Privacy and Internet Governance

Size: px
Start display at page:

Download "Privacy and Internet Governance"

Transcription

1 BERLIN JUNE 2014 # 7 Privacy and Internet Governance GOVERNMENT & PARLIAMENT PRIVATE SECTOR Industry Association, Geneva George Salama SAMENA Telecommunications Council, Dubai Nick Ashton-Hart Computer & Communications Petra Sitte Member of the German Bundestag (The Left) Susanne Dehmel BITKOM Germany Jan Malinowski Council of Europe, Georg Apenes Former Norwegian Data Inspectorate Head of Information Society PROPOSITION Peter Schaar Chairman of the European Academy for Freedom of Information and Data Protection Richard Hill Author, former ICT manager Jonne Soininen Internet Engineering Task Force Michael Komarow National Research University Lorena Jaume-Palasí Collaboratory, Berlin Rafik Dammak Member of the Steering Committee, Internet Stephanie Perrin Non-Commercial Stakeholders Group at ICANN Rights & Principles Coalition, Tokyo CIVIL SOCIETY Higher School of Economics, Moscow TECHNICAL & ACADEMIC COMMUNITY A publication by the Internet & Society Collaboratory Editor - Wolfgang Kleinwächter Internet & Society Co llaboratory

2 # 7 Privacy and Internet Governance A publication by the Internet & Society Collaboratory Editor Wolfgang Kleinwächter 1 st Edition ISBN

3 Contents 05 Internet Governance for the Cloud Society Preface 06 Wolfgang Kleinwächter Editorial PROPOSITION RESPONSES GOVERNMENT & PARLIAMENT 14 Peter Schaar The Internet and Big Data - Incompatible with Data Protection? 20 Jan Malinowski Big data: a challenge to privacy, a threat to society, an opportunity. Should we trust businesses with our privacy online or look to the state for protection? 25 Georg Apenes Switching Off the Age of Enlightenment? 27 Petra Sitte Big Data and Big Government necessitate a paradigm shift 64 Authors 68 About the Internet & Society Collaboratory

4 10 Abstract RESPONSES PRIVATE SECTOR RESPONSES CIVIL SOCIETY RESPONSES TECHNICAL & ACADEMIC COMMUNITY 33 Nick Ashton-Hart The Internet is not incompatible with data protection, but the debate we currently have about privacy largely is 37 Susanne Dehmel Modernizing data protection along with data processing technologies 40 George Salama Big Data: An Opportunity Combined With Privacy Concerns. A Regulatory Perspective 44 Stephanie Perrin The Internet and big data incompatible with data protection? We don t think so! A civil society perspective 49 Rafik Dammak The need for versatility in data protection 51 Lorena Jaume-Palasí Is data protection becoming incompatible with communication? 56 Jonne Soininen The Current State of Internet Security From A Technical Perspective 59 Michael Komarow Big Data leads to new international data processing policies 61 Richard Hill Schaar is both profetic and mainstream 69 MIND needs your support 70 Previous Issues and Authors of MIND 72 Imprint

5 Credit: Kmeron https://flic.kr/p/asg8g6 CC BY-NC-ND 2.0 https://creativecommons.org/licenses/by-nc-nd/2.0/

6 PREFACE Preface Internet Governance for the Cloud Society The discourse on Internet Governance has reached an inflection point. It has become clear what is really at stake for our societies. Billions of individuals spend a considerable part of their lives online: we communicate and work, we shop and study, we discuss and argue via the Internet. This development is unstoppable and it is changing our society. However, the Internet does not only have an ever growing impact of the lives of individuals, but it increasingly shapes the life of organizations alike. Nations and corporations are also online, administering, governing, doing business and enunciating their interests. Internet governance, therefore, is subject to a complex global struggle for power in the information age. It is our challenge to reconcile the desire for user data by industry and government with the fundamental rights and basic principles of civil rights and privacy. At the same time, the open and unrestricted character of the Internet needs to be preserved, as this openness drives knowledge, progress, growth and vital infrastructures - not just in the so-called first world. Privacy, however, is impossible to protect and strengthen without true global cooperation and willingness by governments and corporations alike. Internet Governance used to be about domain names and IP addresses. Nowadays, we need to build a global consensus on how to translate concepts of privacy, democracy, freedom and security into a world where big data, ubiquitous access, and the Internet of things transform how we live. With this issue, we hope to contribute to this debate. We must ensure that the Internet benefits society. The Collaboratory steering group Martin G. Löhe (chair), Dr. Marianne Wulff (vice chair), Dr. Michael Littger, Lena-Sophie Müller, Dr. Philipp S. Müller 7

7 Editorial Internet Governance and Privacy PROF. DR. WOLFGANG KLEINWÄCHTER, EDITOR Was there privacy in ancient times and in the Middle Ages? Whole tribes lived under one roof, and in a village everybody knew everything about everybody. If you go to the ruins of the old Roman city of Pompeii, you will learn that even the restrooms were public spaces. Today, privacy is seen as a fundamental individual human right, protected by Article 12 of the Universal Declaration of Human Rights which states: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. However, since the beginning of the Internet Age, we have seen growing unlimited access to all kinds of small and big personal data by transnational private corporations and governmental security agencies. Individual privacy is eroded and undermined. Private correspondence is checked by authorized or non-authorized parties. As soon as you are connected to the Internet via a fixed or mobile end device whether it is in your private home or in your hotel room, if you are walking in the street or riding in a car somebody on the other end of the line will know where you are, what you are doing, and what your plans will be. It is not only the usual skeptics who argue that the 21st century will see the end of privacy. Are we moving backwards into something like the digital Middle Ages? HISTORY OF PRIVACY The understanding of privacy as a legal right has its own history. It goes back to a case from the 17th century known as the Semayne s Case from 1604 when a British lawyer, Sir Edward Coke, stated: The house of every one is to him as his castle and fortress, as well for his defence against injury and violence as for his repose. The Semayne s Case acknowledged that the king did not have unbridled authority to intrude on his subjects dwellings, but recognized that government agents were permitted to conduct searches and seizures under certain conditions when their purpose was lawful and a warrant had been obtained. This has later been taken as a blueprint by James Madison when he introduced the 4th amendment to the US Constitution in 1789: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the 8

8 EDITORIAL persons or things to be seized. Later, in 1890, Samuel D. Warren and Louis D. Brandeis described privacy as the right to be let alone. The word privacy comes from the Latin privatus which means separated from the rest. The whole idea of the Internet is that we are connected, not separated, and that everybody can communicate with everybody anytime, anywhere. In the new virtual global village, we are all under one roof. Can we remain alone in cyberspace? Do we want to remain alone? How can protection work in a borderless space so that we as individuals are safe against unreasonable searches and seizures? How we can use the freedom we have won in the virtual world without risking losing our privacy if we use the Internet? This is a big question and finding the right answer is not easy. Credit: Ministerio TIC Colombia https://flic.kr/p/bejyer CC BY 2.0 https://creativecommons.org/licenses/ by/2.0/deed.de Code makers work at a higher speed than law makers. As we have seen in the last decade, technology always develops faster than our legal system. Code makers work at a higher speed than law makers. In the information age, it is the code that defines the space in which law makers now operate. This brings a lot of new flexibility to the system. On the other hand, social values, individual rights, and personal freedoms do not change overnight when new technologies are introduced. Our legal system has a high degree of stability which is needed in a democratic society. What we have learned in recent years is that a lot of new Internet based services and applications offer new opportunities but very often do not need new regulations. They can be managed and dealt with on the basis of our existing legal system, both nationally and internationally. From a legal point of view, there is no difference between stealing money offline and stealing money online. Stealing money is a crime, and a crime is a crime is a crime, offline as well as online. Doing harm to other people remains illegal whether it is done in the real or in the virtual world. Yes, there are new problems in borderless cyberspace. If providers and users of Internet based services operate under different jurisdictions, there is a pressure to harmonize national regulations or to decide which jurisdiction is relevant in a concrete controversial case. And yes, there are some new problems which have not yet been clearly defined in our traditional legal system, such as cloud computing or the linkage of objects to the Internet via interactive RFID chips. But neither cloud computing nor the Internet of Things leads to the disappearance of universal values or human rights. In this respect, it was very natural that the UN Human Rights Council stated in a resolution from June 2012 that the same rights that people have offline must also be protected online. THE UN RESOLUTION ON PRIVACY IN THE DIGITAL AGE This is also relevant for the right to privacy, as it was reaffirmed in the UN Resolution on the right to privacy in the digital age, initiated by Brazil and Germany and adopted at the 68th UN General Assembly in December The resolution notes inter alia that the rapid pace of technological development enables individuals all over the world to use new information and communication technologies and at the same time enhances the capacity of Governments, companies and individuals to undertake surveillance, interception and data collection, which may violate or abuse human rights, in particular the right to privacy, as set out in article 12 of the Universal Declaration of Human Rights and article 17 of the International Covenant on Civil and Political Rights, and is therefore an issue of increasing concern. This brings us to the question of whether all technologies that are invented and are available should be used in an unlimited way. There is a real question whether we need ethical, moral, and legal barriers for the use of certain types of technology. A person who owns a gun is not totally free to use this gun for everything. She or he has to respect concrete laws and if she/he ignores them and uses the gun against human beings, she/he will be punished and jailed. 9

9 In other words, we need restrictions on the use of communication technology which allows interference into our private homes, intrusion into our private communications, and surveillance of our day-to-day behavior by private or public parties, corporations, governments, or our unfriendly neighbors. For a fair balance, we need the protection of the law There can be reasons for a justified interference. But this has to be the exception and cannot be the rule. And it needs to go through a legal procedure where a neutral third party, based on evidence of a clear and present danger, checks the necessity and proportionality of such interference. In other words, there will be no one-sizefits-all solution. It has to be decided on a case by case basis, taking into account the specific circumstances. THE CHALLENGE TO FIND THE RIGHT BALANCE The big challenge here is to find the right balance. But one thing is also clear; this can t be left to the free market, where the individual Internet user has no adequate negotiation capacity against big corporations or big governments. For a fair balance, we need the protection of the law. As Jean Baptiste Lacordaire, the French philosopher, stated nearly two hundred years ago: Between the strong and the weak it is freedom that oppresses and the law that liberates. The 2013 UN Resolution on Privacy in the Digital Age is moving in the right direction here. The resolution reaffirms the human right to privacy, according to which no one shall be subjected to arbitrary or unlawful interference with his or her privacy, family, home or correspondence, and the right to the protection of the law against such interferences. It recognizes that the exercise of the right to privacy is important for the realization of the right to freedom of expression and to hold opinions without interference, and one of the foundations of a democratic society, and it emphasizes that unlawful or arbitrary surveillance and/or interception of communications, as well as unlawful or arbitrary collection of personal data, as highly intrusive acts, violate the rights to privacy and freedom of expression and may contradict the tenets of a democratic society. Furthermore, the resolution also notes that while concerns about public security may justify the gathering and protection of certain sensitive information, States must ensure full compliance with their obligations under international human rights law. And it expresses its deep concern about the negative impact that surveillance and/or interception of communications, including extraterritorial surveillance and/or interception of communications, as well as the collection of personal data, in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights. It concludes that States must ensure that any measures taken to combat terrorism are in compliance with their obligations under international law, in particular international human rights, refugee and humanitarian law. This is clear and balanced language adopted by UN member states and supported by a wide range of nongovernmental stakeholders, in particular from civil society. To find the right balance not only among governments and stakeholders but also between justified security concerns and individual privacy rights is not easy, but we have to face this challenge in the digital age. The right answer can be found only in a bottom-up, open and transparent multistakeholder policy development process. In this respect, it is good that the resolution invites the governments of the UN member states to review their procedures, practices and legislation regarding the surveillance of communications, their interception and the collection of personal data, including mass surveillance, interception and collection, with a view to upholding the right to privacy by ensuring the full and effective implementation of all their obligations under international human rights law and to establish or maintain existing independent, effective domestic oversight mechanisms capable of ensuring transparency, as appropriate, and accountability for State surveillance of communications, their interception and the collection of personal data. However, such a call should go beyond relevant activities by the governments of the UN member states and should also include the private sector, civil society, and the technical community. TOWARDS A MULTISTAKEHOLDER MODEL IN THE DEVELOPMENT OF PRIVACY POLICIES A lot of personal data and surveillance capacity is now in the hands of the private sector. While private corporations are obliged to respect the legislation of the country in which they operate, they often try to escape national legislation by jurisdiction shopping that is, to pick the country with the lowest standard of privacy laws as the place for starting business in borderless cyberspace. An inclusion of the private sector in a multistakeholder 10

10 EDITORIAL process to develop policies to respect individual privacy rights is as important as bringing civil society directly to the negotiation table. Networks like Privacy International, Human Rights Watch, Reporters without Borders, Article 19, Transparency International, Consumer International and others have to have a voice and a vote when it comes to global mechanisms which will enhance the protection of privacy in the digital age. And even more important is the inclusion of the technical community. This community has developed standards which enabled surveillance and enhanced control capacities. This community, as IETF or W3C, is now challenged to offer standards which will allow a higher protection of individual privacy. Privacy by design is a very concrete challenge for the Internet standard setting organizations, in particular when it comes to the next wave of services and applications relating to the Internet of Things. Furthermore, it needs an enhanced understanding of the various elements of privacy protection and more specifications. When the Global Business Dialogue on ecommerce (GBDe) discussed privacy concerns in 1999, they differentiated between sensitive and non-sensitive data. For sensitive data (data related to health, finances, sexual orientation, religion, and political affiliation), they proposed that a corporation should ask the individual if the corporation wanted to use this data (opt in). For non-sensitive data (such as shopping behavior, travel, open chats, searches), they proposed that corporations could use the data as long as the individual did not express an explicit reservation (opt out). This approach was not further investigated or translated into concrete legislation. But it shows that a multistakeholder approach widens the perspective and can bring more and reasonable arguments to the negotiation table. on how to enhance the multistakeholder model when it comes to policy development and decision making with regard to privacy issues in the Internet Governance Ecosystem. Principle 1.3 of the NetMundial Declaration says very clearly: The right to privacy must be protected. This includes not being subject to arbitrary or unlawful surveillance, collection, treatment and use of personal data. And the roadmap section of the Sao Paulo Declaration states: Mass and arbitrary surveillance undermines trust in the Internet and trust in the Internet governance ecosystem. Collection and processing of personal data by state and non-state actors should be conducted in accordance with international human rights law. More dialogue is needed on this topic at the international level using forums like the Human Rights Council and IGF aiming to develop a common understanding on all related aspects. This is a process and it will not be settled overnight. The next concrete step will be the report by the United Nations High Commissioner for Human Rights on the protection and promotion of the right to privacy in the context of domestic and extraterritorial surveillance and/ or interception of digital communications and the collection of personal data, including on a mass scale, to the Human Rights Council at its twenty-seventh session and to the General Assembly at its sixty-ninth session (2014), with views and recommendations, to be considered by Member States as it was decided by the UN General Assembly in There is still a long way to go. But the first steps have been taken. Do not expect big jumps. Let s go forward by taking more small steps, but let s move in the right direction. To take another example: the German constitution has included since the 1980s the right to informational self-determination which gives all rights regarding how to use personal data to the individual. In the 1990s, the right to access the secret files of the East German secret service (Stasi) was seen as a constitutional right. Can such an approach be globalized? Is it the right of an individual to know what information secret services around the world have collected about her or him? May I ask the NSA whether they have looked at my private communication and if yes, what do they have in their database? NET MUNDIAL In this respect, the final document adopted at the recent Global Multistakeholder Meeting on the Future of Internet Governance (NetMundial) can be a good guideline 11

11 PROPOSITION Peter Schaar recognizes the urgency to look for convincing solutions for the emerging challenges regarding data protection. Nowadays we are facing a high risk that the fundamental right to privacy and other core values of Western democracies will be lost. 12

12 RESPONSES GOVERNMENT AND PARLIAMENT PRIVATE SECTOR JAN MALINOWSKI focuses on issues where privacy is sometimes minimised by obscuring the relevance of the individual or citizen, presenting persons as mere data subjects. He sees states are the duty bearers of human rights. GEORG APENES PETRA SITTE identifies chances personal information can give to projects and plans that are generally accepted as being constructed for the common good. Still nowadays there are no tools that can protect individual privacy. sees fatal impacts of Big Data and Big Government if not all EU citizens were treated as domestic residents. This would lend the EU a much stronger position in negotiations with the US Administration on dismantling the surveillance system. NICK ASTHON-HART explains why the debate about data protection is incomplete and identifies false assumptions about the role of government, economy and competition law. He draws a line between governmental and economic use of personal data SUSANNE DEHMEL GEORGE SALAMA raises the need for new methods of processing in order to cope with the existing and ever growing amounts of data we produce. She is positive that Internet and big data are compatible with data protection. demands from a Big Data policy framework to not hinder innovation and investments by giving operators and Internet service providers. At the same time privacy settings should be simplified and redesigned. STEPHANIE PERRIN discusses why the value of big data should not be accepted as a given and that a societal value still has to be proved. She proposes five initiatives on how to meet this challenge and respond to the need for a broad coalition to defend the values we cherish in the information society. CIVIL SOCIETY TECHNICAL & ACADEMIC COMMUNITY RAFIK DAMMAK sees Big data as an evolution bringing new opportunities for businesses, but without a clear benefit for users. He explains how data protection and privacy can borrow the scalability principle in order to be able to handle the next technology threat to privacy. LORENA JAUME-PALASÍ refers to an impetus to store. Human acquisitiveness towards information did not change, but the access to it did. Instead of concentrating on data minimization we should concentrate on the values resulting from data in need of juridical protection. JONNE SOININEN states that the internet is more secure than ever since the Internet s technical community is developing technologies for increased security, whereas the public has created more awareness of privacy on the Internet. MICHAEL KOMAROV declares that technological development has overtaken the policy-making process and applications according to web 3.0 are likely to be far more effective at piecing together personal data than even traditional search engines. RICHARD HILL demands from parliaments to take action, both to stop mass surveillance by governments and to curtail the power of dominant service providers to obtain data from customers and use it as they see fit to generate large profits. 13

13

14 PROPOSITION Proposition PETER SCHAAR, CHAIRMAN OF THE EUROPEAN ACADEMY FOR FREEDOM OF INFORMATION AND DATA PROTECTION

15 Credit: Heinrich Böll Stiftung https:// creativecommons.org/ licenses/by-sa/2.0/ CC BY-SA 2.0 The Internet and Big Data - Incompatible with Data Protection? PETER SCHAAR, CHAIRMAN OF THE EUROPEAN ACADEMY FOR FREEDOM OF INFORMATION AND DATA PROTECTION 16

16 PROPOSITION The Internet is frequently used as a synonym for digital globalization. Today, data travels around the world within a split second. And big data represents a concept based on the idea of collecting as much data as possible the more data that is collected, the better the concept works. Ideas and rules which have grown over decades and centuries must be scrutinized to determine whether they still fit into the brave new cyber-reality. This also applies to the protection of privacy. The current concepts of data protection date back to the Sixties of the 20th century. Since then, the world has changed dramatically, particularly in the field of information processing. Fifty years ago, most data was still processed manually. The few computers there were had very limited processing capabilities. Automated processing was carried out in data processing centers separated from offices and other workplaces. And cross-border data transfer was the absolute exception. There is no question that given rapid technological development we urgently need to look for convincing solutions for the emerging challenges regarding data protection. Otherwise, the world will witness a further erosion of privacy. The advocates of privacy and fundamental rights must deal with the fact that some traditional rules of data protection are no longer effective in a world of ubiquitous and globalized information processing. In particular, the proponents of privacy have a vital interest in re-examining the current data protection regimes. Mass data is seen as an asset; the new oil of the information society. Most of the current data protection rules and regulations focus on the individual procedure used for data processing. The starting point of legal assessment has been the specific purpose. Personal data may be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes says Art. 6 of the European Data Protection Directive of The processing of data is permitted as long as it is adequate, relevant and not excessive in relation to the purposes for which the data is collected. The traditional key question is: which data is needed to fulfill a legitimate purpose? The main criteria are relevance and adequacy. In other words, data protection regulations consider data processing from a micro perspective: single pieces of data, an individual algorithm, a specific purpose. Today, companies and public bodies see data processing more and more from a macro perspective: how can data coming from various sources be used to better understand what s going on and to optimize procedures? In particular, mass data is seen as an asset; the new oil of the information society. Big data approaches are looking primarily for correlations and not for reasons. No big data apologist would even understand the question of which purpose a specific piece of data is to be collected for. The privacy community faces the challenge of integrating the macro perspective into a modern legal, political and economic framework. More systemic, technological and procedural instruments should be added to the data protection toolbox without forgetting that the fundamental rights of the individual remain indispensable. The protection of privacy remains an expression of human dignity it derives from a basic European constitutional understanding. That is not all; the individual has a right to informational self-determination so that he or she can freely develop his or her own personality. It is the individual who should basically determine which of his or her personal data is disclosed to whom and for which purposes it should be processed. Personal data must not be seen as the property of the controller (or processor) who has the practical means to access the information. Up to now, data processing has been based on the consent of the individual data subject who always has the right to withdraw his or her consent. After withdrawal, the controller must stop the processing. Even if data is collected for a specific purpose, in particular within the framework of a contractual relationship, this is no carte blanche for the data controller. Purpose limitation of personal data remains a legal requirement even in a new technological environment. On the other hand, changes of purpose might be associated with smaller risks if the data is anonymized or pseudonymized. Regulators should c onsider setting up incentives for data controllers to remove identifiers from data sets. One example of this approach is the distinction between personalized and pseudonymized profiles in the German Telemedia act. If a provider intends to carry out profiling with personal data including personal identifiers, he needs the explicit consent (opt in) of all individuals concerned. If the profiling is to be carried out without identifiers, the provider needs to inform the data subjects and offer them the opportunity to object (opt out). The basic data protection principles privacy and informational self-determination need to be preserved and protected in a changing world. Legislators, notably parliaments, are called upon to draw the exact boundaries between acceptable and unacceptable use of personal data. At least in the first instance, this is not primarily the task of the courts. Parliaments are the first port of 17

17 call for interpreting the requirements set up by constitutions. They also need to define concepts and concrete rules regarding the implementation of the right to data protection. This applies to public sector as well as to non-public actors, especially where huge, almost marketdominating companies are concerned. In a networked world, users need genuine alternatives much more than customers in other markets. What does that mean in detail? The core area of private life enjoys absolute protection under constitutional law, as the German Federal Constitutional Court pointed out in several rulings. Nobody has the right to cross this red line. It is not only eavesdropping on the bedroom by police or secret services that must be prohibited, but also the monitoring of highly personal, confidential electronic communications, as far as the core area of private life is affected. In this highly sensitive sphere, there is no justification for surveillance measures carried out by public authorities. Private companies are certainly not allowed to cross this red line either. Highly sensitive personal health data must not be used for advertising or for other commercial purposes without the explicit and voluntary consent of the individual concerned. Criminal penalties remain essential for the defense of these red lines. Fundamental rights must also be observed in the processing of data that, at first glance, appears less sensitive. For instance, in cases where data on purchasing behavior is used to determine the individual s health status, such as possible pregnancy, or political and religious views. These are not just the nightmares of a data protector; it is reality in the big data context, as shown by examples of American supermarket chains that operate in exactly this way. In addition, it is not an entirely new phenomenon. Even credit scoring systems used to assess the credit worthiness of a customer are mainly fed with harmless data but the results might have serious consequences for the loan applicants. Big data approaches will raise more and more questions like this. These questions cannot be solved by mere prohibition of the generation of additional knowledge. The risks for privacy and individual self-determination coming from statistical analyses of mass data should be limited by setting up procedural requirements. Privacy Impact Assessments ( PIA) the preventive, systematic assessment of the impact of specific technologies and the definition of protective measures might be an important tool to prevent, or at least diminish, negative consequences. The proposed basic regulation for data protection tabled by the European Commission more than two years ago contains interesting approaches for PIA that are worth developing further. More transparency can help individuals to exercise their right to informational self-determination and to protect their privacy. Data controllers are obliged to provide potential users and customers with the relevant information. Extensive privacy policies which are as long as a novel, and which nobody reads, provide pretended transparency only. Instead, the core information must be easily accessible and understandable. Who is responsible? What data will be processed? For what purpose and where? The data protection authorities need to continue to verify that the information provided by the data controllers meets these requirements. In addition, violations and false promises could be punished by individual claims for damages and secured by a right to mount class actions, such as those well known in the area of consumer protection. In a networked world, users need genuine alternatives much more than customers in other markets. If you want to buy a car, you have the choice between a lot of different types and brands and make your purchasing decision independent of other people s choices. In the market of interactive social networks, the situation is completely different: if all your friends are members of a specific service it is hard for you to leave, even if the provider changes his privacy settings in a way you do not agree with. In particular, the functioning of those markets that are fed by personal data is of great importance from a data protection perspective. The successful models of free services, mainly financed by targeted, personalized advertising, need to be brought under effective competition control. The user needs a free choice about which data he or she gives away to which provider under which conditions. The challenge of preventing monopolistic structures restricting the user s autonomy in Web 2.0 services has not yet been tackled by law-makers. Even in this field, the EU data protection package might provide an element of the solution by constituting a right to data portability. The user of interactive services, such as social networks, needs the opportunity to retrieve and extract his or her data from one provider in order to process it on his or her own computer or to transfer it to another provider. In order to prevent discrimination, a right to connectivity should be considered as well. Big Internet services at least if they are quasi monopolists in a specific class of services should be obliged to accept those users who comply with the respective rules. Moreover, Web 2.0 services should provide open interfaces to enable communications between members and non-members. 18

18 PROPOSITION Furthermore, there is the fundamental question of the integration of data protection in information technology in software as well as in hardware. Hardware identifiers allowing third parties to track users without their consent must be avoided. Nobody can dispute the fact that it is incompatible with data protection and with fair information principles that some apps suck almost all the data stored on smartphones, even if this data is not required for the apps functionalities. This is only one example of the shortcomings in the field of technological data protection. There are many more: if you become a member of a social network, many privacy settings are switched off by default. If you start a web search, most search engine providers get much more personal information than they need for carrying out the search or optimizing the algorithms. This needs to be changed if we want to prevent privacy fading away. IT systems need to be designed in a privacy-friendly way, giving the individual maximum control of his or her own data. But it is not sufficient to provide the user with privacy controls. Another important question is how products and services are delivered. Today, nobody would accept cars with weak safety settings or with airbag sensors not activated. In the IT market, however, many products and services are delivered without, or with a low level of, privacy precautions. The keywords for new thinking in this area are privacy by design and privacy by default. Technological data protection may help to bridge the gap between conflicting interests. Many tasks may be realized with anonymous, or at least pseudonymous, data. The legal framework for data protection should be both strong and flexible. Last but not least, it is unacceptable that governments and intelligence agencies are abusing the increasing international data transfer for bulk access to the transmitted data. As we have learned from the Snowden leaks, the NSA, GCHQ and other secret services collect as much data as they can. Legal safeguards focused on the protection of a country s own people and limited to national territory do not protect personal data in the increasingly globalized world. As a consequence of the secret services hunger for data, the trust in Internet services has collapsed. In particular, some providers of services that are global by nature fear substantial losses. Private and commercial customers fear that the data they give to these services would be secretly accessible to intelligence services without sufficient safeguards. Technical and legal changes may help to reconstruct trust. Data encryption and secure routing of data packets on the Internet should be promoted. On the other hand, there is a pressing need to change the legal frameworks for transborder data processing. The national interests exemption in almost all legal instruments for data protection concerning international transfers of personal data cannot be accepted any more. Additionally, there is a need to establish binding international data protection standards guaranteeing the protection of private life, as laid out in Art. 12 of the United Nations Charter of Human Rights. The legal framework for data protection should be both strong and flexible. Without robust enforcement, the legal requirements would remain theory. Without flexibility, every new technological development would undermine the rules and create the need for legal changes. The current German system of data protection is weak regarding enforcement, at least on the federal level. The Federal Commissioner for Data Protection has no power to fine and his decisions are not binding for providers of telecommunications and postal services falling under his supervision. On the other hand, there are a lot of federal laws with specific data protection provisions. This system is neither consistent nor flexible. The reform of data protection legislation on a European level should be seen as a chance to overcome these shortcomings. If the approaches to improve data privacy and data security on a European and an intercontinental level fail, there is a high risk that the fundamental right to privacy and other core values of Western democracies will be lost. As a reaction to the excessive surveillance programs of the NSA and GCHQ, several governments have started activities for strengthening national control over network infrastructures, as well as over Internet services. A negative effect of such efforts could be a balkanized Internet, split along national borders with censorship and thought control and intensified surveillance by national authorities. The pursuits of liberty and prosperity, free discussion and inclusion, closely linked to the information society, are at stake. There is a need for a broad coalition to defend these values. 19

19 20

20 RESPONSES GOVERNMENT & PARLIAMENT Responses Government and Parliament JAN MALINOWSKI, COUNCIL OF EUROPE, HEAD OF INFORMATION SOCIETY GEORG APENES, FORMER NORWEGIAN DATA INSPECTORATE PETRA SITTE, MEMBER OF THE GERMAN BUNDESTAG (THE LEFT) 21

Declaration of Internet Rights Preamble

Declaration of Internet Rights Preamble Declaration of Internet Rights Preamble The Internet has played a decisive role in redefining public and private space, structuring relationships between people and between people and institutions. It

More information

1 Data Protection Principles

1 Data Protection Principles Today, our personal information is being collected, shared, stored and analysed everywhere. Whether you are browsing the internet, talking to a friend or making an online purchase, personal data collection

More information

Charter of Consumer Rights in the Digital World

Charter of Consumer Rights in the Digital World DOC No: INFOSOC 37 08 DATE ISSUED: MARCH 2008 Charter of Consumer Rights in the Digital World Digital technologies contribute to an improvement in the quality of people s lives in many ways. They create

More information

EDRi s. January 2015. European Digital Rights Rue Belliard 20, 1040 Brussels www.edri.org @EDRi tel. +32 (0) 2 274 25 70

EDRi s. January 2015. European Digital Rights Rue Belliard 20, 1040 Brussels www.edri.org @EDRi tel. +32 (0) 2 274 25 70 EDRi s Red lines on TTIP January 2015 European Digital Rights Rue Belliard 20, 1040 Brussels www.edri.org @EDRi tel. +32 (0) 2 274 25 70 ABOUT EDRI European Digital Rights is a network of 34 privacy and

More information

7 August 2015. I. Introduction

7 August 2015. I. Introduction Suggestions for privacy-related questions to be included in the list of issues on Hungary, Human Rights Committee, 115th session, October-November 2015 I. Introduction 7 August 2015 Article 17 of the International

More information

Global Network Initiative Protecting and Advancing Freedom of Expression and Privacy in Information and Communications Technologies

Global Network Initiative Protecting and Advancing Freedom of Expression and Privacy in Information and Communications Technologies Global Network Initiative Protecting and Advancing Freedom of Expression and Privacy in Information and Communications Technologies Implementation Guidelines for the Principles on Freedom of Expression

More information

Honourable members of the National Parliaments of the EU member states and candidate countries,

Honourable members of the National Parliaments of the EU member states and candidate countries, Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National

More information

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE Représentant les avocats d Europe Representing Europe s lawyers CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION

More information

Draft WGIG Issues Paper on E-Commerce

Draft WGIG Issues Paper on E-Commerce Draft WGIG Issues Paper on E-Commerce This paper is a 'draft working paper' reflecting the preliminary findings of the drafting team. It has been subject to review by all WGIG members, but it does not

More information

Inquiry into the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014

Inquiry into the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 Inquiry into the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 AUSTRALIAN HUMAN RIGHTS COMMISSION SUBMISSION TO THE PARLIAMENTARY JOINT COMMITTEE ON INTELLIGENCE AND

More information

UNESCO S CONTRIBUTIONS TO THE DRAFT OUTCOME STATEMENT OF THE NETMUNDIAL CONFERENCE. Introduction

UNESCO S CONTRIBUTIONS TO THE DRAFT OUTCOME STATEMENT OF THE NETMUNDIAL CONFERENCE. Introduction UNESCO S CONTRIBUTIONS TO THE DRAFT OUTCOME STATEMENT OF THE NETMUNDIAL CONFERENCE 16 April 2014 (Highlighted in yellow below) Introduction 1. The Global Multistakeholder Meeting on the Future of Internet

More information

Cyber Security Recommendations October 29, 2002

Cyber Security Recommendations October 29, 2002 Cyber Security Recommendations October 29, 2002 Leading Co-Chair (Asia/Oceania) Co-Chair (Americas) Co-Chair (Europe/Africa) Dr. Hiroki Arakawa Executive Vice President NTT Data Corporation Richard Brown

More information

REPUBLIC OF THE PHILIPPINES HOUSE OF REPRESENTATIVES Quezon City, Metro Manila. SIXTEENTH CONGRESS First Regular Session. House Bill No.

REPUBLIC OF THE PHILIPPINES HOUSE OF REPRESENTATIVES Quezon City, Metro Manila. SIXTEENTH CONGRESS First Regular Session. House Bill No. REPUBLIC OF THE PHILIPPINES HOUSE OF REPRESENTATIVES Quezon City, Metro Manila SIXTEENTH CONGRESS First Regular Session 00 House Bill No. Introduced by Kabataan Party-list Representative Terry L. Ridon

More information

Just Net Coalition statement on Internet governance

Just Net Coalition statement on Internet governance Just Net Coalition statement on Internet governance (Just Net Coalition is a global coalition of civil society actors working on Internet governance issues) All states should work together to provide a

More information

Factsheet on the Right to be

Factsheet on the Right to be 101010 100101 1010 101 Factsheet on the Right to be 100 Forgotten ruling (C-131/12) 101 101 1) What is the case about and what did 100 the Court rule? 10 In 2010 a Spanish citizen lodged a complaint against

More information

DOC NO: INFOSOC 52/14 DATE ISSUED: June 2014. Resolution on the open and neutral Internet

DOC NO: INFOSOC 52/14 DATE ISSUED: June 2014. Resolution on the open and neutral Internet DOC NO: INFOSOC 52/14 DATE ISSUED: June 2014 Resolution on the open and neutral Internet Introduction This resolution builds on the TACD net neutrality resolution of April 2010 1, which called for policies

More information

A/HRC/28/L.27. General Assembly. United Nations

A/HRC/28/L.27. General Assembly. United Nations United Nations General Assembly Distr.: Limited 24 March 2015 Original: English A/HRC/28/L.27 Human Rights Council Twenty-eighth session Agenda item 3 Promotion and protection of all human rights, civil,

More information

Regulation of Investigatory Powers Act 2000

Regulation of Investigatory Powers Act 2000 Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice 6 February 2015 Ministerial Foreword The abilities to read or listen

More information

International Privacy and Data Security Requirements. Benedict Stanberry, LLB LLM MRIN Director, Centre for Law Ethics and Risk in Telemedicine

International Privacy and Data Security Requirements. Benedict Stanberry, LLB LLM MRIN Director, Centre for Law Ethics and Risk in Telemedicine International Privacy and Data Security Requirements Benedict Stanberry, LLB LLM MRIN Director, Centre for Law Ethics and Risk in Telemedicine Aims of this Presentation. To provide a brief overview of

More information

Civil Rights, Security and Consumer Protection in the EU

Civil Rights, Security and Consumer Protection in the EU Internationale Politikanalyse Internationale Politikanalyse International Policy Analysis European Integration Working Group* Civil Rights, Security and Consumer Protection in the EU Civil Liberties: Data

More information

Annex 1 Primary sources for international standards

Annex 1 Primary sources for international standards Annex 1 Primary sources for international standards 1. The United Nations The 1948 Universal Declaration of Human Rights Article 20 1. Everyone has the right to freedom of peaceful assembly and association.

More information

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 21.9.2005 COM(2005) 438 final 2005/0182 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the retention of data processed

More information

Online Ads: A new challenge for privacy? Jörg Polakiewicz*

Online Ads: A new challenge for privacy? Jörg Polakiewicz* 31st International Conference of Data Protection and Privacy Commissioners, Madrid Thursday 5 November 2009, 15.00-16.30 Parallel Session A Smile! There s a camera behind the ad or Send it to a friend

More information

Principles of Oversight and Accountability For Security Services in a Constitutional Democracy. Introductory Note

Principles of Oversight and Accountability For Security Services in a Constitutional Democracy. Introductory Note Principles of Oversight and Accountability For Security Services in a Constitutional Democracy Introductory Note By Kate Martin and Andrzej Rzeplinski The 1990 s saw remarkable transformations throughout

More information

CRIMINAL LAW & YOUR RIGHTS MARCH 2008

CRIMINAL LAW & YOUR RIGHTS MARCH 2008 CRIMINAL LAW & YOUR RIGHTS MARCH 2008 1 What are your rights? As a human being and as a citizen you automatically have certain rights. These rights are not a gift from anyone, including the state. In fact,

More information

E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY

E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:

More information

DATE: 1 APRIL 2014. Introduction

DATE: 1 APRIL 2014. Introduction INTERNET SOCIETY SUBMISSION TO THE OFFICE OF THE HIGH COMMISSIONER FOR HUMAN RIGHTS IN RESPONSE TO THE CONSULTATION ON THE RIGHT TO PRIVACY IN THE CONTEXT OF THE UN GENERAL ASSEMBLY RESOLUTION 68/167 DATE:

More information

Online Research and Investigation

Online Research and Investigation Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law

More information

Value of the EU Data Protection Reform against the Big Data challenges. Keynote address 5th European Data Protection Days Berlin, 4.5.

Value of the EU Data Protection Reform against the Big Data challenges. Keynote address 5th European Data Protection Days Berlin, 4.5. Value of the EU Data Protection Reform against the Big Data challenges Keynote address 5th European Data Protection Days Berlin, 4.5.2015 Giovanni Buttarelli European Data Protection Supervisor (Check

More information

Response of the Northern Ireland Human Rights Commission on the Health and Social Care (Control of Data Processing) NIA Bill 52/11-16

Response of the Northern Ireland Human Rights Commission on the Health and Social Care (Control of Data Processing) NIA Bill 52/11-16 Response of the Northern Ireland Human Rights Commission on the Health and Social Care (Control of Data Processing) NIA Bill 52/11-16 Summary The Northern Ireland Human Rights Commission (the Commission):

More information

DOC NO: INFOSOC 53/15 DATE ISSUED: June 2015. Resolution on the open and neutral Internet

DOC NO: INFOSOC 53/15 DATE ISSUED: June 2015. Resolution on the open and neutral Internet DOC NO: INFOSOC 53/15 DATE ISSUED: June 2015 Resolution on the open and neutral Internet Introduction This resolution builds on the TACD net neutrality resolutions of April 2010 1 and June 2014 2, which

More information

RECOMMENDATION CONCERNING THE PROMOTION AND USE OF MULTILINGUALISM AND UNIVERSAL ACCESS TO CYBERSPACE

RECOMMENDATION CONCERNING THE PROMOTION AND USE OF MULTILINGUALISM AND UNIVERSAL ACCESS TO CYBERSPACE RECOMMENDATION CONCERNING THE PROMOTION AND USE OF MULTILINGUALISM AND UNIVERSAL ACCESS TO CYBERSPACE UNESCO, Paris CONTENTS PREAMBLE... 1 Development of multilingual content and systems... 2 Facilitating

More information

Thank you for the opportunity to join you here today.

Thank you for the opportunity to join you here today. Ambassador Daniel A. Sepulveda Remarks on the U.S. Privacy Framework and Signals Intelligence Reforms November 3, 2015 Digital Europe Brussels, Belgium Thank you for the opportunity to join you here today.

More information

Committee of Ministers - The promotion of Internet and online media services a...

Committee of Ministers - The promotion of Internet and online media services a... Page 1 of 5 Ministers Deputies CM Documents CM/AS(2010)Rec1882 final 18 June 2010 The promotion of Internet and online media services appropriate for minors Parliamentary Assembly Recommendation 1882 (2009)

More information

Comments and proposals on the Chapter II of the General Data Protection Regulation

Comments and proposals on the Chapter II of the General Data Protection Regulation Comments and proposals on the Chapter II of the General Data Protection Regulation Ahead of the trialogue negotiations in September, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International

More information

Table of contents: ***

Table of contents: *** Table of contents: *** In Europe the issue of personal data protection is settled by European Parliament s and European Council s Directive 95/46/WE of October 24, 1995 (which is basis of Polish regulations)

More information

Privacy in the Cloud A Microsoft Perspective

Privacy in the Cloud A Microsoft Perspective A Microsoft Perspective November 2010 The information contained in this document represents the current view of Microsoft Corp. on the issues discussed as of the date of publication. Because Microsoft

More information

ATLANTA DECLARATION AND PLAN OF ACTION FOR THE ADVANCEMENT OF THE RIGHT OF ACCESS TO INFORMATION

ATLANTA DECLARATION AND PLAN OF ACTION FOR THE ADVANCEMENT OF THE RIGHT OF ACCESS TO INFORMATION ATLANTA DECLARATION AND PLAN OF ACTION FOR THE ADVANCEMENT OF THE RIGHT OF ACCESS TO INFORMATION We, over 125 members of the global access to information community from 40 countries, representing governments,

More information

EUROPEAN UNION. Brussels, 12 July 2002 (OR. en) PE-CONS 3636/02 2000/0189 (COD) LEX 365 ECO 217 CODEC 778

EUROPEAN UNION. Brussels, 12 July 2002 (OR. en) PE-CONS 3636/02 2000/0189 (COD) LEX 365 ECO 217 CODEC 778 EUROPEAN UNION THE EUROPEAN PARLIAMT THE COUNCIL Brussels, 12 July 2002 (OR. en) 2000/0189 (COD) LEX 365 PE-CONS 3636/02 ECO 217 CODEC 778 DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMT AND OF THE COUNCIL

More information

Business Analytics, Big Data, and the Cloud

Business Analytics, Big Data, and the Cloud Strategy Business Analytics, Big Data, and the Cloud Regulatory requirements when mining information treasure 14 Detecon Management Report 3 / 2012 Business Analytics, Big Data, and the Cloud Björn Froese

More information

DRAFT DATA RETENTION AND INVESTIGATORY POWERS BILL

DRAFT DATA RETENTION AND INVESTIGATORY POWERS BILL DRAFT DATA RETENTION AND INVESTIGATORY POWERS BILL INTRODUCTION EXPLANATORY NOTES 1. These explanatory notes relate to the Draft Data Retention and Investigatory Powers Bill. They have been prepared by

More information

Personal Data Act (1998:204);

Personal Data Act (1998:204); Personal Data Act (1998:204); issued 29 April 1998. Be it enacted as follows. General provisions Purpose of this Act Section 1 The purpose of this Act is to protect people against the violation of their

More information

STEERING COMMITTEE ON THE MEDIA AND NEW COMMUNICATION SERVICES (CDMC)

STEERING COMMITTEE ON THE MEDIA AND NEW COMMUNICATION SERVICES (CDMC) Strasbourg, 9 January 2012 CDMC(2011)018Rev8 STEERING COMMITTEE ON THE MEDIA AND NEW COMMUNICATION SERVICES (CDMC) Draft declaration of the Committee of Ministers on the desirability of international standards

More information

AFRICAN DECLARATION on Internet Rights and Freedoms

AFRICAN DECLARATION on Internet Rights and Freedoms AFRICAN DECLARATION on Internet Rights and Freedoms Last updated 28 August 2014 Emphasising that the Internet is an enabling space and resource for the realisation of all human rights, including the right

More information

29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States

29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States 29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States Key data protection points for the trilogue on the data protection directive in the field

More information

Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits

Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big data s benefits Seminar arranged by the Office

More information

Draft Resolution for the United Nations Human Rights Council 30 th Session, September 14-25, 2015. Situation of Human Rights in Venezuela

Draft Resolution for the United Nations Human Rights Council 30 th Session, September 14-25, 2015. Situation of Human Rights in Venezuela Draft Resolution for the United Nations Human Rights Council 30 th Session, September 14-25, 2015 Situation of Human Rights in Venezuela The Human Rights Council, Guided by the Charter of the United Nations

More information

Guidelines on Executive Order on Information and Consent Required in Case of Storing and Accessing Information in End-User Terminal Equipment

Guidelines on Executive Order on Information and Consent Required in Case of Storing and Accessing Information in End-User Terminal Equipment Guidelines on Executive Order on Information and Consent Required in Case of Storing and Accessing Information in End-User Terminal Equipment ("Cookie Order") 2nd version, April 2013 Preface...3 1. Introduction...5

More information

Committee on Civil Liberties, Justice and Home Affairs - The Secretariat - Background Note on

Committee on Civil Liberties, Justice and Home Affairs - The Secretariat - Background Note on Committee on Civil Liberties, Justice and Home Affairs - The Secretariat - Background Note on US Legal Instruments for Access and Electronic Surveillance of EU Citizens Introduction This note presents

More information

DECLARATION ON STRENGTHENING GOOD GOVERNANCE AND COMBATING CORRUPTION, MONEY-LAUNDERING AND THE FINANCING OF TERRORISM

DECLARATION ON STRENGTHENING GOOD GOVERNANCE AND COMBATING CORRUPTION, MONEY-LAUNDERING AND THE FINANCING OF TERRORISM MC.DOC/2/12 Organization for Security and Co-operation in Europe Ministerial Council Dublin 2012 Original: ENGLISH Second day of the Nineteenth Meeting MC(19) Journal No. 2, Agenda item 7 DECLARATION ON

More information

In an age where so many businesses and systems are reliant on computer systems,

In an age where so many businesses and systems are reliant on computer systems, Cyber Security Laws and Policy Implications of these Laws In an age where so many businesses and systems are reliant on computer systems, there is a large incentive for maintaining the security of their

More information

Interception of Communications Code of Practice. Pursuant to section 71 of the Regulation of Investigatory Powers Act 2000

Interception of Communications Code of Practice. Pursuant to section 71 of the Regulation of Investigatory Powers Act 2000 Interception of Communications Code of Practice Pursuant to section 71 of the Regulation of Investigatory Powers Act 2000 Draft for public consultation February 2015 Contents Contents... 2 1. General...

More information

Minister Shatter presents Presidency priorities in the JHA area to European Parliament

Minister Shatter presents Presidency priorities in the JHA area to European Parliament Minister Shatter presents Presidency priorities in the JHA area to European Parliament 22 nd January 2013 The Minister for Justice, Equality and Defence, Alan Shatter TD, today presented the Irish Presidency

More information

The European psychologist in forensic work and as expert witness

The European psychologist in forensic work and as expert witness The European psychologist in forensic work and as expert witness Recommendations for an ethical practice 1. Introduction 1.1 These recommendations are made to the EFPPA member associations, advising that

More information

IN THE SUPREME COURT OF BRITISH COLUMBIA NOTICE OF CIVIL CLAIM. This action has been started by the plaintiff for the relief set out in Part 2 below.

IN THE SUPREME COURT OF BRITISH COLUMBIA NOTICE OF CIVIL CLAIM. This action has been started by the plaintiff for the relief set out in Part 2 below. IN THE SUPREME COURT OF BRITISH COLUMBIA No. ----- Vancouver Registry BETWEEN: THE BRITISH COLUMBIA CIVIL LIBERTIES ASSOCIATION Plaintiff AND: THE ATTORNEY GENERAL OF CANADA Defendant Narne and address

More information

Five Myths Regarding Privacy and Law Enforcement Access to Personal Information in the European Union and the United States

Five Myths Regarding Privacy and Law Enforcement Access to Personal Information in the European Union and the United States Five Myths Regarding Privacy and Law Enforcement Access to Personal Information in the European Union and the United States Cloud computing is one of the Internet s great innovations, enabling individuals

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD

More information

CEAS ANALYSIS. of the Law on Amendments of the Law on the Security Intelligence Agency

CEAS ANALYSIS. of the Law on Amendments of the Law on the Security Intelligence Agency CEAS ANALYSIS of the Law on Amendments of the Law on the Security Intelligence Agency Belgrade, July 2014. CEAS is supported by the Rockefeller Brother s Fund The views and analysis in this report do not

More information

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS

More information

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I.

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I. International Chamber of Commerce The world business organization Policy Statement Employee privacy, data protection and human resources Prepared by the Commission on E-Business, IT and Telecoms I. Introduction

More information

DRAFT BILL PROPOSITION

DRAFT BILL PROPOSITION DRAFT BILL PROPOSITION Establishes principles, guarantees, rights and obligations related to the use of the Internet in Brazil. THE NATIONAL CONGRESS decrees: CHAPTER I PRELIMINAR PROVISIONS Article 1.

More information

Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament

Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament September 5, 2012 Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament Lara Comi Rapporteur, Committee on Internal market and Consumer Protection

More information

PROTECTING HUMAN RIGHTS IN THE UK THE CONSERVATIVES PROPOSALS FOR CHANGING BRITAIN S HUMAN RIGHTS LAWS

PROTECTING HUMAN RIGHTS IN THE UK THE CONSERVATIVES PROPOSALS FOR CHANGING BRITAIN S HUMAN RIGHTS LAWS PROTECTING HUMAN RIGHTS IN THE UK THE CONSERVATIVES PROPOSALS FOR CHANGING BRITAIN S HUMAN RIGHTS LAWS HUMAN RIGHTS IN CONTEXT Britain has a long history of protecting human rights at home and standing

More information

BEREC Monitoring quality of Internet access services in the context of Net Neutrality

BEREC Monitoring quality of Internet access services in the context of Net Neutrality BEREC Monitoring quality of Internet access services in the context of Net Neutrality BEUC statement Contact: Guillermo Beltrà - digital@beuc.eu Ref.: BEUC-X-2014-029 28/04/2014 BUREAU EUROPÉEN DES UNIONS

More information

The reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012

The reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012 The reform of the EU Data Protection framework - Building trust in a digital and global world 9/10 October 2012 Questionnaire addressed to national Parliaments Please, find attached a number of questions

More information

ETNO Reflection Document in reply to the EC consultation on Future networks and the Internet early challenges regarding the Internet of things

ETNO Reflection Document in reply to the EC consultation on Future networks and the Internet early challenges regarding the Internet of things ETNO Reflection Document in reply to the EC consultation on Future networks and the Internet early challenges regarding the Internet of things November 2008 Executive Summary The Internet of the future

More information

INERTIA ETHICS MANUAL

INERTIA ETHICS MANUAL SEVENTH FRAMEWORK PROGRAMME Smart Energy Grids Project Title: Integrating Active, Flexible and Responsive Tertiary INERTIA Grant Agreement No: 318216 Collaborative Project INERTIA ETHICS MANUAL Responsible

More information

DER HESSISCHE DATENSCHUTZBEAUFTRAGTE

DER HESSISCHE DATENSCHUTZBEAUFTRAGTE DER HESSISCHE DATENSCHUTZBEAUFTRAGTE als Vorsitzender der Konferenz der Datenschutzbeauftragten des Bundes und der Länder 2015 Conference of the Data Protection Commissioners of the Federal Government

More information

Position Paper: Berlin, 31 March 2014. Legislative intentions to increase IT Security

Position Paper: Berlin, 31 March 2014. Legislative intentions to increase IT Security Position Paper: Berlin, 31 March 2014 Legislative intentions to increase IT Security eco the Association of the sees itself as lobbyist and supporter of all companies that are involved in the economic

More information

The right to participate in public affairs, voting rights and the right of equal access to public service. (Article 25)

The right to participate in public affairs, voting rights and the right of equal access to public service. (Article 25) General Comment No. 25: The right to participate in public affairs, voting rights and the right of equal access to public service (Art. 25) :. 12/07/96. CCPR/C/21/Rev.1/Add.7, General Comment No. 25. (General

More information

Comments and proposals on the Chapter IV of the General Data Protection Regulation

Comments and proposals on the Chapter IV of the General Data Protection Regulation Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International

More information

Memorandum! Is Big Data the right recipe for Europe?

Memorandum! Is Big Data the right recipe for Europe? has been around for years on account Ulrich Seldeslachts CEO, LSEC Leaders In Security (moderator) Data is a new class of economic asset; it s like currency, which means you have to do something with it

More information

Accountability: Data Governance for the Evolving Digital Marketplace 1

Accountability: Data Governance for the Evolving Digital Marketplace 1 Accountability: Data Governance for the Evolving Digital Marketplace 1 1 For the past three years, the Centre for Information Policy Leadership at Hunton & Williams LLP has served as secretariat for the

More information

Privacy & Data Security: The Future of the US-EU Safe Harbor

Privacy & Data Security: The Future of the US-EU Safe Harbor Privacy & Data Security: The Future of the US-EU Safe Harbor NAOMI MCBRIDE, LISA J. SOTTO AND BRIDGET TREACY, HUNTON & WILLIAMS LLP, WITH PRACTICAL LAW US INTELLECTUAL PROPERTY & TECHNOLOGY AND UK IP&IT

More information

Advance copy of the authentic text. The copy certified by the Secretary-General will be issued at a later time.

Advance copy of the authentic text. The copy certified by the Secretary-General will be issued at a later time. PROTOCOL TO PREVENT, SUPPRESS AND PUNISH TRAFFICKING IN PERSONS, ESPECIALLY WOMEN AND CHILDREN, SUPPLEMENTING THE UNITED NATIONS CONVENTION AGAINST TRANSNATIONAL ORGANIZED CRIME Advance copy of the authentic

More information

Date Page 28 January 2009 1(11)

Date Page 28 January 2009 1(11) Date Page 28 January 2009 1(11) PTS-ER-2009:6 Network neutrality Summary The purpose of this memorandum is to describe the concept of network neutrality, the rules, and the role of PTS now and in the future.

More information

European Union Law and Online Gambling by Marcos Charif

European Union Law and Online Gambling by Marcos Charif With infringement proceedings, rulings by the European Court of Justice (ECJ) and the ongoing lack of online gambling regulation at EU level, it is important to understand the extent to which member states

More information

2. The project INDECT been criticized from many sides. It appears mainly from the fear of total surveillance of the EU population.

2. The project INDECT been criticized from many sides. It appears mainly from the fear of total surveillance of the EU population. 1. What is the current status of the project? INDECT started the 3rd year of work. Almost 3 years are ahead of the project. All project tasks are realized according to the schedule. Current status of the

More information

Introduction to HIPAA Privacy

Introduction to HIPAA Privacy Introduction to HIPAA Privacy is published by HCPro, Inc. Copyright 2003 HCPro, Inc. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, in any

More information

RESOLUTION ADOPTED BY THE GENERAL ASSEMBLY. [on the report of the Third Committee (A/53/625/Add.2)]

RESOLUTION ADOPTED BY THE GENERAL ASSEMBLY. [on the report of the Third Committee (A/53/625/Add.2)] UNITED NATIONS A General Assembly Distr. GENERAL A/RES/53/144 8 March 1999 Fifty-third session Agenda item 110 (b) RESOLUTION ADOPTED BY THE GENERAL ASSEMBLY [on the report of the Third Committee (A/53/625/Add.2)]

More information

The codification of criminal law and current questions of prison matters

The codification of criminal law and current questions of prison matters The codification of criminal law and current questions of prison matters Kondorosi Ferenc Under Secretary of State Ministry of Justice Hungary Criminal law is the branch of law, in which society s expectations

More information

Procedural Safeguards in Criminal Justice: the EU s Roadmap. prof. Raimundas Jurka 2013-05-10

Procedural Safeguards in Criminal Justice: the EU s Roadmap. prof. Raimundas Jurka 2013-05-10 Procedural Safeguards in Criminal Justice: the EU s Roadmap prof. Raimundas Jurka 2013-05-10 1 Contents of Presentation 1. General outlines on the EU s roadmap on procedural guarantees; 2. Approximation

More information

European Privacy Reporter

European Privacy Reporter Is this email not displaying correctly? Try the web version or print version. ISSUE 02 European Privacy Reporter An Update on Legal Developments in European Privacy and Data Protection November 2012 In

More information

Mr. Craig Mokhiber Chief Development and Economic and Social Issues Branch UN Office of the High Commissioner for Human Rights (OHCHR) April 12, 2013

Mr. Craig Mokhiber Chief Development and Economic and Social Issues Branch UN Office of the High Commissioner for Human Rights (OHCHR) April 12, 2013 Mr. Craig Mokhiber Chief Development and Economic and Social Issues Branch UN Office of the High Commissioner for Human Rights (OHCHR) April 12, 2013 Dear Mr Mokhiber, We welcome the commitment of the

More information

Technical Questions on Data Retention

Technical Questions on Data Retention Technical Questions on Data Retention 1) The list of data in the annex of the proposed Directive on Data retention is practically identical to the information required in the Council draft Framework Decision.

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

This letter is to provide you with our views on the minimum criteria for the impact assessment and subsequent legislative proposal.

This letter is to provide you with our views on the minimum criteria for the impact assessment and subsequent legislative proposal. Dear Commissioner Malmström, As you know, we have been closely involved in consultations with the European Commission with regard to the impact assessment on, and probable review of, the Data Retention

More information

Guidelines on Data Protection. Draft. Version 3.1. Published by

Guidelines on Data Protection. Draft. Version 3.1. Published by Guidelines on Data Protection Draft Version 3.1 Published by National Information Technology Development Agency (NITDA) September 2013 Table of Contents Section One... 2 1.1 Preamble... 2 1.2 Authority...

More information

Myanmar: News Media Law

Myanmar: News Media Law 2014 Executive summary This analysis examines the compliance of the 2014 News Media Law of Myanmar with international standards on freedom of expression and media freedom. The News Media Law introduces

More information

Data Protection Working Group. Final Report on the Draft Data Protection Bill

Data Protection Working Group. Final Report on the Draft Data Protection Bill Data Protection Working Group Final Report on the Draft Data Protection Bill Background In August 2009, upon a request from the Hon. Attorney General, the Governor-in-Cabinet established a Data Protection

More information

Building Consumer Trust Internet Payments

Building Consumer Trust Internet Payments Building Consumer Trust Internet Payments Leading Co-Chair (Europe/Africa): Co-Chair (Asia/Oceania): Hermann-Josef Lamberti Executive Vice President & Member of the Board Deutsche Bank Toshiro Kawamura

More information

CYBERCRIME AND THE LAW

CYBERCRIME AND THE LAW CYBERCRIME AND THE LAW INTERNATIONAL LAW CYBERCRIME CONVENTION Convention on Cybercrime / Budapest Convention first international treaty seeking to address Internet and computer crime by harmonizing national

More information

Application of Data Protection Concepts to Cloud Computing

Application of Data Protection Concepts to Cloud Computing Application of Data Protection Concepts to Cloud Computing By Denitza Toptchiyska Abstract: The fast technological development and growing use of cloud computing services require implementation of effective

More information

Binding Corporate Rules ( BCR ) Summary of Third Party Rights

Binding Corporate Rules ( BCR ) Summary of Third Party Rights Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting

More information

Financial Services and Technology Forum 10 July 2013. TOPIC: Cyber Security

Financial Services and Technology Forum 10 July 2013. TOPIC: Cyber Security Financial Services and Technology Forum 10 July 2013 Panellists: TOPIC: Cyber Security MEP Christian Engström (Greens, Sweden) Emmanuel Cabau, DG CONNECT, European Commission Cathrin Bauer-Bulst, DG HOME,

More information

4-column document Net neutrality provisions (including recitals)

4-column document Net neutrality provisions (including recitals) 4-column document Net neutrality provisions (including recitals) [Text for technical discussions. It does not express any position of the Commission or its services] Proposal for a REGULATION OF THE EUROPEAN

More information

Technical non-paper on open Internet provisions and related end-user rights (3/6/2015)

Technical non-paper on open Internet provisions and related end-user rights (3/6/2015) Technical non-paper on open Internet provisions and related end-user rights (3/6/2015) This non-paper has been prepared as technical assistance upon the co-legislators' request on 2/6 and shall not be

More information

wwwww The Code of Ethics for Social Work Statement of Principles

wwwww The Code of Ethics for Social Work Statement of Principles wwwww The Code of Ethics for Social Work Statement of Principles Copyright British Association of Social Workers Date: January 2012 Author: The Policy, Ethics and Human Rights Committee Contact: Fran McDonnell,

More information

International Covenant on Economic, Social and Cultural Rights

International Covenant on Economic, Social and Cultural Rights International Covenant on Economic, Social and Cultural Rights Adopted and opened for signature, ratification and accession by General Assembly resolution 2200A (XXI) of 16 December 1966 entry into force

More information