Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Issue

Data Protection and Privacy Laws

Effective legislation helps minimize monitoring by governments, regulate surveillance by companies and ensure that personal information is properly protected.

Laws for the protection of privacy have been adopted worldwide. Their objectives vary: some have attempted to remedy past injustices under authoritarian regimes, others seek to promote electronic commerce, and many ensure compliance with pan-European laws and to enable global trade. Regardless of the objective, data protection laws tend to converge around the principle that individuals should have control over their personal information.

Interest in the right to privacy increased in the 1960s and 1970s with the advent of information technology. The surveillance potential of powerful computer systems prompted demands for specific rules governing the collection and handling of personal information. The genesis of modern legislation in this area can be traced to the first data protection law in the world, enacted in the Land of Hesse in Germany in 1970. This was followed by national laws in Sweden (1973), the United States (1974), Germany (1977) and France (1978).

Two crucial international instruments evolved from these laws: the Council of Europe's 1981 Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data, and the Organization for Economic Cooperation and Development’s 1980 Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data. These rules describe personal information as data that are afforded protection at every step, from collection to storage and dissemination.

Although the expression of data protection requirements varies across jurisdictions, all require that personal information must be:

• obtained fairly and lawfully
• used only for the original specified purpose
• adequate, relevant and not excessive to purpose
• accurate and up to date
• accessible to the subject
• kept secure
• destroyed after its purpose is completed

We work with regulators and other institutions to advance the implementation and practices of data protection and privacy laws and to analyse how new policies and technologies may affect them. We also aim to hold companies and governments to account by filing briefings and complaints on how their practices can - or cannot - be reconciled with legal frameworks.

Data Protection and Privacy Laws

In the media
Publisher: 
BBC World Service
Publication date: 
28-Feb-2014
Original story link: 

Gus Hosein and Anna Crowe speak with BBC World Service on the past, and future, of privacy.

Countries: 
Blog
Dr Gus Hosein's picture

In Geneva this week, an expert seminar will be held at the Human Rights Council on the right to privacy. To inform these discussions and debates, Privacy International is releasing our report, The State of Privacy 2014, which identifies recent accomplishments from around the world, and highlights significant challenges ahead for this right.

To read the full report, go here.

Promoting and defending the right to privacy in national and international policy discourses is always an interesting challenge. The right to privacy is fundamental to who we are as human beings, insulating our most intimate and personal thoughts and deeds, and acts as a critical safeguard against abuse and overreach by pow- erful institutions. It is perhaps for these reasons that the right has for so long been under attack by governments.

Blog
Anna Crowe's picture

“Open government” – the push for greater transparency, accountability and innovation from governments – is an idea that has gained increasing traction in recent years, as the potential for new technologies to enhance democracy is being realised.

But making government more open and responsive should not mean compromising on privacy and data protection. The Open Government Guide outlines steps governments can take towards more open government and Privacy International has written a draft chapter on privacy for the Guide, which is now open for comment.

Blog
Caroline Wilson Palow's picture

Post updated on 14 April to reflect response from the Office of the Director of National Intelligence, and on 23 April to reflect response from the Communications Security Establishment Canada.

Would you like to read the current international agreements establishing the intelligence sharing arrangements that underpin the work of the NSA and GCHQ? The rules that govern massive, coordinated communications surveillance operations, hacking, and the exploitation of networks and devices in the name of national security and the public interest?

What about the guidelines that set the boundaries of what certain cooperating intelligence agencies can and cannot do to the citizens of their own countries, and to foreigners?

Well, you can’t.

Blog
Dr Gus Hosein's picture

Bulk metadata collection. The tapping of undersea fibre optic cables. Sabotaging internet security standards. Cyber Attacks. Hacking.

In almost every week since last summer, a new Snowden document has been released which details the growing surveillance powers and practices of intelligence agencies, each one astonishing in its own right. The documents have exposed the illegal activities and intrusive capabilities of the UK’s intelligence agency, GCHQ, which has secretly sought to exploit and control every aspect of our global communications systems.    

Blog
Caroline Wilson Palow's picture

The current legal framework governing intelligence activities in the UK is unfit for purpose in the modern digital era, and reform is urgently needed.

With this in mind, today Privacy International responded to the Intelligence and Security Committee’s call for evidence, addressing the question, “Whether the legal framework which governs the security and intelligence agencies’ access to the content of private communications is ‘fit for purpose’, given the developments in information technology since they were enacted.”

While we welcome scrutiny of the UK’s legal framework, we do have concerns about the process. In a separate letter sent to the ISC, Privacy International along with Big Brother Watch and Liberty called on Parliament to establish a full and independent inquiry, given the deeply flawed nature of this present investigation.

In the media
Publisher: 
Data Guidance
Publication date: 
30-Jan-2014
Original story link: 

 Anna Fielder, Trustee and Board Chair at Privacy International, said, "Political will is crucial at this stage. The snail pace of the discussions in the EU Council is nothing short of scandalous - one step forward two steps backwards during the last six months of the Lithuanian Presidency. This lack of progress is to the detriment of people's rights."

In the media
Publisher: 
BBC
Publication date: 
04-Feb-2014
Author(s): 
Leo Kelion
Original story link: 

"Transparency reports for a long time were really insightful tools for us to see what governments were asking the tech companies," Privacy International's Mike Rispoli told the BBC.

"Now we know that the game has changed.

"Governments do not need to go to companies to get user data - they can directly intercept it. They do not need to go through the front door anymore, they have kicked down the back door."

Blog
Alexandrine Pirlot's picture

Big data consists mainly of data that is openly available, created and stored. It includes public sector data such as national health statistics, procurement and budgetary information, and transport and infrastructure data. While big data may carry benefits for development initiatives, it also carries serious risks, which are often ignored. In pursuit of the promised social benefits that big data may bring, it is critical that fundamental human rights and ethical values are not cast aside.

Expanding beyond publicly accessible data

Along with other humanitarian organisations and UN agencies, one key advocate and user of big data is the UN Global Pulse, launched in 2009 in recognition of the need for more timely information to track and monitor the impacts of global and local socio-economic crises. This innovative initiative explores how digital data sources and real-time analytics technologies can help policymakers understand human well-being and emerging vulnerabilities in real-time, in order to better protect populations from shocks.

In the media
Publisher: 
Pink News
Publication date: 
09-Jan-2014
Original story link: 

Mike Rispoli, Communications Manager of Privacy International told PinkNews: ”Just because it is information that can be accessed, it is unjustifiable for this company to collect and share information without my consent. People make choices every day about what they share, to whom, and on what platforms. On one site, I may share my sexual orientation, but not my political beliefs. On another, maybe I’ll share the school I attended but not my home address. In the end, its about our choice and agency over what information we give out. Companies like NameTag that want to aggregate all this information and combine it with deeply-invasive technology like facial recognition software without our permission completely expose all of us to any stranger on the street.”

Pages

Subscribe to Data Protection and Privacy Laws