Uploaded byMuhammadAbdullah311866
PPTX, PDF33 views

GCCS-privacy-PP-final presentation-3-1.pptx

Privacy is a fluid concept that is shaped by technology and society. The internet enables vast data collection but also challenges notions of privacy. While governments and companies collect data, there are tensions between privacy, security, and economic interests. Stakeholders should work to strengthen legal frameworks for data access, incentivize business models that respect user consent and ownership, and promote technical standards that enhance privacy and security online. International cooperation is needed to balance an open internet with privacy protections that apply both online and offline.

Embed presentation

Download to read offline
Privacy and cybersecurity GPD
Purpose of this webinar • To discuss the meaning of privacy in a cyber security and human rights frame • To explore how the notion and realization of privacy is changed by the internet • To identify the factors shaping the way that privacy is being affected online • What could different stakeholders do to respect privacy online
What is privacy • Privacy has different meanings in different contexts and societies. • Linked to security and to control of immediate environment - what is known or can be known about us. • Exact definitions are elusive – national and international courts have refused to provide clear definitions of privacy. • There can be tensions between freedom of expression rights and privacy rights.
Privacy is not data protection • Data protection rules are designed to address the systematic collection of data about individuals and the rules apply to all personally identifying data held by designated “data controllers”. • Privacy is more fluid concept applying to information about which a person may have a reasonable expectation of privacy.
Meaning of privacy changes • Personal integrity lies at the heart of privacy. • Privacy in a communal village or modern city very different. • Emergence of generalized private property ( single households) has shaped notions of privacy. • Also shaped by technology, e.g. modern notions growing from debate about newspaper photographs. • No exact boundary, a dramatic technological change like the Internet will inevitably re shape understandings of privacy. • Contrast between what people say about privacy and the internet and how they behave.
The internet • Enables the collection of new types of personal information • Facilitates (and economically demands) the collection and location of personal information • Creates new capacities for government and private actors to access and analyse personal information • Creates new opportunities for commercial use of personal data • Creates new challenges for regulation given the transnational nature of the internet.
Internet services redefine privacy environment dramatically • Cloud computing (raises questions of security, data breaches and ownership), • Search engines (systematically track and monitor our behaviour), • Social networks (depend on a company led exchange and analysis of data provided by users), • The mobile internet (ties internet use to geo- located devices); • Internet of things connecting all potential objects which together convey a complete picture of our lives
Government use of data • E-government - governments moving to digital platform and provision of services. • Government increasingly seen as a digital platform. • Some governments have designated e-identities that allow services, banking, voting, health monitoring etc. • With the sheer volumes of data available it is difficult to conceive that governments won’t seek to access it. • How to balance the provision of e services (much cheaper than human services) with security and personal privacy.
Internet technologies and government • Governments have become increasingly concerned about security issues online – for legitimate and illegitimate reasons. • All govs are attempting to access information online (Snowden) with concerns are about – Scope of surveillance (who are the targets and how big is the net) – Legal framework of surveillance – Use of mass metadata searches excluded from legal accountability – Weakness of oversight – Absence of legislative competence
Internet is built and operated by the private sector not a public utility • Provision of internet services based on a business model based on advertising. • We trade or cede our privacy in exchange for free services. • Such service models either directly depend upon exposing private information (Facebook). • Or intrude on privacy to create efficiencies (tools that optimize searches based on tracking user preferences). • Generally little real public pressure or incentives to challenge this model. • Informed consent to data use for users online is complicated by range of different applications, complexity of terms of use, and apparent public indifference.
Economic growth and internet • New emphasis on economic growth and internet development • Increasing pressures for data sharing, cross border transfers of data • But a business environment that depends on people feeling secure and that categories of information – financial, health etc. need to have guaranteed confidentiality • Cybersecurity – understood as providing privacy – is essential to internet based economy
Cross border data transfers • Cross border transfers of personal data now common in utility provision, financial services, education, e-commerce and health research; • Cross-border internet traffic grew 18-fold between 2005 and 2012 (McKinsey); • Growing digital trade and new technologies such as 3D printing could see global flows of capital, data, goods and services more than triple from the $26tn recorded in 2012 to an estimated $85tn by 2025; • Key question: how to protect privacy and individual liberties while enabling the free flows of personal data and maintaining security of personal data
Privacy offline and online • Privacy online should be protected as privacy offline – what does this mean in practice? • Need to understand what is new about the environment and how to tackle it. • Next generation of innovation – internet of things, wearable technologies, AI and robotics, 3D printing are all critical to society, to economic growth and will provide further challenges to and reshaping of notions of privacy. • All will depend upon strong security both technically – encryption – and normatively – legal rules governing access to and use of personal information.
Two related issues to consider • Implications of developments in private sector and where the technologies and markets are leading. • The use of personal data by governments – not just security surveillance but wider recasting of citizen/government relationship digitally – tax, health, etc. • How to balance tackling crime and terrorism with the free-flow of information and anonymised identities fall?
What is the privacy agenda? • At the heart of the notion of privacy lies sense of personal integrity and dignity whatever the social context. At the core of this is sense of ownership and control, i.e. consent to use of information (basis of data protection system) and what can be known. • Current business models require us to hand over ownership of our data to companies in exchange for benefits -use of that data is loosely regulated if at all. How do we control this? • Government access to data, however intrusive, at least in most democracies operates in some kind of legal framework. How can this be strengthened to respect privacy in the broadest sense.
Governments should: • Commit to ensuring user security and privacy as a policy goal • Commit to freedom of expression, aware of the need to balance both rights • Understand cyber security as embracing users interests • Be transparent about the rationale and scope of surveillance or other measures violating privacy • Ensure that rules governing surveillance and privacy violations are grounded in law, consistent with international principles and subject to supervision by independent courts • Regulate effectively e.g.by having technical skills on regulatory bodies
Companies should • Practice greater transparency about data management practices • Provide accessible and reasonable terms of service • Explore shift of business model to one where there is greater user control of data with the ability for users to own data and grant permissions for use. • Encourage higher standards of encryption and anonymity, as both are enablers of privacy rights • Publish details about government requests for user data
Civil society role • To represent consumers and consumer interests • To bring concerns from excluded and marginalized groups • Provide innovative ideas and policy options • To champion a public interest approach to privacy policy
Conclusion • Ten years ago, the International Law Commission concluded that “no homogenous hierarchical meta-system is realistically available” within the international legal order to resolve detailed differences among the separate spheres, that this would have to be left to the realm of practice. • This means little prospect of a global privacy policy – so how can it be “practiced”
The realm of practice • Policy forums - International Conference of Data Protection and Privacy Commissioners discussions, Internet Governance Forum • UN normative standards setting such as the UNGA (resolutions on privacy), • Recommendations such as the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data • UN Special procedures e.g. UN Human Rights Commissioner (recent report on privacy); new Special Rapporteur • Technical bodies – e.g Internet Engineering Task Force (IETF)- work on increased encryption standards, RFC 6973, RFC 6772, RFC 6280 • Regional courts – ECHR generic privacy cases • National courts – Yahoo, Louis Feraud judgements
The practice of privacy • Promote business models that provide for user data ownership • Look for consensus-based, consumer friendly norms which incorporate international standards for data protection and internet security across boundaries • Encourage transnational co-regulatory initiatives; • Promote voluntary co-operation among stakeholders; • Set appropriate regional or multi-lateral standards; • Set appropriate national regulation • Anticipate future privacy challenges and how to meet them.

More Related Content

PDF
2 Data-Privacy-in-the-Digital-Age pro.pdf
bytiyejo2872
 
PPTX
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
byIrish Future Internet Forum
 
PPTX
Lesson4-Privacy and Data Protection.pptx
byadnis1
 
PPTX
IT law : the middle kingdom between east and West
byLilian Edwards
 
PPTX
Thierer Internet Privacy Regulation
byMercatus Center
 
PPTX
Privacy & the Internet: An Overview of Key Issues
byAdam Thierer
 
PDF
Privacy and Surveillance
byIrem Gokce Aydin
 
PPT
03 Malcolm Crompton
byFrocomm Australia
 
2 Data-Privacy-in-the-Digital-Age pro.pdf
bytiyejo2872
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
byIrish Future Internet Forum
 
Lesson4-Privacy and Data Protection.pptx
byadnis1
 
IT law : the middle kingdom between east and West
byLilian Edwards
 
Thierer Internet Privacy Regulation
byMercatus Center
 
Privacy & the Internet: An Overview of Key Issues
byAdam Thierer
 
Privacy and Surveillance
byIrem Gokce Aydin
 
03 Malcolm Crompton
byFrocomm Australia
 

Similar to GCCS-privacy-PP-final presentation-3-1.pptx

PPTX
Presentation on Information Privacy
byPerry Slack
 
PPT
chapter5F.ppt
byamreena6
 
PPT
digital identity 2.0: how technology is transforming behaviours and raising c...
byPatrick McCormick
 
PPTX
Digital Privacy Presentation powerpoint.pptx
byMariannJoyTanilon1
 
PPT
C8-Ethical, Social, & Political Issues in Ecommerce.PPT
bySyazwaniYa
 
PPT
An Introduction to Privacy Policy Lecture Note One.ppt
byMuhammad54342
 
PPT
Introduction to Principles on Information Security.ppt
byMuhammad54342
 
PPTX
Ethics and Big Data
byPew Research Center's Internet & American Life Project
 
PPT
Computer Security and Privacy Lecture Notes .ppt
byMuhammad54342
 
PPT
Chapter2
byPibi Lu
 
PPT
Introduction to Privacy Settings and Cyber Safety
byAviAuerbachAvila1
 
PPTX
Privacy and personal information presention of professional practice.pptx
bysadia456189
 
PPT
Ethical, Social, and Political Issues in E-commerce
byNor Ayuzi Deraman
 
PPT
2008 12 08 2008 Privacy
byLance Hoffman
 
PDF
Privacy & Social Media
bychuckbt
 
PPT
hel29999999999999999999999999999999999999999999.ppt
bygealehegn
 
PDF
Malcolm Crompton I I S Frocomm Web 2 O In Govt 24 June 2009
byFrocomm Australia
 
PPT
How To Prevent The World Wild Web Identity Crisis
bywieringa
 
PDF
Data:The Fine Balance.We Trade Privacy for Convenience and Security.
byDonovan Gopaul
 
PPTX
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
byProf. (Dr.) Tabrez Ahmad
 
Presentation on Information Privacy
byPerry Slack
 
chapter5F.ppt
byamreena6
 
digital identity 2.0: how technology is transforming behaviours and raising c...
byPatrick McCormick
 
Digital Privacy Presentation powerpoint.pptx
byMariannJoyTanilon1
 
C8-Ethical, Social, & Political Issues in Ecommerce.PPT
bySyazwaniYa
 
An Introduction to Privacy Policy Lecture Note One.ppt
byMuhammad54342
 
Introduction to Principles on Information Security.ppt
byMuhammad54342
 
Ethics and Big Data
byPew Research Center's Internet & American Life Project
 
Computer Security and Privacy Lecture Notes .ppt
byMuhammad54342
 
Chapter2
byPibi Lu
 
Introduction to Privacy Settings and Cyber Safety
byAviAuerbachAvila1
 
Privacy and personal information presention of professional practice.pptx
bysadia456189
 
Ethical, Social, and Political Issues in E-commerce
byNor Ayuzi Deraman
 
2008 12 08 2008 Privacy
byLance Hoffman
 
Privacy & Social Media
bychuckbt
 
hel29999999999999999999999999999999999999999999.ppt
bygealehegn
 
Malcolm Crompton I I S Frocomm Web 2 O In Govt 24 June 2009
byFrocomm Australia
 
How To Prevent The World Wild Web Identity Crisis
bywieringa
 
Data:The Fine Balance.We Trade Privacy for Convenience and Security.
byDonovan Gopaul
 
Itechlaw conferene presentation 15th feb 2013 the quest over identity the iss...
byProf. (Dr.) Tabrez Ahmad
 

More from MuhammadAbdullah311866

PPT
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
PPTX
Responsibilities of the CSIRT--abss.pptx
byMuhammadAbdullah311866
 
PPTX
Supply-Chain-Management-and-Cloud-Security.pptx
byMuhammadAbdullah311866
 
DOCX
1-William Stallings - Effective Cybersecurity_ A Guide to Using Best Practice...
byMuhammadAbdullah311866
 
PPT
information security importance and use.ppt
byMuhammadAbdullah311866
 
PPTX
Fusion-Center-ITS-Security-and-Privacy-Operations (1).pptx
byMuhammadAbdullah311866
 
PPTX
Security-Monitoring-and-Improvement.pptx
byMuhammadAbdullah311866
 
PPT
turning test, how it works and winners.ppt
byMuhammadAbdullah311866
 
PPTX
cybersecurity assessS-Ment-and-I(1).pptx
byMuhammadAbdullah311866
 
PPT
overview of principles of computerss.ppt
byMuhammadAbdullah311866
 
PPT
compatibility and complexity in the IS.ppt
byMuhammadAbdullah311866
 
PDF
NVIDIA DGX User Group 1st Meet Up_30 Apr 2021.pdf
byMuhammadAbdullah311866
 
PPTX
presentationcloud-18123333331185718.pptx
byMuhammadAbdullah311866
 
PPTX
package module in the python environement.pptx
byMuhammadAbdullah311866
 
PPT
implementing the encryption in the JAVA.ppt
byMuhammadAbdullah311866
 
PPT
games, infosec, privacy, adversaries .ppt
byMuhammadAbdullah311866
 
PPTX
PTE-A Coaching- information slidess.pptx
byMuhammadAbdullah311866
 
PDF
bash_1_2021-command line introduction.pdf
byMuhammadAbdullah311866
 
PPTX
cybersecurity_framework_webinar_2017.pptx
byMuhammadAbdullah311866
 
PPTX
framework_update_report-yer20170301.pptx
byMuhammadAbdullah311866
 
Authentication Authorization-Lesson-2-Slides.ppt
byMuhammadAbdullah311866
 
Responsibilities of the CSIRT--abss.pptx
byMuhammadAbdullah311866
 
Supply-Chain-Management-and-Cloud-Security.pptx
byMuhammadAbdullah311866
 
1-William Stallings - Effective Cybersecurity_ A Guide to Using Best Practice...
byMuhammadAbdullah311866
 
information security importance and use.ppt
byMuhammadAbdullah311866
 
Fusion-Center-ITS-Security-and-Privacy-Operations (1).pptx
byMuhammadAbdullah311866
 
Security-Monitoring-and-Improvement.pptx
byMuhammadAbdullah311866
 
turning test, how it works and winners.ppt
byMuhammadAbdullah311866
 
cybersecurity assessS-Ment-and-I(1).pptx
byMuhammadAbdullah311866
 
overview of principles of computerss.ppt
byMuhammadAbdullah311866
 
compatibility and complexity in the IS.ppt
byMuhammadAbdullah311866
 
NVIDIA DGX User Group 1st Meet Up_30 Apr 2021.pdf
byMuhammadAbdullah311866
 
presentationcloud-18123333331185718.pptx
byMuhammadAbdullah311866
 
package module in the python environement.pptx
byMuhammadAbdullah311866
 
implementing the encryption in the JAVA.ppt
byMuhammadAbdullah311866
 
games, infosec, privacy, adversaries .ppt
byMuhammadAbdullah311866
 
PTE-A Coaching- information slidess.pptx
byMuhammadAbdullah311866
 
bash_1_2021-command line introduction.pdf
byMuhammadAbdullah311866
 
cybersecurity_framework_webinar_2017.pptx
byMuhammadAbdullah311866
 
framework_update_report-yer20170301.pptx
byMuhammadAbdullah311866
 

Recently uploaded

PDF
Micro Economics for class 12 and class 11
bysurajbajaj4116
 
PDF
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
PDF
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
PPTX
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
PPTX
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
PPTX
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PPTX
How to Create Lead_Opportunity From Odoo 18 Website
byCeline George
 
PPTX
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
PPTX
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
PPTX
Overview of how to Create a Model in Odoo 18
byCeline George
 
PPTX
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
PPTX
Planning Assessment for Outcome-based Education
byAdri Jovin
 
PDF
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PPTX
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 
PPTX
Multiple Linear Regression - Least Square Method X₁ on X₂ and X₃
bySundar B N
 
PDF
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
PPTX
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
PPTX
Partial Correlation - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂ r₁₂, r₁₃ and r₂₃
bySundar B N
 
Micro Economics for class 12 and class 11
bysurajbajaj4116
 
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
The Tale of Melon City poem ppt by Sahasra
bybitrasahasra
 
Repeat Orders_ Use Odoo Blanket Agreement
byCeline George
 
UNIT 1: COMMUNICATION SKILLS, BARRIERS TO COMMUNICATION, PERSPECTIVES IN COMM...
byPOOJA KARVANDE
 
How to Track a Link Using Odoo 18 SMS Marketing
byCeline George
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
How to Create Lead_Opportunity From Odoo 18 Website
byCeline George
 
META-ANALYSIS INTERPRETATION, PUBLICATION BIAS AND GRADE ASSESSMENT.pptx
bySystematic Reviews Network (SRN)
 
AN EXTREMELY BORING GENERAL QUIZ FOR UG.pptx
bySriramG47
 
Overview of how to Create a Model in Odoo 18
byCeline George
 
How to Manage Package Reservation in Odoo 18 Inventory
byCeline George
 
Planning Assessment for Outcome-based Education
byAdri Jovin
 
DHA/HAAD/MOH/DOH OPTOMETRY MCQ PYQ. .pdf
byAnmol Singh
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
Semester 6 Unit 2 Club foot (talipes).pptx
bysachin7989
 
Multiple Linear Regression - Least Square Method X₁ on X₂ and X₃
bySundar B N
 
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
Partial Correlation - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂ r₁₂, r₁₃ and r₂₃
bySundar B N
 

GCCS-privacy-PP-final presentation-3-1.pptx

  • 1.
  • 2.
    Purpose of thiswebinar • To discuss the meaning of privacy in a cyber security and human rights frame • To explore how the notion and realization of privacy is changed by the internet • To identify the factors shaping the way that privacy is being affected online • What could different stakeholders do to respect privacy online
  • 3.
    What is privacy •Privacy has different meanings in different contexts and societies. • Linked to security and to control of immediate environment - what is known or can be known about us. • Exact definitions are elusive – national and international courts have refused to provide clear definitions of privacy. • There can be tensions between freedom of expression rights and privacy rights.
  • 4.
    Privacy is notdata protection • Data protection rules are designed to address the systematic collection of data about individuals and the rules apply to all personally identifying data held by designated “data controllers”. • Privacy is more fluid concept applying to information about which a person may have a reasonable expectation of privacy.
  • 5.
    Meaning of privacychanges • Personal integrity lies at the heart of privacy. • Privacy in a communal village or modern city very different. • Emergence of generalized private property ( single households) has shaped notions of privacy. • Also shaped by technology, e.g. modern notions growing from debate about newspaper photographs. • No exact boundary, a dramatic technological change like the Internet will inevitably re shape understandings of privacy. • Contrast between what people say about privacy and the internet and how they behave.
  • 6.
    The internet • Enablesthe collection of new types of personal information • Facilitates (and economically demands) the collection and location of personal information • Creates new capacities for government and private actors to access and analyse personal information • Creates new opportunities for commercial use of personal data • Creates new challenges for regulation given the transnational nature of the internet.
  • 7.
    Internet services redefineprivacy environment dramatically • Cloud computing (raises questions of security, data breaches and ownership), • Search engines (systematically track and monitor our behaviour), • Social networks (depend on a company led exchange and analysis of data provided by users), • The mobile internet (ties internet use to geo- located devices); • Internet of things connecting all potential objects which together convey a complete picture of our lives
  • 8.
    Government use ofdata • E-government - governments moving to digital platform and provision of services. • Government increasingly seen as a digital platform. • Some governments have designated e-identities that allow services, banking, voting, health monitoring etc. • With the sheer volumes of data available it is difficult to conceive that governments won’t seek to access it. • How to balance the provision of e services (much cheaper than human services) with security and personal privacy.
  • 9.
    Internet technologies andgovernment • Governments have become increasingly concerned about security issues online – for legitimate and illegitimate reasons. • All govs are attempting to access information online (Snowden) with concerns are about – Scope of surveillance (who are the targets and how big is the net) – Legal framework of surveillance – Use of mass metadata searches excluded from legal accountability – Weakness of oversight – Absence of legislative competence
  • 10.
    Internet is builtand operated by the private sector not a public utility • Provision of internet services based on a business model based on advertising. • We trade or cede our privacy in exchange for free services. • Such service models either directly depend upon exposing private information (Facebook). • Or intrude on privacy to create efficiencies (tools that optimize searches based on tracking user preferences). • Generally little real public pressure or incentives to challenge this model. • Informed consent to data use for users online is complicated by range of different applications, complexity of terms of use, and apparent public indifference.
  • 11.
    Economic growth andinternet • New emphasis on economic growth and internet development • Increasing pressures for data sharing, cross border transfers of data • But a business environment that depends on people feeling secure and that categories of information – financial, health etc. need to have guaranteed confidentiality • Cybersecurity – understood as providing privacy – is essential to internet based economy
  • 12.
    Cross border datatransfers • Cross border transfers of personal data now common in utility provision, financial services, education, e-commerce and health research; • Cross-border internet traffic grew 18-fold between 2005 and 2012 (McKinsey); • Growing digital trade and new technologies such as 3D printing could see global flows of capital, data, goods and services more than triple from the $26tn recorded in 2012 to an estimated $85tn by 2025; • Key question: how to protect privacy and individual liberties while enabling the free flows of personal data and maintaining security of personal data
  • 13.
    Privacy offline andonline • Privacy online should be protected as privacy offline – what does this mean in practice? • Need to understand what is new about the environment and how to tackle it. • Next generation of innovation – internet of things, wearable technologies, AI and robotics, 3D printing are all critical to society, to economic growth and will provide further challenges to and reshaping of notions of privacy. • All will depend upon strong security both technically – encryption – and normatively – legal rules governing access to and use of personal information.
  • 14.
    Two related issuesto consider • Implications of developments in private sector and where the technologies and markets are leading. • The use of personal data by governments – not just security surveillance but wider recasting of citizen/government relationship digitally – tax, health, etc. • How to balance tackling crime and terrorism with the free-flow of information and anonymised identities fall?
  • 15.
    What is theprivacy agenda? • At the heart of the notion of privacy lies sense of personal integrity and dignity whatever the social context. At the core of this is sense of ownership and control, i.e. consent to use of information (basis of data protection system) and what can be known. • Current business models require us to hand over ownership of our data to companies in exchange for benefits -use of that data is loosely regulated if at all. How do we control this? • Government access to data, however intrusive, at least in most democracies operates in some kind of legal framework. How can this be strengthened to respect privacy in the broadest sense.
  • 16.
    Governments should: • Committo ensuring user security and privacy as a policy goal • Commit to freedom of expression, aware of the need to balance both rights • Understand cyber security as embracing users interests • Be transparent about the rationale and scope of surveillance or other measures violating privacy • Ensure that rules governing surveillance and privacy violations are grounded in law, consistent with international principles and subject to supervision by independent courts • Regulate effectively e.g.by having technical skills on regulatory bodies
  • 17.
    Companies should • Practicegreater transparency about data management practices • Provide accessible and reasonable terms of service • Explore shift of business model to one where there is greater user control of data with the ability for users to own data and grant permissions for use. • Encourage higher standards of encryption and anonymity, as both are enablers of privacy rights • Publish details about government requests for user data
  • 18.
    Civil society role •To represent consumers and consumer interests • To bring concerns from excluded and marginalized groups • Provide innovative ideas and policy options • To champion a public interest approach to privacy policy
  • 19.
    Conclusion • Ten yearsago, the International Law Commission concluded that “no homogenous hierarchical meta-system is realistically available” within the international legal order to resolve detailed differences among the separate spheres, that this would have to be left to the realm of practice. • This means little prospect of a global privacy policy – so how can it be “practiced”
  • 20.
    The realm ofpractice • Policy forums - International Conference of Data Protection and Privacy Commissioners discussions, Internet Governance Forum • UN normative standards setting such as the UNGA (resolutions on privacy), • Recommendations such as the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data • UN Special procedures e.g. UN Human Rights Commissioner (recent report on privacy); new Special Rapporteur • Technical bodies – e.g Internet Engineering Task Force (IETF)- work on increased encryption standards, RFC 6973, RFC 6772, RFC 6280 • Regional courts – ECHR generic privacy cases • National courts – Yahoo, Louis Feraud judgements
  • 21.
    The practice ofprivacy • Promote business models that provide for user data ownership • Look for consensus-based, consumer friendly norms which incorporate international standards for data protection and internet security across boundaries • Encourage transnational co-regulatory initiatives; • Promote voluntary co-operation among stakeholders; • Set appropriate regional or multi-lateral standards; • Set appropriate national regulation • Anticipate future privacy challenges and how to meet them.

Editor's Notes

  • #4 European Court “the Court does not consider it possible or necessary to attempt an exhaustive definition of the notion of a private life” FoE tension with privacy particularly around the role of the media and the extent to which public figures have an expectation of privacy and who comprises a public figure
  • #6 Warren and Brandeis paper on “The Right to Privacy” 1890 drafted when newspapers were first publishing photographs defined the right as “the right to be left alone” which is different to internet debate which is more about control over information held on us. So be careful about making grand statements about privacy and what it means So Westin defines ;privacy as “the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about them is communicated to others” – but do institutions have rights???
  • #7 Examples might include bio metric data eg facial recognition, eye scans, fingerprint scans etc – with wearable health technology, this will grow Unique IP address for each device, mining of personal data by companies Increased computing power means vast quantities of information eg metadata can be accessed and analyzed algorithmically Advertising markets now dependent upon data analysis of users bahaviours
  • #8 Provision of national search engines in say China and Russia gives rise to real internet privacy concerns Social networks like Facebook retain the right to change their terms of service unilaterally without further user consent
  • #10 Specific issues arising from the allegations by Edward Snowden and other practices comprehensive access information about users to the limit of their technical ability, not just internet service companies but telecoms. Mass interception of traffic through various “backdoors” including physical tapping of cables on land and undersea; large scale surveillance of non citizens with little or no legal redress; programmes that involve the weaponising of computer viruses to break into legitimate systems to test defences such as airline reservation systems; placing requirements on companies not to disclose intercept requests (very common with telecomms) No oversight bodies have access to technical expertise. Nor do judges and legislatures are seriously underpowered when looking at potential legislation
  • #11 Does the violation of privacy increase the effectiveness of search?