The Geneva Academy of International Humanitarian Law and Human Rights, organised an expert meeting on The Right to Privacy in the Digital Age‘ (hosted by the Permanent Missions of Austria, Brazil, Germany, Liechtenstein, Mexico, Norway, and Switzerland) in Geneva on 24-25 February 2014. The right to privacy is of great practical importance to human rights defenders who are often in the firing line of (mass) surveillance. The report is short and very readable and makes an excellent long read for the weekend. To help those pressed for time, here is the Summary of conclusions:
- States urgently need to undertake a review their national law and where necessary adopt clear and precise legislation that both protects the right to privacy, including in internet and telecommunications, and regulates communications surveillance by law enforcement and intelligence agencies. Legislation should include anonymity protection for internet and telecommunications. State should also enact data protection laws. States should review their communications and data legislation on a regular basis to ensure that it keeps pace with technological advancements.
- Current practice by states demonstrates an unjustifiable lack of transparency. At a minimum states should be releasing quantitative information about access requests. Those individuals that have been the subject of an surveillance operation must be given ex-post notification
- The decision to conduct data surveillance activities must be based on limiting privacy through a justified and proscribed public interest. The surveillance method used must be the least intrusive method available.
- An independent judiciary should scrutinize surveillance requests.
- All three branches of government should be engaged in the oversight of surveillance activities
- Independent and adequately resourced parliamentary committees, review boards, data protection commissioners, independent advocates, and ombudspersons all have the potential to provide oversight of both state and business conduct.
- The focus should move from the type of data that is being collected to: who is collecting the data; who is accessing the data; who is authorising the data collection and on what grounds; and how long is the data being collected and stored for.
- Caution should be exercised when we trust or accept safeguards of safe storage and anonymisation, as all data storage is capable of being hacked and anonymisation can be undone.
- Businesses should be using the strongest possible encryption codes available to them and states should be obligating internet and telecommunications providers to do so.
- The neutral and universal nature of the internet must be protected.
Ways forward Several specific options for ways forward were discussed, none of which are mutually exclusive:
Special Rapporteur
Some noted that the establishment by the UN Human Rights Council of a new mandate for a Special Rapporteur on the right to privacy would be a welcome development. However, concern was raised over whether or not this is a realistic option, at least in the immediate future given the resistance by many states to the creation of new mandates, in particular in light of resource constraints. The suggestion was made that one of the ‘less pressing’ mandates could be suspended and resources diverted to fulfilling a new mandate on the right to privacy.
Joint Initiative by the relevant special procedures mandates
Another suggestion would be to encourage those Special Rapporteurs whose mandates are concerned with privacy and national security practices (such as the UN Special Rapporteurs on the right to freedom of opinion and expression, and on human rights and fundamental freedoms while countering terrorism) to engage in a joint initiative, for example to clarify the applicable legal standards and principles, and/or develop guidelines or best practices on ensuring respect for the right to privacy in the digital age. A Commission to conduct follow-up to the report of the High Commissioner for Human Rights It was further suggested that the Human Rights Council could establish a time-bound commission to conduct follow-up to the report of the High Commissioner on the right to privacy in the digital age. Such a commission would ensure that the Human Rights Council maintains a focus on the issue and could be used to engage all stakeholders.
New Optional Protocol to the ICCPR
Some have suggested the development of an Optional Protocol to the ICCPR on the right to privacy in order to affirm and further elaborate on the right to privacy. However the disadvantages include that it may be difficult to arrive at an agreed text; it may invite an argument that existing legal standards do not apply to digital communications; it may lower existing standards; and those states that do not ratify it would remain free to argue they are not bound by the standards elaborated in the protocol. It was felt that as the existing legal framework covers the right to privacy in the digital age, efforts should concentrate instead on ensuring this existing body of law is implemented.
New Human Rights Committee General Comment
Many have noted that a new General Comment on Article 17 of the ICCPR would be welcome. However as the agenda of the Human Rights Committee is already very full it is understood that this may not happen in the immediate future; in the meantime General Comment 16 (1988) is still relevant.
Inter-state complaint to the Human Rights Committee
Those states that have made a declaration under article 41 of the ICCPR could make an inter-state complaint about one of the so-called ‘five-eyes’ states (all of which have made an Article 41 declaration). This would be a politically risky move. Working Group on the issue of human rights and transnational corporations and other business enterprises The UN Working Group on Business and Human Rights may be a useful channel for engaging with business on issues related to the right to privacy in the digital age. The 2014 Forum on Business and Human Rights could also be used to facilitate multi-stakeholder dialogue on this issue.
Promotion of voluntary commitments
Businesses should be encouraged and supported to adopt voluntary commitments and standards, similar to the Guiding Principles, on ensuring the protection of the right to privacy on the internet and in telecommunication.
Seek an Advisory Opinion from the International Court of Justice
Whether or not it would be beneficial to seek an Advisory Opinion was discussed. It was agreed that this would be risky move politically, could potentially backfire, and the question asked would have to be carefully considered and clearly drafted. One option put forward was to ask a general question, such as clarification of the word ‘arbitrary’ in Art 17 ICCPR, with the aim of drawing the international community’s attention to the issue. Another was to ask a question solely with regard to the threshold applicability questions with respect to extraterritorial surveillance. However many were of the view that in the near term it would be premature to seek an Advisory Opinion from the ICJ and this option should be reconsidered once more work has been done by special procedures or any ad hoc bodies to be established and once we have more jurisprudence from ECtHR and the Human Rights Committee.
http://www.geneva-academy.ch/docs/ResearchActivities/Report_TheRightoPrivacy.pdf
Hans Thoolen on Human Rights Defenders and their awards 
February 24, 2019 at 20:13
[…] go to authorities and corporations that may violate the rights of human rights defenders. [see e.g. https://humanrightsdefenders.blog/2014/05/30/right-to-privacy-in-the-digital-age-of-importance-to-hu…%5DThe Big Brother Awards are examples. The tradition of Big Brother Awards was started by UK human […]