The impact of technology on the right to privacy

Posted: July 3rd, 2013 | Author: | Filed under: european union, human rights, law, privacy | No Comments »

In 1890 Louis Brandeis and Samuel Warren published in the Harvard Law Review an article called “The Right to Privacy”. They wrote:

“Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life ; and numerous mechanical devices threaten to make good the prediction that “what is whispered in the closet shall be proclaimed from the house-tops.””

It was the dawn of the age of the mass circulation gossip newspapers, aided by the improvements of the printing press and the invention of photography. This technological change prompted Brandeis and Warren to write their article and to call for legal protection of the right to privacy, which had already been enacted in France in 1868 (“11. Toute publication dans un écrit périodique relative à un fait de la vie privée constitue une contravention punie d’un amende de cinq cent francs.” Rivière, Codes Français et Lois Usuelles. App. Code Pen., p. 20.). In the article, Brandeis and Warren set out many of the principles that we follow to this day. Also, they called for both tort action with substantial compensation, injunctions as well as possible criminal sanctions for the violation of this right. Thus the right to privacy was born as a reaction to specific technological changes.

In the 1970s and 80s, when mass computing and databases had started to become prevalent, work started on international regulation of the right to privacy in the specific context. This resulted in the 1981 Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (also known simply as Convention 108). The Convention entered into force in 1985 and has been ratified by 45 European states and Uruguay, including most recently by Russia in May 2013. This forward-looking document is the foundation of European rules on data protection. It sets the main principles related to data processing, including rights of individuals. Thus Europe already had before IT became commonplace a set of rules to adhere to.

In the European Union, data protection has recieved more attention than almost any other fundamental right. It is one of the more strongly protected rights in the EU level, having both its own Article in the founding treaties (since Treaty of Lisbon), strong protection in the Charter of Fundamental Rights of the EU, which became binding in 2009 together with the ToL, and a large body of secondary EU law (mostly directives), already since 1995’s Data Protection Directive. Again, these strong protections have been put to place as a consequence of advances in technology.

The fact that data has been protected in such a high degree in Europe and at the European level, has facilitated cross-border transmission of data, without which there would be a quagmire of different rules to follow. The EU data protection rules are currently being updated to react to the spreading of business models which involve trading with personal data (by mostly American companies such as Facebook, Google, Apple, Yahoo and Microsoft). These include the much debated right to be forgotten and the right of data portability, which means that you could move your data from one social media service provider to another, preventing customer lock-in.

With the NSA snooping scandal, an aspect of privacy has come about that had been forgotten by many. Although the focus has been on the private sector lately, it has become clear that the governments are more than ever capable and interested in finding out what people do and say online. No-one is off-limits, it appears.

In much of the same way as Louis Brandeis and Samuel Warren denounced the activities of gossip rags, it is important that there is a strong reaction in the form of legislation for the kind of invasion of privacy that has happened now. The answer is not to claim that privacy is dead (linked text in Estonian), but the opposite, rules and oversight must be made even stronger as a reaction to technological advances, just as we did when photography was invented. Those rules have to be smart and take into account the changing technological paradigm. Ultimately mankind can be successful if it can make technology work for it, rather than using it as an excuse to decrease human rights standards. We have outlawed reproductive cloning of human beings, eugenic practices and many other things that are technologically possible, but against the values on which our society is based on. So why cannot we keep 100% privacy in the digital age?

Of course the right to privacy as applied to Facebook is somewhat different than as applied to the tabloid newspapers. The underlying philosophical and ethical values are similar, but their application can vary. The individual has become much more empowered to control information about him or her than ever before. And that is a positive thing. Harvard scholars did recently a literature review on the privacy practices of the younger generation, and found surprisingly that privacy is as valuable as ever:

“The prevailing discourse around youth and privacy is built on the assumption that young people don’t care about their privacy because they post so much personal information online. The implication is that posting personal information online puts them at risk from marketers, pedophiles, future employers, and so on. Thus, policy and technical solutions are proposed that presume that young would not put personal information online if they understood the consequences.

However, our review of the literature suggests that young people care deeply about privacy, particularly with regard to parents and teachers viewing personal information. Young people are heavily monitored at home, at school, and in public by a variety of surveillance technologies. Children and teenagers want private spaces for socialization, exploration, and experimentation, away from adult eyes. Posting personal information online is a way for youth to express themselves, connect with peers, increase popularity, and bond with friends and members of peer groups. Subsequently, young people want to be able to restrict information provided online in a nuanced and granular way.”

The above research suggest we should not be worried about privacy becoming unimportant in the future, but rather how to guarantee that we can control the privacy of our online lives. This should include being informed about when and what the government (or other governments) are able to know about us and what are the oversight mechanisms that protect us from it. The national intelligence community should be also interested in this, because otherwise they will be faced with another snowden, another wikileaks every couple of years. If people are in general terms aware of what, why and how is being gathered and have reassurances about sufficient oversight then Edward Snowden’s revelations would not have had much news value. If, however, it will be business as usual, more revelations are bound to take place.

P.S. In a way governments, especially the US, have fallen victims of the technological change even more than any individual. Wikileaks and Snowden revelations have been deeply embarrassing and probably hugely damaging. So the governments too must decide whether aiming for more secrecy is viable or should openness and transparency be better in the long run.

Leave a Reply