Privacy and data protection

Privacy and data protection

In the digital age, data plays a huge role in our everyday lives. It’s present in lots of obvious ways. When we are shopping online for example and have to type in our name and address. But data collection can also be less visible. Take data brokers, for example. You’ve probably never heard of them, but these businesses specialise in creating in depth profiles of individuals for advertisers. A single profile may draw on up to 1,500 data points. This can include a person’s sexuality, browsing history, political affiliation, and even medical records. One US based data broker, Acxiom, claims to have files on 10% of the world’s population. It’s not just businesses of course. In
2013, Edward Snowden uncovered a vast regime of mass government surveillance programmes, opening a global conversation which is still unfolding today. In this video, we’ll take a closer look at this debate, focusing on the related but distinct concepts of privacy and data protection. By the end you should have a clear idea of: how these issues differ and overlap; how both are affected by the digital age; and how you can engage with companies and governments to protect and strengthen these rights. So what are we talking about when we say
privacy and data protection? Let’s take privacy first. Article 12 of the Universal Declaration
of Human Rights treats privacy as a distinct human right. It says that: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence… Everyone has the right to the protection
of the law against such interference or attacks” This is simple enough. Agreeing on what
privacy actually means here has proved harder. Depending on the context, it can mean the right to freedom of thought in conscience, the right to be left alone, the right to control one’s own body the right to protect your reputation, the right to a family life, or the right to a sexuality of your own definition. There are other ambiguities. In legal
terms, privacy isn’t an absolute right. This means it can be restricted for
certain reasons – for example, to protect national security or Public Safety. Or if it conflicts with other rights,
like the right to free expression. An example could be a public figure invoking privacy to avoid disclosing their financial records. And what about data protection? Contrary to popular belief it is not the same thing as privacy. Privacy is a broad concept, referring to
the conditions which enable a basic foundation of human dignity and autonomy. Data protection is more specific. It’s concerned with the ways third parties handle the information they hold about us – how it is collected, processed, shared, stored, and used. In other words, privacy is the big picture – and data protection is one corner of it. Like privacy, data protection is also
subject to limits – for example, when a warrant is obtained allowing law enforcement to access the phone records of a suspect. And while data protection is in some
ways more clearly defined than privacy, how it is applied legally can still vary greatly depending on which country you’re in. The digital age has created new ways to
collect, access, analyse and use data, often across multiple borders and jurisdictions. Unsurprisingly, this poses challenges for human rights. One challenge relates to the
way companies use our data. The internet’s business model depends on
people sharing their personal data in exchange for access to content, services
and social media platforms. While you might not pay anything upfront to go on Facebook, they still make money from you by
selling your personal information to advertisers. By clicking “agree” to terms of service, users technically consent to this model. But in practice, virtually no
one actually reads them. This is a problem because no one knows
what they’re really signing up to, which creates opportunities for misuse. Another challenge relates to the
collection of personal data by governments. Technological developments now enable
governments to monitor our conversations, transactions, and the locations we visit. In some countries – including Russia, Brazil, Australia and South Korea – companies are legally required to store this data locally for long periods of
time, making it easier for governments to get information on their citizens. These measures are often introduced in
the name of fighting cybercrime and terrorism. But without adequate protections, this
data can easily be abused to target dissidents and activists – undermining freedom of expression and the rights to association and assembly. And these are just the technologies we have now. Emerging technologies – like the Internet of Things, wearables, and artificial intelligence – are likely to pose new challenges to human rights. As human rights defenders we need to be prepared for these. There are many bodies and forums where privacy and data protection issues are discussed and defined: National and regional courts have a crucial role here. The European Court of Human Rights, for
example, has imposed limits on ‘stop and search’ practices by the police, and on the amount of time data can be legally retained. At the national level, it’s common to find a specific public body responsible for privacy and data protection. This can be a specialist post or an ombudsman. But the extent to which privacy is defined and protected varies greatly between different jurisdictions. For example, there is no clear right to privacy in the African Charter on Human and People’s Rights (ACHPR). However, there are mechanisms at the
international level. Following a UN resolution on the right
privacy in the digital age, the Human Rights Council has established
a new Special Rapporteur for Privacy. And various internet policy forums, like the
Internet Governance Forum (IGF), the Council of Europe, the Organisation for Economic
Cooperation and Development, and conferences, like HOPE and CyFy, also contribute to shaping the scope of privacy in the digital age. And finally, we have companies. The decisions of companies can also have a huge impact on data protection and privacy rights. For example, by building end-to-end encryption into their software, as WhatsApp did in early 2016. Let’s look at two examples of privacy
and data protection in the real world. First, let’s look at the Apple vs. FBI case. After the 2016 terrorist attacks in the US city of San Bernardino, the FBI asked apple for the information stored on the iPhone of one of the suspects. However, Apple’s operating system is
encrypted and only accessible through a pin code. The FBI asked Apple to modify the system
to let them in. Apple refused – opening alively debate on the right to privacy versus security needs. The case was almost taken to court – but in the end the FBI found a vulnerability to crack the phone. In privacy terms, this was a legal setback. If the case had gone to court, it could
have helped popularise the risks of weakening encryption for society, and establish what constitutes a legitimate limitation on privacy by the state. Next, let’s look at surveillance in Kenya. In Kenya, a combination of invasive
surveillance measures and a lack of adequate data protection facilitated a
crackdown on civil society in 2013, which was documented by Peace Brigades International. Many human rights defenders had their offices raided, computers hacked and phones tapped by the government. One of the ways human rights defenders
have been fighting back is by pushing for the ratification of Kenya’s first data protection law, long-stalled in Parliament. If implemented properly, this could limit
the worst excesses of state surveillance. Kenya is by no means the only country to bring in surveillance legislation justified by security concerns. But this example is a good demonstration of how seemingly abstract restrictions on online privacy can have physical consequences in the offline world. So what can human rights defenders do to
protect and strengthen privacy and data protection? An easy first step is taking digital
security measures yourself. This can be as simple as using encryption and anonymity tools, and encouraging your friends to do the same. Human rights defenders can also advocate for alternative digital business models, which aren’t based on the extraction and sale of data. Economic pressure on the
existing model is already growing. For example, over the last few years, the number of users using adblock software globally has exploded. There is evidence that this is already pushing companies to less invasive advertising practices. Engagement in debates at the national
and regional level is, of course, crucial. Where privacy protections are weak, human rights defenders need to actively advocate for stronger ones. And even where they are stronger, we need to make sure legislation is
keeping up with new technological developments – like the Internet of Things. Ultimately, if we want things to change,
human rights defenders need to make these issues accessible and relatable by being more creative about the way we talk about them. When people see how data protection and
privacy affects them on a day-to-day basis, they may be more inclined to engage with
these concepts. In the next video we’ll be taking a closer look at freedom of expression, association and peaceful assembly.

25 Replies to “Privacy and data protection”

  1. Great video! It is important to understand the importance of privacy. I sometimes feel bullied into sharing more information than I would like to simply because there's no way to argue with the Terms & Conditions…

  2. A good reminder that data protection stems from, as a fundamental right to a private life granted in, the human rights convention.

  3. Yeah, they do know everything about us. But you might be able to be in control of your data on the Internet by using hybrid between blockchain technology (decentralized public ledger) and classic very fast database. Check out our story if you'd like:

  4. What a helpful video! I am actually from Germany and my english is not that good, but even though this video was quite good to understand for me.👍🏻

  5. I've heard that blockchain technology can give us some kind of solution to this problem. I think I've found a solution I've been looking for – . Check it out and tell me if you think so too!

  6. We have a Data Protection/GDPR video with captions in 17 different languages. If you'd like to see it, click on our logo to visit our channel and look for Data Protection Today.

  7. The Right To Privacy And The Right To Be Left Alone And All Rights And Freedom Laws Makes All The Since To The Greatest Intelligence In The Universe AGFEI And Others Because If Flesh Beings And Intelligences Was Able To Get In Trouble And Get Penalized For Things That Is Totally Not Their Faults, For Some Of Their Haters Doing Things To Them, For Things That They Didn't Do, For The Individuals Doing Things In Privacy And In Discreet Obviously They Don't Want To Be Seen And Others Harassing Them And Getting Them Harassed On Purpose Against Their Will And Against Their Permission And Against Their Knowledge That's Not The Individuals Faults For Them Wanting To Be Alone And Something Stocking The Individuals Who Wants To Be In Privacy. The Truth Is Their Actually Wouldn't Be Any Intelligences In The 7th Heaven Before Humans And After Humans, Their Wouldn't Be No Rules And Regulations So All The Haters Would Wipe Out What Ever They Want Without Rules Laws And Regulations! Always Fight For And Support Rights Rules Laws And Regulations Humanity&Earth And The 7th Heaven etc. There's No Future Without Them:

  8. How on earth can this be protecting my privacy when everyone I speak to I have to give them all my details? Is there something I'm missing?

  9. benchood ptcl…i am in pakistan …why is my data shred with westerners…when i am in a western country….it should be the same…wat the fk is wrong with u….pppl????

  10. Data collect and privacy are very serious issue in our modern world. There are very dirty websites collecting lots of data. You are required to submit that data or you can't use the website. Privacy means nobody has access to your information including the government.

  11. Majority of the educators in the US are familiar with the federal student data privacy laws such as the Family Education Rights and Privacy Act (FERPA) that is overseen by the United States Department of Education. Notably, modern education institutions are adopting advanced technologies like cloud service providers that help in managing homework assignments and education-related data. Additionally, in protecting student privacy rights in higher education, it will not only require you to understand the federal laws, but you will also need to know the relevant state privacy laws.

    Anyways, read the below. This might help.


    Sourav Basak

    Namaste UI

Leave a Reply

Your email address will not be published. Required fields are marked *