A year after the first report of the United Nations Special Rapporteur on the right to privacy, national and international governmental surveillance activities remained in focus in the second report.
The report of UN Special Rapporteur Joseph Cannataci, which addressed the right to privacy, was submitted to the 34th session of the UN Human Rights Council (HRC), held last month in Geneva. During the same session, the UN HRC adopted the Resolution on the right to privacy in the digital age.
The report has two main highlights. The first is that there were no improvements in the status of the right to privacy with a focus on surveillance in the past year. Any legislation that was introduced was either rushed to legitimise prac- tices, or carries only minor improvements.
The second is the Special Rapporteur’s recommendation for a legal instrument regulating surveillance in cyberspace, which came a day after the WikiLeaks Vault 7 leak.
Cannataci’s report directly refers to the Snowden revelations and their aftermath with regard to transparency and remedy, stating that they ‘have clearly shown that there is a pressing need for government authorities to explain their work.’
A legal instrument to regulate surveillance
The proposed legal instrument would grant the equivalent of an international surveillance warrant to address the problem of thousands of requests, which big companies, such as Apple, Twitter, and Google, receive from governments worldwide.
The legal instrument regulating surveillance would comple- ment existing instruments (such as the Cybercrime Convention), or proposed instruments (such as Microsoft’s proposed Digital Geneva Convention). Noting that a pre-existing initiative – the MAPPING project – is already exploring options for such a legal instrument, the Special Rapporteur believes that newly created mechanisms could grow to provide critical mass to a much-needed instrument, as was the experience with other international norms.
Conclusions and recommendations
The report provides five distinct recommendations that deal with:
- WHY populism and privacy are inimical to security;
- HOW states may engage to improve privacy protection through better oversight of intelligence;
- WHO deserves to enjoy the right to privacy i.e. everybody, everywhere – the universality of the right to privacy has a special meaning in this context
- HOW this right to privacy could possibly be better protected through developments in domestic and international law and
- WHEN some developments in international law, especially those concerning a legal instrument regulating surveillance may possibly soon be at a stage of maturity where they could benefit from a wider discussion.
In his report, Cannataci finds that ‘extremely privacy-intrusive measures that have been introduced by new surveillance laws in France, Germany, the UK, and the USA’ are dominantly based on the politics of fear, and not on evidence. He invited UN member states to engage in a discussion of the oversight of intelligence by joining the annual International Intelligence Oversight Forum, which he intends to initiate. Cannataci called for protection of the right to privacy of ‘everyone, everywhere’, and for using reasonable suspicion, and not citizenship, as the cause for targeted surveillance, citing the USA as an example.
As a solution, new international mechanisms are recommended, including ‘…executive branches of government to be given a mandate by their parliaments […] to actively explore such options for proper regulation of surveillance and the introduction of privacy-friendly safeguards and remedies in cyberspace’. He also recommends that judges receive training and support to help them understand the technological implications of their decisions.
HRC adopts new resolution on the right to privacy
The new resolution adopted by the HRC reinforces certain elements from previous UN resolutions. These include anonymity and encryption (technical solutions to secure the confidentiality of digital communications are emphasised as important for the enjoyment of human rights); metadata, which can reveal personal information that can be no less sensitive than the actual content of communications; and profiling and algorithms concerns, which can lead to discrimination or decisions that otherwise have the potential to a ect the enjoyment of human rights.
On the other hand, for the first time, the HRC resolution emphasises that states should ensure that any interference with the right to privacy is consistent with the principles of legality, necessity, and proportionality.
Looking towards 2018
Focusing on next steps, the resolution recommends several steps to be undertaken before the 39th Session in September 2018. It invites the convening of an expert workshop on the right to privacy in the digital age, it puts the roles and responsibilities of the businesses sectors in focus, and it calls for a further report of the UN High Commissioner for Human Rights.
The participation of different stakeholder groups was recognised as helpful to better understanding applicable norms on the right to privacy and challenges related to implementation. Cannataci’s report envisages a further set of recommendations in 2018 to ensure the promotion and protection of privacy, including in connection with the challenges arising from new technologies.
This article was first published in the March edition of the Geneva Digital Watch newsletter. The April edition is out 30 April. Download your copy.
Ms Aida Mahmutovic is a curator for the GIP Digital Watch observatory.