Privacy 28 July 2014

Online Surveillance: Collection is an Interference with Privacy

By Christine RunnegarSenior Director, Internet Trust

The much awaited report of the Office of the United Nations High Commissioner for Human Rights on the right to privacy in the digital age was released last week. Hopefully, this will finally put an end to the arguments that privacy only becomes a concern at the point of use. As the report states:

Even the mere possibility of communications information being captured creates an interference with privacy, with a potential chilling effect on rights, including those to free expression and association.

And, when it comes to the issue of mandatory data retention, the starting point is that it “appears neither necessary nor proportionate”. (So, while not ruling out the possibility that, in some circumstances, a data retention law may be both necessary and proportionate, the report makes it clear that OHCHR is not convinced that this is indeed the case with existing surveillance programs.)

The report goes on to emphasize that interference with individuals’ rights is only permitted under international law if it is neither arbitrary nor unlawful. This requires at a minimum:

  • legality (sufficiently accessible, clear, precise, safeguards);
  • necessary for a legitimate objective;
  • “some chance of” achieving the objective; and
  • proportionate and the least intrusive means.

Furthermore, the essence of individuals’ rights must not be rendered meaningless.

Moreover, these principles apply regardless of the nationality or location of the individuals subject to surveillance. Significantly,

Mass or “bulk” surveillance programmes may … be deemed to be arbitrary, even if they serve a legitimate aim and have been adopted on the basis of an accessible legal regime

if they are, for example, not necessary or proportionate.

The principles and conclusions outlined in the report should come as no surprise as they are inherent in international law and obligations. However, what recent events have demonstrated is that that concepts such as “necessary”, “proportionate” and “reasonable” used to determine whether an exemption or lower level of protection is justified need to be revisited. Further, the standard that the international community should apply is not one of strict legality, but rather what is legitimate, just and fair.

The Internet Society will be following the progress of this report closely as it is presented to the United Nations Human Rights Council at its 27th session and to the General Assembly at its 69th session.

You can download the Internet Society’s submission to the OHCHR consultation for this report at:

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

10 March 2021

Internet Society Joins Leading Internet Advocates to Call on ISPs to Commit to Basic User Privacy Protections

Mozilla, the Electronic Frontier Foundation, and the Internet Society call on AT&T, T-Mobile, and Verizon to commit to limiting...

Strengthening the Internet 22 February 2021

The Best and the Brightest Security and Privacy Experts Are Gathering Virtually at NDSS 2021

NDSS 2021 will be one of the biggest NDSS symposia yet, featuring two keynotes, 90 peer-reviewed academic papers, six...

Building Trust 28 January 2020

This Data Privacy Day It’s the Little Things That Count

Today we’re celebrating Data Privacy Day, which is all about empowering people and organizations to respect privacy, safeguard data,...