Identity 21 December 2013

When law isn't enough

By Christine RunnegarSenior Director, Internet Trust

While an individual’s privacy must, in appropriate circumstances, give way to matters of public interest such as safety, law enforcement and security, what recent events have shown us is that some governments have stretched the boundaries of “appropriate” so far that they have snapped. Legal concepts such as “necessary”, “proportionate” and “reasonable” have been effectively rendered meaningless by surveillance programs that:

  • collect wholesale Internet user data (including metadata) without due regard to individuals’ rights and expectations of privacy;
  • lack proper independent and transparent judicial oversight;
  • are no more than “fishing expeditions”; and/or
  • fail to respect internationally-recognised state sovereignty.

While such surveillance programs may be said to comply with the letter of the law or an interpretation that is maintained to allow such programs to exist, they run contrary to fundamental ethical principles regarding what is just and fair. If law can be made to allow such programs or if law cannot prevent it, a strong statement of internationally agreed ethical principles must fill the gap and curtail the practice.

It is time that data trawlers hang up their nets and learn handline fishing.

Let 2014 be the year that the global community unites to:

  • confine the ambit of data collection for national security purposes to those truly exceptional instances where the public interest objectively outweighs an individual’s right to privacy; and
  • agree a set of strong principles for ethical data handling in the national security community.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Privacy 16 October 2018

Senegal First African Country to Implement Recommendations of ‘Personal Data Protection Guidelines for Africa’

Last week, we have had a busy two days (11-12 October 2018) in Dakar participating in a multistakeholder workshop...

Encryption 16 March 2018

Rough Guide to IETF 101: Privacy, Identity, and Encryption

It’s that time again! In this post of the Rough Guide to IETF 101, I’ll take a quick look...

Blockchain 13 March 2018

Blockchain and Digital Identity – A Good Fit?

Every time you see “Login with Facebook” or “Login with Twitter” etc. on a website or use login credentials...