyber security, and in developing communities of trust whilst being mindful of compliance and continuous enforcement is a challenge which benefits from interdisciplinary approaches. This symposium explores the boundaries of public and private in the digital ecology and includes contributions from a diverse range of fields: forensics, security, law, information and archival science, and social and mobile media.
There has been unprecedented activity in this area in the second decade of this millennium, culminating in a proclamation by the United Nations on access to the Internet as a human right, the deliberations of the Leveson Enquiry regarding press standards and surveillance culture and EU e-privacy and data protection reform, to name a few.
3. What is meant by Privacy?
The right to be let alone. (Brandeis, 1890)
Privacy is an interest of the human personality. It protects the
inviolate personality, the individual's independence, dignity and
integrity. (Bloustein 1964)
The desire of people to choose freely under what circumstances and
to what extent they will expose themselves, their attitudes and their
behaviour to others. (Westin, 1968)
The state of desired inaccess or freedom from unwanted access, with
access meaning perceiving a person with one’s senses (ie seeing,
hearing or touching him or her), obtaining physical proximity to him or
her and/or obtaining information about him or her. (Gavison 1980,
Moreham, 2005)
4. Types of Privacy
Information privacy
Bodily privacy
Privacy of communication
Territorial privacy
5. Why is privacy important?
Privacy as the right to be let alone – “a man’s
home is his castle”
Privacy as an aspect of personhood
Privacy as control over information
Privacy as limited access to the self
Privacy as secrecy
Privacy as a social and political value
6. Privacy & Data Protection – Twins
but not identical
Privacy covers issues relating to the protection of an
individual’s personal space – covering issues such as
private communication, unwarranted investigation,
physical integrity, protection of family life etc.
Data protection– To organise and control the way
personal data are processed. Focuses on the
informational rather than spatial or physical
dimensions of privacy. Right of information self-
determination – the right to have a say in how data
relating to oneself are processed by others.
7. Relevant Legislation: International
Customary International Law
Universal Declaration of Human Rights – Article 12
No one shall be subjected to arbitrary interference with his privacy, family, home
or correspondence, nor to attacks upon his honour or reputation. Everyone has the
right to the protection of the law against such interference or attacks for the
protection of the rights and freedoms of others.
Treaties and Covenants
International Covenant on Civil and Political Rights 1966 - Article 17
1. No one shall be subjected to arbitrary or unlawful interference with his privacy,
family, home or correspondence, nor to unlawful attacks on his honour and
reputation.
2. Everyone has the right to the protection of the law against such interference or
attacks.
8. Relevant Legislation: Regional
American Convention on Human Rights
Article 11. Right to Privacy
1. Everyone has the right to have his honor respected and his dignity recognized.
2. No one may be the object of arbitrary or abusive interference with his private life, his family,
his home, or his correspondence, or of unlawful attacks on his honor or reputation.
3. Everyone has the right to the protection of the law against such interference or attacks.
European Convention of Human Rights – Article 8 Right to respect for private and family life
1. Everyone has the right to respect for his private and family life, his home and his
correspondence.
2. There shall be no interference by a public authority with the exercise of this right except such
as is in accordance with the law and is necessary in a democratic society in the interests of
national security, public safety or the economic well-being of the country, for the prevention of
disorder or crime, for the protection of health or morals, or for the protection of the rights and
freedoms of others.
9. Relevant Legislation – Data Protection
Data Protection Directive 95/46 EC - was
adopted in 1995 with two objectives in mind:
to protect the fundamental right to data
protection and
to guarantee the free flow of personal data
between Member States.
New draft European Data Protection
regulation released 25 Jan 2012 –
harmonisation of laws on data protection.
One single European Law
10. State/Government threats to Privacy
Expansion of government online surveillance powers - threat to the
individual’s right to privacy?
USA- Stop Online Privacy Act, Protect IP Act, Trans Pacific Partnership
Agreement IP Charter
EU – Anti Counterfeiting Trade Agreement, Council of Europe’s
Convention on Cyber crime
Australia – Cybercrime Legislation Amendment Bill 2011
Egypt/Syria – Arab Spring
Access to Internet as basic human right – Frank La Rue UN Report
11. Business Threats to Privacy
Informational Privacy
Information Management/
Passive
Governance Sense Making
Digital Footprints
Digital Exhaust
Active
Data Mining
Data Analytics
Computer Assisted Review
13. #11 DP
Protection of Personal
data
Obligations of data
collectors
Minimum Standards on
Use of Personal Data
Monitoring by
Independent Data
Protection Authorities
14.
15. STAKEHOLDERS
Pluricentric (not unicentric)
networks (inter- or intraorganisational
the processes of governing or functions
specific risks and uncertainties
normative
Van Kersbergen and Van Waarden 2004,
16. Spectrum not Dichotomy
Individual autonomy Law enforcement
Empowering Cybercrime;
network security;
child crime, ID
theft; access
classified
information; hate
speech
Non-disclosure Sharing
17. Spectrum not Dichotomy
Open government Closed government
FoI DP
Rights of the Profit-driven data
Individual demands
Private sector-led Government
self regulation regulation
Soft law Hard law
Global Regional
Minimum standard Beyond national
standards
Rights , duties Responsibilities
18. Contact details
Kirsten Ferguson-Boucher
Department of Information Studies,
knb@aber.ac.uk
Sofia Cavandoli
Department of Law and Criminology
sfc@aber.ac.uk