Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Issue

Data Protection and Privacy Laws

Effective legislation helps minimize monitoring by governments, regulate surveillance by companies and ensure that personal information is properly protected.

Laws for the protection of privacy have been adopted worldwide. Their objectives vary: some have attempted to remedy past injustices under authoritarian regimes, others seek to promote electronic commerce, and many ensure compliance with pan-European laws and to enable global trade. Regardless of the objective, data protection laws tend to converge around the principle that individuals should have control over their personal information.

Interest in the right to privacy increased in the 1960s and 1970s with the advent of information technology. The surveillance potential of powerful computer systems prompted demands for specific rules governing the collection and handling of personal information. The genesis of modern legislation in this area can be traced to the first data protection law in the world, enacted in the Land of Hesse in Germany in 1970. This was followed by national laws in Sweden (1973), the United States (1974), Germany (1977) and France (1978).

Two crucial international instruments evolved from these laws: the Council of Europe's 1981 Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data, and the Organization for Economic Cooperation and Development’s 1980 Guidelines Governing the Protection of Privacy and Transborder Data Flows of Personal Data. These rules describe personal information as data that are afforded protection at every step, from collection to storage and dissemination.

Although the expression of data protection requirements varies across jurisdictions, all require that personal information must be:

• obtained fairly and lawfully
• used only for the original specified purpose
• adequate, relevant and not excessive to purpose
• accurate and up to date
• accessible to the subject
• kept secure
• destroyed after its purpose is completed

We work with regulators and other institutions to advance the implementation and practices of data protection and privacy laws and to analyse how new policies and technologies may affect them. We also aim to hold companies and governments to account by filing briefings and complaints on how their practices can - or cannot - be reconciled with legal frameworks.

Data Protection and Privacy Laws

In the media
Publisher: 
Wired UK
Publication date: 
14-Nov-2013
Author(s): 
Chris Baraniuk
Original story link: 

Sam Smith, a technologist at Privacy International, said the unencrypted data could hypothetically relate to any of Microsoft's cloud services, from Hotmail and Outlook.com email accounts to Xbox Live, Office 365 and SkyDrive cloud storage.

This response seems unlikely to reassure Smith who commented, "Unless Microsoft takes immediate action to rectify this situation, any business or individual using their services to store or transmit sensitive data will have been fundamentally let down by a brand that suggested it was worthy of trust."

Opinion piece
Carly Nyst's picture

The following is an excerpt from a Comment originally publihsed by The Guardian, written by Privacy International's Head of Advocacy, Carly Nyst:

From databases to mobile phone apps and SMS systems, GPS tracking and humanitarian drones to biometric registration, new technologies are rapidly becoming central to the delivery of humanitarian and development aid.

Refugees fleeing the Syrian conflict are having their irises scanned and their identity documents digitised. Nurses in Nigeria are using SMS systems to communicate HIV test results to health facilities. Cash is being delivered to those living in Kenya's slums through the M-Pesa mobile-phone banking system.

Blog
Caroline Wilson Palow's picture

In a move that echoes strong action taken in the past by European officials to protect privacy, the Belgian and Dutch data protection authorities on Wednesday announced that they will begin an investigation into the security of the SWIFT financial system.

In the media
Publisher: 
Data Guidance
Publication date: 
04-Nov-2013
Original story link: 

 Anna Fielder of Privacy International also commented, saying that "Privacy and consumer advocates absolutely do not want data protection and data flows to be included in the TTIP negotiations; simply put, a trade agreement is not the best place to deal with such issues."

In the media
Publisher: 
Deutsche Welle
Publication date: 
08-Nov-2013
Author(s): 
Ben Knight
Original story link: 

 "The telecommunications companies can actually do an astonishing amount to push back against this sort of surveillance," Eric King, head of research at Privacy International, told DW. "It's plain that the Tempora program is almost certainly unlawful… Companies don't have an obligation to comply with unlawful requests, and should they wish to challenge them, they would be well within their rights to do so, and would likely be successful."

Blog
Anna Crowe's picture

Privacy International today is proud to announce our new project, Aiding Privacy, which aims to promote the right to privacy and data protection in the development and humanitarian fields. Below is an outline of the issues addressed in our new report released today, Aiding Surveillance.

New technologies hold great potential for the developing world. The problem, however, is that there has been a systematic failure to critically contemplate the potential ill effects of deploying technologies in development and humanitarian initiatives, and in turn, to consider the legal and technical safeguards required in order to ensure the rights of individuals living in the developing world.

Blog
Dr Richard Tynan's picture

It was a throwaway line in a Washington Post article, one of the many stories about government surveillance in the past few months.

By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off. [Joint Special Operations Command] troops called this “The Find,” and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit."

Being able to track a mobile phone, while switched off? It was the first time we had read about the NSA having such a capability, and a revelation that has far-reaching implications. For most consumers, when they turn off their handsets, they have a reasonable expectation that the device is powered off, is not emitting or receiving a signal, and does not have any piece of the mobile phone still 'on'.

Blog
Kenneth Page's picture

Today's hearing was built up in some media circles as an historic ‘public grilling’ of the heads of the UK’s Intelligence Agencies as Mi5, Mi6 and GCHQ appeared in public in front of their oversight committee, the Intelligence and Security Committee.

Nothing would be further from the truth. It was tame, predictable, and limp. No member of the public concerned with the activities of our intelligence agencies would be comforted by the ISC’s performance. The Committee was almost fawning in their attitude and showed a near sense of embarrassment at having to hold them to account in public at all.

For security reasons, the live steam was on a 2 minute delay in case national security secrets were discussed. From the outset, Chair of the Committee (and former Government Foreign Secretary) Sir Malcolm Rifkind noted that this delay would probably not be needed. That should have given an early indication that the questions would not unsettle those giving evidence.

Blog
Sam Smith's picture

The heads of the main UK Intelligence Agencies are all giving evidence to Parliament today, on camera for the first time. The fact that this has as of yet not happened demonstrates how obsolete the UK’s oversight regime is. The UK political establishment revels in its historical traditions, but this can result in archaic proceedings, stuck in another century, refusing to move forward with the modern era. With a time delay (allegedly a few minutes, but possibly 20 years), we get to view the stream of the third debate in three weeks. Whether it’s more like the first monologue, or the second sideshow remains to be seen. It makes for interesting TV, but it’s not primetime drama.

[Spoiler alert ahead for those fans of award-winning political dramas]

In the media
Publisher: 
Deutsche Welle
Publication date: 
04-Nov-2013
Author(s): 
Ben Knight
Original story link: 

 Though it is unsurprising that allied intelligence agencies cooperate and share information, the document did reveal a new facet of the relationship. "What we weren't previously aware of was the level of collusion when it comes to getting round surveillance law," Privacy International spokesman Mike Rispoli told DW. "We can't really be sure, but what we can infer is that when government officials discuss information sharing, they say, 'look at our laws here, look at what we're doing, look how lax our surveillance law is here, … you should get on board with this.' "

Pages

Subscribe to Data Protection and Privacy Laws