User:Sarah GM/Privacy, free expression, and transparency

Privacy, freedom of expression and transparency are essential human rights to the digital age. Online, these rights "interplay and enable a safe and universal Internet ecosystem".^[1] These rights also face challenges such as privacy invasion, mass surveillance, filtering or blocking.

The proliferation of the Internet increasingly facilitates the connection and communication between individuals and the rest of the world. It has also been reorganizing aspects of human life in an unprecedented manner. The unique characteristics of technology— e.g. connectivity, openness, resilience and speed—have propelled the Internet to a dual status technology that differs significantly from other interactive communications media (like the telephone) and passive recipient communication media (like radio and TV), making it both a principal communicating medium and a distinctive and extended life sphere that embraces a wide range of human activities and interactions, old or new. The Internet remains a fragmented space where to apply international human rights.^[1]

Challenges

The “death of privacy” in the 21st century was first predicted in 2001, inspired by accelerations in the development of technology.^[2] The predominating threats to individual privacy since 2010 have gradually shifted from the offline, physical world to an online, virtual world, and the center of privacy protection has accordingly moved from physical to informational privacy,^[3] in the context of digitization and connectivity. Threats to privacy, like the corresponding benefits, can be witnessed at different levels, including the individual, societal, national, and international levels.^[1]

At individual level

At individual level, privacy is challenged by a multitude of technological innovations: CCTV and video cameras, microphones, thermal sensors, surveillance satellites, drones, smart electricity meters, smart TVs, wearable devices, built-in RFID chips, and the proliferation of biometric technologies including those involving the collection, storage and processing of genetic sequence data, and of the data involved in fingerprint-, facial-, iris-, speech- and gait-recognition used for the identification of human beings for different purposes. The dataization of life can protect aspects of private lives, such as religious, political and sexual orientation, which formerly could only be expressed in a relatively public manner. It may also enable new intrusions and exposures. The United States Supreme Court considers that personal data stored in a smartphone contains "…a broad array of private information never found in a home in any form—unless the phone is [there]…" The Supreme Court goes on to state that smartphones are "…in fact minicomputers that also happen to have the capacity to be used as a telephone…" and that such computer systems "…can be called cameras, video players, Rolodex, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers…".^[4] Mounting online threats include hacking, identity theft, fraud, phishing, pharming, spoofing, profiling, spyware, tracking cookies, online witch hunting, bullying and stalking, which may involve a wide range of actions, including the unwanted disclosure of a user’s personal information (sometimes known as “doxing”). Individuals can also be privacy invaders when they master new Information and Communication Technologies to collect information from the Internet or to gain illegal access to private information. As Zittrain noted in 2008, the Internet “enables individuals in many cases to compromise privacy more thoroughly than government and commercial institutions traditionally targeted for scrutiny and regulation”.^[5]

At corporate level

Private Information and Communication Technologies companies can misuse personal data that they collect in their daily business for economic benefits, exploiting the increasing value of data as a currency of the information economy.^[6] The collection and processing of personal data are now key to some companies’ business models, to the point that some models involve the collection of private information either as a core part of the business or as a means to enhance efficiency, convenience and quality of service.^[7][8] Traditional business enterprises and other entities often do not have adequate controls to protect their consumers’ personal data from external threats—e.g. as emerging from external hackers and from internal employees—especially when lacking necessary technical and financial means.^[1]

Information security breaches are reported on a regular basis in relation to customer and citizen data held by corporations and States. Shopacheck, a loan firm in the United Kingdom, lost sensitive financial information pertaining to 1.4 million customers after two back-up tapes went missing in 2012.^[9] Commercial entities holding personal data may invade the data subjects’ privacy by the unauthorized sale of the data to other companies or actors. The misuse of medical records and data, leading to unfair treatment of patients and additional data breaches, especially when Binding Corporate Rules (BCRs) are used, and data anonymity and pseudonymity do not provide sufficient anonymization due to increasing capabilities to de-anonymise data based on available information.^[10] In 2013, the United Nations Special Rapporteur for Freedom of Expression and Opinion criticized the compliance by companies with State requirements in the design of digital networks and communications infrastructures, in particular "those that enable, support or do not counter illegitimate intrusions by State, developing and deploying new technologies and communications tools in specific ways and being complicit in developing technologies that enable mass or invasive surveillance in contravention of existing human rights standards".^[11]

At State level

Privacy invasions are conducted either by Law Enforcement Agencies (LEAs) or by intelligence services in the name of national security and public order. In the digital age, State authorities across the globe have been equipped with the most recent IT technologies, enabling them to monitor and conduct surveillance over individual citizens.^[12] Privacy can be legitimately limited for national security reasons but only when the criteria of legality, necessity and proportionality are fulfilled, as prescribed by the standards of the International Covenant on Civil and Political Rights.^[1]

In the context of the expanding adoption of e-governance, State authorities may be one of the biggest data hosts and controllers, handling large amounts of personal data.^[1] This is prone to challenges on the national cybersecurity and States may have unfiltered authority to access all sorts of personal data.^[13]

After the 9/11 attacks in the United States, urgent anti-terrorism needs are successfully employed as arguments to justify massive interceptions of private communications and online activities. Jonida Milaj and Jeanne P. Mifsud Bonnici (2014) consider that mass surveillance is not only a big threat to the privacy and dignity of ordinary individuals,^[14] but it can also become, in the long run, a potential source of weakness for State authorities themselves by diminishing trust and credibility.^[1]

At the international level

Some threats to individual privacy emerge from cross-nation online privacy breaches and invasions orchestrated by cyber criminals, such as cross-border online frauds, phishing, stalking and harassment, as regularly reported for causing a wide range of losses, including individual monetary losses and the loss of human lives.^[15] When national interests are involved, whether these are of a military, political or economic nature, in addition to conflicts of laws and jurisdictions relating to the increasing cross-border data transfers, challenges emerge from the widespread practices of State espionage and large-scale data breaches that are supposedly conducted by national States enjoying technology advantages. The breach of Sony Pictures Entertainment entailed the online publication of documents containing personal information about Sony’s employees.^[16] In this context, privacy protection is related to data security which falls within the public security responsibilities of the State, but the ties are more complex when the breached infrastructure is private rather than public.^[1]

Online privacy

Definition and characteristics

‘Privacy’ may be defined as the presumption that individuals should have an area of autonomous development, interaction and liberty, a “private sphere” without interactions from others, free from State intervention and from excessive unsolicited intervention by other uninvited individuals.^[17] Despite the ubiquity of the notion of, and the need for privacy, there is no universal definition for it.^[18] The multiple ideas and conceptions conveyed can be approached from three interdependent clusters.^[19] The first cluster concerns physical space, which refers to the extent to which an individual’s physical space is protected from undesired invasion. The second cluster concerns making a choice, referring to an individual’s ability to make certain significant decisions without external interference; i.e. to personal autonomy. The third cluster concerns ‘information privacy’, or the flow of personal information, and refers to an individual’s control over the processing of personal information, including acquisition, disclosure, and use in different forms and for different purposes. In this third sense, the right to privacy refers to the ability of individuals to determine who has information about them and how that information is used.^[20] The right to privacy complements other rights and freedoms, including freedom of expression, association and belief.^[21] Privacy is unequivocally recognized as an important human right, at both the international and regional levels but the content of this right has not been fully developed by international mechanisms for the protection of human rights^[22].

Data Protection Mechanisms

Data protection laws are designed to protect personal information that is either intended to be part of a filing system or collected, processed and stored by “automated” means.^[23] Personal information includes data attributed to an individual, such as home address, telephone number, and social security number that might be used to identify the individual,^[24] as well as personal data that is generated on a sporadic basis—such as medical data, credit card purchases, phone calls—which may be used to track the subject’s activities.^[25] Personally Identifiable Information (PII) refers to any information, be it stored online or offline, that identifies a person, or information that is not publicly accessible and purely statistical, or information that is certain types of data defined by law as PII.^[26] A closely related concept is ‘sensitive personal data’ which refers to personal data revealing racial categorization or ethnic origin, political opinions, religious or other philosophical beliefs, criminal convictions, trade union membership, and personal data concerning health or sexual life.^[27] Data protection rules are applied to the limited context of automated data processing or the processing of structured data sets, in contrast to privacy protection rules which can be applied to any information of a person. Data protection rules do not typically recognize a general public interest override, as witnessed in the European Union Directive 95/46/EC with specific exceptions for data processing and data transfer, and limited scope of exemptions allowed to be made by Member States.^[28]

Privacy Protection Mechanisms

International law

In international law, the core privacy principle can be found in Article 12 of the Universal Declaration of Human Rights, and the right to privacy was given formal legal protection in Article 17 of the International Covenant on Civil and Political Rights. The United Nations Human Rights Committee (HRC) states—in General Comment No. 16 on Article 17 of the International Covenant on Civil and Political Rrights — that the right to privacy circumscribes the right to protection "…against all such interferences and attacks whether they emanate from State authorities or from natural or legal persons…"^[29] UNESCO has reaffirmed, through the Connecting the Dots conference Outcome Document^[30] endorsed by its 38th General Conference in November 2015, that the right to privacy applies and should be respected online and offline in accordance with Article 12 of the Universal Declaration of Human Rights and Article 17 of the International Covenant of Political Rights. The Organization supports the efforts related to the United Nations General Assembly Resolution A/RES/69/166 of December 2014 on the Right to Privacy in the Digital Age, and supports best practices and efforts made by Member States and other stakeholders to address concerns on the Internet.^[1]

Council of Europe

The European Convention on Human Rights (ECHR), in Article 8, provides that everyone has the right to respect for a private and family life, a home and correspondence. The European Court of Human Rights (ECtHR) has tried to clarify the scope of the ECHR’s privacy protection, government actions for potential privacy breach and further features of the right.^[31] The Council of Europe (CoE) adopted the ‘Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data’—i.e. Convention 108—which entered into force in 1985.^[32]

European Union

The adoption of the Lisbon Treaty in late 2009 provided a strong legal ground for the development of a “clear and effective” data protection system.^[33] Through a number of amendments of the Treaty, the Charter of Fundamental Rights of the European Union became legally binding,^[34] the Union acceded to the European Convention of Human Rights,^[35] and the fundamental rights guaranteed by the European Convention on Human Rights became binding principles of the Union law.^[36]

Other regional frameworks

• The African Charter on Human and Peoples’ Rights (ACHR) does not contain elaborated protection for privacy. The relevant provisions of the ACHR state the following: “…No one may be the object of arbitrary or abusive interference with his private life, his family, his home, or his correspondence, or of unlawful attacks on his honor or reputation. Everyone has the right to the protection of the law against such interference or attacks”.^[37]
• Article 11 of the American Convention on Human Rights prescribes that: “Everyone has the right to have his honor respected and his dignity recognized. No one may be the object of arbitrary or abusive interference with his private life, his family, his home or his correspondence, or of unlawful attacks on his honor or reputation. Everyone has the right to the protection of the law against such interference or attacks”.^[38]
• The main Asia-Pacific Economic Cooperation (APEC) rules on privacy can be found in the APEC Privacy Framework, which addresses the need to preserve consumer trust in order to advance economic benefits from electronic commerce. It also acknowledges the need to grant countries flexibility regarding the implementation. The key principles in the framework resemble the UN Guidelines, OECD and European standards. However, as opposed to the European standards, the Framework contains a particular degree of flexibility.^[39]

Alternative instruments

Other legal instruments include a law of confidentialities in different professions including, amongst others, medical service, legal services, consulting services, banking services, and journalism.^[40] Various instruments can be used as privacy mechanisms, such as self-regulation, co-regulation, market mechanisms for privacy protection, user empowerment measures, nudging mechanisms and professional ethics.

Online freedom of expression

Definition and Characteristics

The term ‘freedom of expression’ has been widely used and conceptualized by various groups, including scholars, politicians, activists, and laypersons.^[41] Freedom of opinion and expression is protected under Article 19 of the International Covenant on Civil and Political Rights. It includes the protection of the right to hold opinions without interference, as well as the right to change an opinion whenever and for any reasons a person so freely chooses.^[42][43] Freedom of opinion and expression is taken as embracing the right of access to information held by public bodies regardless of the form in which the information is stored, its source or the date of production.^[44]

The United Nations Special Rapporteur on the promotion of freedom of opinion and expression has reiterated that States have a positive obligation to facilitate the enjoyment of the right to freedom of expression and the means necessary to exercise the right, which include the Internet.^[45] The Human Rights Committee has underscored that States Parties should take all necessary steps to promote the independence of new media and guarantee access to it to all individuals.^[46] The Special Rapporteur highlighted that both Article 19 of the Universal Declaration of Human Rights and Article 19 of the International Covenant on Civil and Political Rights were drafted with forethought to comprise and adapt to future technological developments through which individuals could exercise their right to freedom of expression.^[47] He concluded: “the framework of international human rights law remains relevant today and equally applicable to new communication technologies such as the Internet”.^[48] The United Nations Human Rights Council adopted a landmark resolution in 2012 affirming “the same rights that people have offline must also be protected online”.^[49] In the digital age, Information and Communication Technologies and since the Internet has become a crucial and cheap medium for communicating news to a global audience, most of the offline media have developed online alternatives^[50].

Protection Mechanisms

International law

The most authoritative concept in relation to freedom of expression is prescribed by Article 19 of the Universal Declaration of Human Rights and Article 19 of the International Covenant on Civil and Political Rights (ICCPR). The former contains the first and most widely recognized statement on the right to freedom of expression,^[51] stating that everyone has the right to freedom of opinion and expression, including freedom to hold opinions without interference and to seek, receive and impact information and ideas through any media and despite the frontiers. The Universal Declaration of Human Rights is a recommendatory resolution adopted by the United Nations General Assembly that, due to time and universal acceptance, has gained the status of customary international law.^[52]

Regional law framework

• Article 11 of the Charter of Fundamental Rights of the European Union defines the right to freedom of expression as including the freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers. It also affirms that everyone has the right to freedom of expression and that the freedom and pluralism of the media shall be respected.^[53] Article 11 of the EU Charter corresponds to Article 10 of the European Convention on Human Rights (ECHR). However, the latter does not prevent States from requiring the licensing of broadcasting or television.^[54]
• The American Convention on Human Rights—Pact of San Jose, Costa Rica— introduces the right to freedom of thought and expression in Article 13, which in Paragraph 2 states that the exercise of the right shall not be subject to prior censorship but shall be subject to subsequent imposition of liability.^[55]
• The African Charter on Human and Peoples’ Rights introduces the right to express and disseminate opinions within the law by Article 9 Paragraph 2. The Declaration of Principles on Freedom of Expression in Africa reaffirms in its Preamble the right to receive information and the right to free expression, protected by Article 9 of the African Charter on Human and People’s Rights. Article 1 of the Declaration guarantees the freedom of expression and information, including “the right to seek, receive and impart information and ideas, either orally, in writing or in print, in the form of art, or through any other form of communication, including across the frontiers”.^[56]

National law framework

All Member States of the European Union have constitutional protections for freedom of opinion and expression, as they have implemented the main provisions of the Treaty on the European Union, the Treaty on the Functioning of the European Union, and the Charter of Fundamental Rights of the European Union.^[57]

In the United States, the protection granted by the First Amendment and the related case law have gradually established one of the world’s strongest freedom of expression protection mechanisms, securing a wide range of speeches and speech actions. The mechanism includes several common law exceptions, relating to obscenity,^[58] defamation,^[59] incitement,^[60] incitement to riot or imminent lawless action,^[61] fighting words,^[62] fraud, speech covered by copyright, and speech integral to criminal conduct. The United States ratified the International Covenant on Civil and Political Rights (ICCPR) in 1992. After ratification, the ICCPR became the “supreme law of the land” under the Supremacy Clause of the United States Constitution, which gives acceded treaties the status of federal law.^[63]

Countries in Latin America and the Caribbean provide constitutional guarantees or laws that protect freedom of expression as a fundamental right, though cases of prior censorship have been frequent.^[64] Asia and the Pacific have been in the process of aligning with international standards of freedom of expression.^[65] The national constitutions of 47 African countries contain a guarantee of the right to freedom of expression.^[66]

Transparency and freedom of information

Definition and Context

Freedom of information (FOI) and transparency are closely related concepts with long traditions in human civilization, which can be interpreted differently, and which cover diverse ideas and practices in various political-societal contexts. Transparency is defined as an overarching concept and value that is a desired result that emerges from the exercising of the right to freedom of expression and information and enables enhanced free flows of information and thereby contributes to "social goods like better governance, accountability and efficiency".^[67]

Transparency as a doctrine of governance covers a variety of characteristics, including:

1. decision-making in accordance to known and clearly established rather than ad hoc principles, guidelines, rules, processes and procedures;
2. methods of accounting or public reporting that clarify who gains from, and who pays for any public measures; and
3. governance that is intelligible and accessible to the general public.^[68]

There are multiple strains of ideas to be traced as partial forerunners for the modern concept of transparency, including:

1. the notion of administration by publicly known rules as one of the oldest ideas in political thought;
2. the doctrine of good society that social affairs more generally should be conducted with a high degree of frankness, openness and candor; and
3. the idea that the social world should be made knowable by methods analogous to those used in the natural sciences.^[69]

Since the twentieth century, transparency is found reflected in many doctrines of governance. At the international level, transparency doctrines are important in international governance concerning the way that States relate to one another and to inter- or supra-national bodies, including in diplomacy and the execution of arms control and disarmament treaties.^[70] The Paris COP21 agreement includes a transparency framework intended to prevent misreporting of nationally determined contributions to combating greenhouse gases.^[71]

Since late 1990s, the invention and global diffusion of the Internet and Information and Communication Technologies (ICTs) have made great impacts on Freedom of Information, transparency and openness. The Internet has gradually become a central, prevailing medium for many individuals to disseminate expression, and to access all kinds of information.^[72] Governments have increasingly used novel ICTs—e.g. social media—as an efficient means to curtail corruption, promote openness and transparency, and improve e-governance and e-democracy.^[73]

Protection Mechanisms

International framework

In 2004, the United Nations Special Rapporteur on Freedom of Opinion and Expression co-issued a joint declaration with other rapporteurs, recognizing the right to access information as a fundamental human right based on the principle of maximum disclosure.^[74] In 2010, UNESCO marked the World Press Freedom Day by issuing the Brisbane Declaration, which called on national governments that had not already adopted access to information laws to do so “based on international standards and the principle of maximum disclosure”.^[75] The Finlandia Declaration at the UNESCO World Press Freedom Day conference in 2016, amplifies these messages.^[76]

The United Nations Human Rights Committee (HRC) reviews and comments on the regular reports that States provide to the HRC to implement the ICCPR obligations. It also hears individual complaints about human rights violations from States that have ratified the First Optional Protocol to the ICCPR.^[77] In 2011, the HRC published General Comment No. 34 with an authoritative interpretation of the freedom of opinion and expression guaranteed by the ICCPR, expressly acknowledging that Article 19 embraces a general right of access to information held by public bodies.^[78][79][80]

In 1998, the UN Economic Commission for Europe adopted the Aarhus Convention on Access to Information, Public Participation in Decision-making and Access to Justice in Environmental Matters. The Convention establishes a number of rights of the public with regard to the environment,^[81] including the right of everyone to receive environmental information held by public authorities, which can include information on the state of the environment and on policies or measures taken, or on the state of human health and safety where this can be affected by the state of the environment.^[82] In Article 13 of ZZ, the Convention against Corruption, which was adopted by the General Assembly Resolution 58/4 in 2003,^[83] prescribed that participation should be strengthened by measures such as ensuring that the public has effective access to information.^[84]

Regional law framework

Council of Europe

In 2008, the Convention on Access to Official Documents and its Explanatory Report were adopted. This first multilateral treaty affirms and articulates an enforceable general right to information that can be exercised by all persons without demonstrating a particular interest in the information requested.^[85] The Recommendation Rec (2002) 2 on Access to Official Documents includes general principles on access to official documents.^[86] It recommends that Member States guarantee the right of everyone to have access, upon request, to official documents held by public authorities, and highlights that such principle should apply without discrimination on any ground, including national origin.^[87]

European Union

Article 42 of the Charter of Fundamental Rights of the European Union and Article 15 of the Treaty on the Functioning of the European Union (TFEU) give “any citizen of the Union, and any natural or legal person residing or having its registered office in a Member State, […] a right of access to documents of the institutions, bodies, offices and agencies of the Union, whatever their medium”^[88]

The Commonwealth of Nations

In 1980, the Law Ministers of the Commonwealth stated that: “public participation in the democratic and governmental process was at its most meaningful when citizens had adequate access to official information”.^[89] In 1991, the Commonwealth adopted the Harare Commonwealth Declaration and ensured each individual’s democratic right to participate in framing his or her society.^[90]

The African Region

Article 9 of The African Charter on Human and People’s Rights, which was adopted in 1981, provides that every individual shall have the right to receive information.^[91] Article 2 of the Charter emphasizes the importance to promote the establishment of the necessary conditions to foster citizen participation, transparency, access to information, freedom of the press, as well as accountability in the management of public affairs. Article 6 of the African Charter on Values and Principles of Public Service and Administration protects the right of access to information held by public service and administration regarding procedures and formalities pertaining to public service delivery.^[92] Article 9 of the African Convention on Preventing and Combating Corruption demands that each party adopts legislative and other measures to give effect to the right of access to any information required to fight against corruption and related offenses.^[93] Article 1 of the Declaration of Principles on Freedom of Expression in Africa states that freedom of expression and information—which includes the right to seek, receive and impart ideas—is a fundamental and inalienable human right and an indispensable component of democracy.^[94] The Model Law on Access to Information for Africa provides specific guidelines of forms and contents of such legislation.^[95]

The American Region

The General Assembly resolution AG/RES. 2516 of the Organization of American States (OAS) demanded the preparation of the Model Inter-American Law on Access to Information.^[96] It provides Member States with the legal foundation to guarantee the right to access to information.^[97]

National law framework

National laws vary with respect to the rules to be adopted in processing requests for information.^[98] Nearly all laws provide time limits for responses to requests for information, which range from 7 to 30 days.^[31] The laws usually require public bodies to give written notice of responses to requests of information. Many countries allow applicants to select from a range of forms of access, including: personal inspection of the document in question, transcripts, electronic copies, photocopies, and official copies.^[99]

Interdependence

Privacy and freedom of expression

Mutual support

Eric Barendt (2007), considers the relationship between the rights to privacy and to freedom of expression to be "a complex one".^[100] The right to privacy is also considered by Special Rapporteur Frank La Rue as "an essential requirement for the realization of the right to freedom of expression", as privacy protection plays a role in the creation of the content required for adequate exercising of the rights to freedom of opinion and expression.^[101] Respect for privacy of communications is a prerequisite for trust by those engaging in communicative activities, which is successively a pre-condition for the exercise of the right to freedom of expression.^[102] Restrictions on the extent to which offline and online communications may remain anonymous can have an evident chilling effect on victims of all forms of violence and abuse, including by contributing to the fear of double victimization that discourages the reporting of such violence and abuse.^[103] Encryption and anonymization technologies appear as an alternative to Frank La Rue^[104] and is recognized in the UNESCO CONNECTing the Dots outcome document^[105].

Conflicts and digital intensification

In four general types of circumstances, an individual’s right to privacy conflicts with other individuals’ or legal persons’ right to freedom of speech.

• An individual’s privacy can be invaded, even if the exercise of freedom of expression and other related rights does not concern the person directly. This may happen where the mere dissemination of information may lead to the invasion of the solitude or seclusion (and therefore the private sphere) of the individual in an online context.^[106]
• The second circumstance refers to SPAM (i.e. unsolicited) e-mails, messages, leaflets and similar materials received against the will of the recipient—e.g. in the absence of a subscription by the recipient—even if such communications would be clearly and truthfully framed as of a commercial nature. While such communications would in some senses operationalize the senders’ right to freedom of expression, they also constitute intrusions into the recipient’s private sphere. anti-spam laws in many countries— including in the EU and the U.S.—offer opt-in and/or opt-out choices.^[107]
• The exercise of the right to freedom of assembly can impact on others’ right to privacy in both online and offline contexts.^[108] Online protests or assemblies may take different forms targeting privately owned Internet spheres, like the widespread DDoS attacks (that are criminalized by Convention 185);^[109] organized spamming in comment forums to protest online content; and organized spamming emails against some particular individuals.
• Conflict may also occur between individuals. Someones right to freedom of expression can conflict with another persons right to privacy.^[110]

Privacy and transparency

Transparency refers to a cluster of related ideas and concepts such as governmental and organizational action in the open, the availability of information, and accuracy and clarity of the information.^[111] According to Schauer, it can be understood in a passive or a negative attribute rather than an activity, like speaking or writing, or a power, referring more to availability and accessibility.^[112] Some people argue for personal transparency and urge the acceptance of the idea of “zero privacy” in the digital age, or the notion of “personal transparency”. The idea is that transparency is not just an opportunity for institutions to generate trust and be more effective, but also one for individuals to do the same.^[113] The conflict between privacy and transparency can lie in the potential threats to privacy from the access to personal information or personal data held by public bodies or other institutions with public functions.^[114]

Information held by public bodies—like information or data of the same nature held by private sector performing public functionalities in the digital age—may concern the privacy of other people who should be protected against potential privacy harm. Accessing and publicly disclosing others’ personal data already openly available to the public, in hands of public bodies, may still constitute potential privacy invasion.^[115]

Transparency and freedom of expression

Transparency as a political end can be achieved by protecting and granting access to, and proactive disclosure of, desired information by the general public, for instance, by legal instruments protecting the right of freedom of information.^[116] Transparency concerns the accessibility of desired information from the side of information or data controllers, and relates to the availability and usability of such information when requested. Freedom of expression and freedom of information refers to individuals as the subjects disseminating and accessing information for desired purposes. Freedom of expression and freedom of information are positive entitlements, while transparency is rather the desired open state in information flow.^[117]

Balancing rights in practice

The Google Spain Case

Google Spain is a landmark case in the European Union that has achieved global influence due to the importance of the legal issue it addresses, and the judicial influences of the Court of Justice of the European Union (CJEU).^[118] The new boundaries set by the CJEU may be characterised more generically by:

1. the reshaping or extension of the duties and legal status of search engine providers like Google in EU jurisdictions;
2. the exterritorial jurisdiction capacity of EU courts;
3. the right of the plaintiff to protect his/her own data privacy in claiming a ‘right to be forgotten’ or more accurately a ‘right to de-listing’; and
4. the balancing of the right to privacy with other rights.

Public figures

According to the Gertz doctrine^[119] public figures include three categories of persons: a) public officials; b) those voluntarily playing prominent roles in specific public controversies; and c) all-purpose public figures. The terms representing the first two categories are self-explanatory. The third category—i.e. ‘all-purpose pubic figures’—refers to those whose names are a household word, normally having prominent positions, persuasive power and influence. Additionally, similar to the second category, there are involuntary public figures who “simply [find themselves] at the center of important societal events” and could in certain circumstances “be thrust into the role of a public figure”.^[120]

Other jurisdictions adopt different, and at times substantially distinct, approaches to protecting freedom of expression. For instance, while Japanese law accepts the public figure doctrine, it limits the scope to a very small number of individuals who hold significantly prominent positions—e.g. top corporate executives and leading politicians—and thus are able to substantially affect society.^[121] In German law, public figures are clearly distinguished from private ones and organized in three categories, each granted a different type of protection: a) permanent public figures; b) celebrity public figures; and c) temporary public figures. The European Court of Human Rights (ECHR) refers to a public interest test involved, in combination with the distinction between public and private figures. It also considers the nature of the publicized information, such as: a) whether the information is of legitimate interest to the public;^[122] b) the formality and methodologies of the publication;^[123] c) the proportionality of the interference measures;^[124] d) the location of the published images; and e) the style of the expression.^[125] The Court has made several decisions relating to the balance between the right to freedom of expression and the right to privacy (closely related to reputation) in online contexts (including online publication), and it still strives to clarify new legal issues and to seek balances between the two rights.^[126][127]

Anti-terrorism legislations

A 2012 United Nations Office on Drugs and Crime report mentioned several uses of the Internet in terrorist activities, including as a propaganda tool, including for the incitement, recruitment and radicalization of individuals or groups of individuals; and as a means of cyberwarfare, including by enabling the financing, planning and execution of cyber-attacks.^[128] Counter-terrorism initiatives relating to the use of the Internet can influence the enjoyment of a range of human rights, including the rights to freedom of speech, freedom of association, privacy and fair trial.^[129] The collection and analysis of data and metadata for “potentially suspicious behaviour” is a frequently raised issue. The report issued by the United Nations Human Rights Council on the Right to Privacy in the Digital Age pointed out that: “It will not be enough that the measures are targeted to find certain needles in a haystack; the proper measure is the impact of the measures on the haystack, relative to the harm threatened”.^[130]

New regulations and policies

In the United States

In January 2014, the President of the United States called for an end to the NSA’s bulk surveillance on individuals.^[131] The United States government has also released a six-year-old report on the NSA’s once-secret programme, which involved the collection of information on American citizens’ calls and emails.^[132] On 7 May 2015, a federal appeals court in the US ruled, in a landmark decision, that the bulk collection of telephone metadata that had occurred was unlawful, clearing the way for a full legal challenge against the NSA.^[133] The US has also been considering to improve transparency by a truly uniform federal standard for the notification of breaches.^[134]

In Europe

In Europe, a United Kingdom tribunal ruled that the regime governing the sharing of electronic communications between Britain and the United States, which were intercepted in bulk, was unlawful until last year.^[135] The European Union parliament declared the mass surveillance in some Member States in cooperation with the NSA illegal.^[136] The Union has taken steps on privacy and data protection, by means of the European Court of Justice’s (ECJ) invalidating of data retention law,^[137] and clarified the house-hold exemption scope in CCTV use.^[138] Other efforts in this region include: a) the increased enforcement of European Union Data Protection Rules across the European Union; b) the revision of the Safe Harbour Program and debate around the “Privacy Shield” replacement; and c) the ECJ’s scrutinizing of the Passenger Name Records (PNR) exchange under EU’s data protection principles.^[139]

Other countries

The number of countries updating previous data protection laws or adopting new ones—i.e. including, amongst others, Singapore, Australia, Brazil (Data Privacy Bill & Marco Civil da Internet or the “Internet Law”), South Africa, Turkey and Chile—continued to grow throughout 2014.^[140]

United Nations institutions

The United Nations Human Rights Council too has made efforts to curtail mass surveillance and protect online privacy.^[141] A new Special Rapporteur was appointed in July 2015^[142] and a resolution was passed on the Right to Privacy in the digital age by the General Assembly, strongly affirming the core status of privacy in human freedom.^[143]

Private sector

Some private sector organisations have already taken initiatives against mass surveillance by publishing transparency reports that disclose information about requests they receive for access to personal data by United States - and EU-based national authorities. Some mobile companies—e.g. EE, O2 and Three—also took legal action against government agencies which made such requests. Others have rejected requests to cooperate, e.g. Apple’s refusal to compromise default end-to-end encryption within its device OS (operating system), leading to critiques from intelligence services agencies.^[144] Other companies—like Google, Microsoft and Apple—have started to build local data centers, to store their consumers’ data within the consumers’ own homeland jurisdictions, and thus follow local law and avoid further judicial conflicts; ultimately gaining consumer trust.^[1]

The Global Network Initiative (GNI) has published a report titled Data Beyond Borders: Mutual Legal Assistance in the Internet Age, which recommends that States collaborate in creating a secure electronic system that involves the use of multiple resources for the management of Mutual Legal Assistance (MLA) requests.^[145] The United State’s Digital Advertising Alliance (DAA), a consortium of the nation’s largest media and marketing associations, has established self-regulatory standards for online advertising, and was to commence enforcement of the Application of Self-Regulatory Principles to the Mobile Environment (DAA Mobile Guidance) on September 1, 2015.^[146]

Source

 This article incorporates text from a free content work. Licensed under CC BY SA 3.0 IGO (license statement/permission). Text taken from Privacy, free expression and transparency. Redefining their new boundaries in the digital age​, 140, Joseph A. Cannataci, Bo Zhao, Gemma Torres Vives, Shara Monteleone, Jeanne Mifsud Bonnici, Evgeni Moyakine, UNESCO. UNESCO.

References

1. Cannataci, Joseph A.; Torres Vives, Gemma; Monteleone, Shara; Mifsud Bonnici, Jeanne; Moyakine, Evgeni; Zhao, Bo (2016). Privacy, free expression and transparency. Redefining their new boundaries in the digital age (PDF). UNESCO. p. 140.
2. See among others Simson Garfinkel, (2001) Database Nation: The Death of Privacy in the 21st Century, Sebastopol: O’Reilly Media.
3. Physical privacy refers to the restricted access of others to our bodies, relationships and living spaces. See Keith Bauer, “Healthcare Ethics in the Information Age”, in Rocci Luppicini and Rebecca Adell, (2008) Handbook of Research on Technoethics, Hershey: Information Science Reference an imprint of IGI Global, p. 179. Information privacy refers to “the handling of ‘personal information’, that is, information about a particular person or information that can be used to identify a particular person”. See Australian Privacy Commissioner, “What Is Information Privacy and Why Do We Need to Protect It?”, August 1997, available at <http://www2.austlii.edu.au/itlaw/national_scheme/national-PART.html>.
4. United States Supreme Court, Riley v. California 573 U.S. (2014), paras. 21 and 17, available at <https://supreme.justia.com/cases/federal/us/573/13-132/>, accessed 17 May 2015
5. Jonathan L. Zittrain, (2008) The Future of the Internet--And How to Stop It,, New Haven and London: Yale University Press, p. 200.
6. “Personal data is the currency of today’s digital market”. See Viviane Reding, “The EU Data Protection Reform 2012: Making Europe the Standard Setter for Modern Data Protection Rules in the Digital Age”, Speech, 22 January 2012, available at <http://europa.eu/rapid/press-release_SPEECH-12-26_nl.htm>.
7. Toby Mendel et al., (2012) Global Survey on Internet Privacy and Freedom of Expression, UNESCO Series on Internet Freedom, Paris: UNESCO, p. 98, available at <http://www.unesco.org/new/en/communicationand-information/resources/publications-and-communication-materials/publications/full-list/globalsurvey-on-Internet-privacy-and-freedom-of-expression/>.
8. Molly Wood, “In the World of Big Data, Privacy Invasion Is the Business Model,” CNET, 29 February 2012, available at <http://www.cnet.com/news/in-the-world-of-big-data-privacy-invasion-is-the-businessmodel/>, accessed 7 April 2015.
9. Clinton Manning, “Shopacheck Loses Data on 1.4 Million Customers”, Mirror, available at <http://www.mirror.co.uk/money/city-news/shopacheck-loses-data-on-14-million-157430>, accessed 17 May 2015.
10. See in general “Data Protection in the EU: The Certainty of Uncertainty”, The Guardian, 5 June 2013, available at <http://www.theguardian.com/technology/blog/2013/jun/05/data-protection-eu-anonymous>, accessed 30 March 2015. Also see Paul Ohm, “Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization», (2010) UCLA Law Review, Vol. 57, p. 1701.
11. Office of the United Nations High Commissioner for Human Rights (OHCHR), Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, pp. 19-20, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
12. See, for example, the report of such activities carried by GCHQ in the UK. Privacy International, “Privacy International Challenges GCHQ’s Unlawful Hacking of Computers, Mobile Phones”, 13 May 2014, available at <https://www.privacyinternational.org/?q=node/471>, accessed 30 May 2015.
13. See in general Kate Crawford and Jason Schultz, “Big Data and Due Process: Toward a Framework to Redress Predictive Privacy Harms”, (2014) Boston College Law Review, Vol. 55, No. 1, p. 93.
14. In the sense that it violates the moral-legal principle of presumption of innocence. See Jonida Milaj and Jeanne P. Mifsud Bonnici, “Unwitting Subjects of Surveillance and the Presumption of Innocence”, (2014) Computer Law & Security Review, Vol. 30, No. 4, pp. 419-428.
15. See “Man Charged in Netherlands in Amanda Todd Suicide Case”, BBC News, accessed 8 May 2015, available at <http://www.bbc.com/news/world-europe-27076991>.
16. Kim Zetter, “Sony Got Hacked Hard: What We Know and Don’t Know So Far”, WIRED, 3 December 2014, available at <http://www.wired.com/2014/12/sony-hack-what-we-know/>.
17. Lord Lester of Herne Hill, Lord David Pannick and Javan Herberg (Eds.), (2009) Human Rights Law and Practice, Third Revised Edition, London: LexisNexis, para. 482.
18. Toby Mendel et al., (2012) Global Survey on Internet Privacy and Freedom of Expression, UNESCO Series on Internet Freedom, Paris: UNESCO, p. 9, available at <http://www.unesco.org/new/en/communication-andinformation/resources/publications-and-communication-materials/publications/full-list/global-survey-on-Internet-privacy-and-freedom-of-expression/>.
19. To borrow Prof. Kang’s categorization, see Jerry Kang, “Information Privacy in Cyberspace Transactions”, (1998) Stanford Law Review, Vol. 50, pp. 1202–1205.
20. OHCHR, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, para. 22, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
21. Toby Mendel et al., (2012) Global Survey on Internet Privacy and Freedom of Expression, UNESCO Series on Internet Freedom, Paris: UNESCO, p. 7, available at <http://www.unesco.org/new/en/communication-andinformation/resources/publications-and-communication-materials/publications/full-list/global-survey-on-Internet-privacy-and-freedom-of-expression/>.
22. OHCHR, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, para. 21, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
23. See Privacy International, “What Is Data Protection?”, available at <https://www.privacyinternational.org/?q=node/44>, accessed 30 May 2015.
24. Thomas B. Kearns, “Technology and the Right to Privacy: The Convergence of Surveillance and Information Privacy Concerns”, (1999) William & Mary Bill of Rights Journal, Vol. 7, No. 3, pp. 976-977, available at <http://scholarship.law.wm.edu/wmborj/vol7/iss3/10/>.
25. Thomas B. Kearns, “Technology and the Right to Privacy: The Convergence of Surveillance and Information Privacy Concerns”, (1999) William & Mary Bill of Rights Journal, Vol. 7, No. 3, pp. 976-977, available at <http://scholarship.law.wm.edu/wmborj/vol7/iss3/10/>.
26. Paul M. Schwartz and Daniel J. Solove, “The PII Problem: Privacy and a New Concept of Personally Identifiable Information”, (2011) New York University Law Review, Vol. 86, pp. 1828-1832, available at <http://papers.ssrn.com/abstract=1909366>.
27. European Union Agency for Fundamental Rights (FRA), (2014) Handbook on European Data Protection Law, Luxembourg: Publications Offices of the European Union, pp. 43-44, available at <http://fra.europa.eu/en/publication/2014/handbook-european-data-protection-law>.
28. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data, 2015, available at <http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML>.
29. OHCHR, CCPR General Comment No. 16: Article 17 (The Right to Respect of Privacy, Family, Home and Correspondence, and Protection of Honour and Reputation), 8 April 1988, UN Doc. HRI/GEN/1/Rev.9 (Vol. I), para. 1, available at <http://www.refworld.org/docid/453883f922.html>, accessed 29 May 2015.
30. http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/Events/connecting_dots_concept_en.pdf
31. Toby Mendel, (2008) Freedom of Information: A Comparative Legal Survey, Second Edition, Paris: UNESCO, p. 144, available at <http://portal.unesco.org/ci/en/ev.php-URL_ID=26159&URL_DO=DO_TOPIC&URL_SECTION=201.html>.
32. Council of Europe, Additional Protocol to the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data Regarding Supervisory Authorities and Transborder Data Flows, ETS No. 181, available at <http://conventions.coe.int/Treaty/EN/Treaties/HTML/181.htm>, accessed 30 May 2015.
33. European Parliament, “Respect for Fundamental Rights in the Union”, available at <http://www.europarl.europa.eu/aboutparliament/en/displayFtu.html?ftuId=FTU_2.1.2.html>, accessed 30 May 2015
34. Article 6 Paragraph 1, Treaty of the European Union.
35. Article 6 Paragraph 2, Treaty of the European Union.
36. Article 6 Paragraph 3, Treaty of the European Union.
37. African Charter on Human and Peoples’ Rights, available at <http://www.achpr.org/instruments/achpr/>.
38. "Basic Documents - American Convention". www.cidh.oas.org. Retrieved 2018-03-13.
39. Toby Mendel et al., (2012) Global Survey on Internet Privacy and Freedom of Expression, UNESCO Series on Internet Freedom, Paris: UNESCO, p. 65, available at <http://www.unesco.org/new/en/communicationand-information/resources/publications-and-communication-materials/publications/full-list/globalsurvey-on-Internet-privacy-and-freedom-of-expression/>.
40. Outcome Statement of CONNECTing the Dots, endorsed in Resolution 53 at UNESCO’s 38th General Conference: http://unesdoc.unesco.org/images/0023/002340/234090e.pdf
41. UNESCO, (2013) Freedom of Expression Toolkit: A Guide for Students, Paris: UNESCO, p. 12, available at <http://unesdoc.unesco.org/images/0021/002186/218618E.pdf>.
42. HRC, CCPR General Comment No. 34: Article 19 (Freedoms of Opinion and Expression), 12 September 2011, UN Doc. CCPR/C/GC/34, para. 9, available at <http://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf>.
43. HRC, CCPR General Comment No. 34: Article 19 (Freedoms of Opinion and Expression), 12 September 2011, UN Doc. CCPR/C/GC/34, para. 11, available at <http://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf>.
44. HRC, CCPR General Comment No. 34: Article 19 (Freedoms of Opinion and Expression), 12 September 2011, UN Doc. CCPR/C/GC/34, para. 18, Freedom of access to information has a different historical or political root different from the political interpretation., available at <http://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf>.
45. UN General Assembly, Report of the Special Rapporteur to the General Assembly on the Right to Freedom Opinion and Expression Exercised through the Internet, 10 August 2011, UN Doc A/66/90, para. 61, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/66/290>.
46. HRC, CCPR General Comment No. 34: Article 19 (Freedoms of Opinion and Expression), 12 September 2011, UN Doc. CCPR/C/GC/34, para. 15, available at <http://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf>.
47. Human Rights Council, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 16 May 2011, UN Doc. A/HRC/17/27, para. 15, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/17/27>.
48. Human Rights Council, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 16 May 2011, UN Doc. A/HRC/17/27, para. 21, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/17/27>.
49. OHCHR, Report of the Special Rapporteur to the Human Rights Council on the Promotion, Protection and Enjoyment of Human Rights on the Internet, 29 June 2012, UN Doc. A/HRC/20/L.13, para. 1, available at <http://daccess-dds-ny.un.org/doc/UNDOC/LTD/G12/147/10/PDF/G1214710.pdf?OpenElement>
50. Rebecca MacKinnon et al., Fostering Freedom Online: The Role of Internet Intermediaries, UNESCO Series on Internet Freedom, Report, 2014, Paris: UNESCO, p. 11, available at <http://unesdoc.unesco.org/images/0023/002311/231162e.pdf>.
51. Universal Declaration of Human Rights (UDHR), available at <http://www.un.org/en/documents/udhr/>.
52. See <http://www.article19.org/pages/en/international-guarantee.html>.
53. European Union (EU), Charter of Fundamental Rights of the European Union, 2000, p. 11, available at <https://web.archive.org/web/20100529042731/http://www.europarl.europa.eu/charter/pdf/text_en.pdf>.
54. European Union (EU), Charter of Fundamental Rights of the European Union, 2000, p. 10, available at <https://web.archive.org/web/20100529042731/http://www.europarl.europa.eu/charter/pdf/text_en.pdf>.
55. Organization of American States (OAS), American Convention on Human Rights ‘Pact of San Jose, Costa Rica’ (B-32), 1969, available at <http://www.oas.org/dil/treaties_B-32_American_Convention_on_Human_Rights.htm>.
56. Organization of African Unity, African Charter on Human and Peoples’ Rights (Banjul Charter), 1981, available at <http://www.achpr.org/instruments/achpr/>.
57. UNESCO, World Trends in Freedom of Expression and Media Development: Regional Overview of Western Europe and North America, 2014, Paris: UNESCO, p. 8, available at <http://unesdoc.unesco.org/images/0022/002277/227741e.pdf>.
58. Eric Neisser, (1991) Recapturing the Spirit: Essays on the Bill of Rights at 200, Lanham: Rowman & Littlefield, p.68.
59. Donald E. Biederman, (2007) Law and Business of the Entertainment Industries, Westport: Greenwood Publishing Group, p. 457.
60. Donald E. Biederman, (2007) Law and Business of the Entertainment Industries, Westport: Greenwood Publishing Group, p. 457.
61. Donald E. Biederman, (2007) Law and Business of the Entertainment Industries, Westport: Greenwood Publishing Group, p. 457.
62. Eric Neisser, (1991) Recapturing the Spirit: Essays on the Bill of Rights at 200, Lanham: Rowman & Littlefield, p. 68.
63. ACLU, FAQ: The Covenant on Civil & Political Rights (ICCPR), Parliament of Canada, Constitution Act 1982, Part I, The Canadian Charter of Rights and Freedoms, available at <https://www.aclu.org/faq-covenant-civilpolitical-rights-iccprl>.
64. UNESCO, World Trends in Freedom of Expression and Media Development: Regional Overview of Western Europe and North America, 2014, Paris: UNESCO, p. 8, available at <http://unesdoc.unesco.org/images/0022/002277/227741e.pdf>.
65. UNESCO, World Trends in Freedom of Expression and Media Development: Regional Overview of Western Europe and North America, 2014, Paris: UNESCO, p. 8, available at <http://unesdoc.unesco.org/images/0022/002277/227741e.pdf>.
66. OHCHR, Report of the Special Rapporteur to the Human Rights Council on Key Trends and Challenges to the Right of All Individuals to Seek, Receive and Impart Information and Ideas of All Kinds through the Internet, 16 May 2011, UN Doc. A/HRC/17/27, para. 8, available at <http://daccess-dds-ny.un.org/doc/UNDOC/GEN/G11/132/01/PDF/G1113201.pdf?OpenElement>.
67. International Convention on Civil and Political Rights
68. Christopher Hood, “Transparency in Historical Perspective”, in Christopher Hood and David Heald (Eds.), (2006) Transparency: The Key to Better Governance?, Oxford, New York: Oxford University Press, p. 5.
69. Christopher Hood, “Transparency in Historical Perspective”, in Christopher Hood and David Heald (Eds.), (2006) Transparency: The Key to Better Governance?, Oxford, New York: Oxford University Press, p. 5-10
70. Christopher Hood, “Transparency in Historical Perspective”, in Christopher Hood and David Heald (Eds.), (2006) Transparency: The Key to Better Governance?, Oxford, New York: Oxford University Press, p. 11-13.
71. United Nations, (2015). Conference of the Parties Paris Agreement, Framework Convention on Climate Change,. FCCC/CP/2015/L.9/Rev.1. https://unfccc.int/resource/docs/2015/cop21/eng/l09r01.pdf
72. William H. Dutton et al., Freedom of Connection, Freedom of Expression: The Changing Legal and Regulatory Ecology Shaping the Internet, Report, 2013, Paris: UNESCO, p. 8, available at <https://web.archive.org/web/20161121090744/http://unesdoc.unesco.org/images/0019/001915/191594e.pdf>.
73. John Carlo Bertot, Paul T. Jaeger and Justin M. Grimes, “Promoting Transparency and Accountability through ICTs, Social Media, and Collaborative E-Government”, (2012) Transforming Government: People, Process and Policy, Vol. 6, No. 1, pp. 2-3, available at <http://www.emeraldinsight.com/doi/full/10.1108/17506161211214831>.
74. OSCE, “Joint Declaration on Freedom of Expression and the Internet (OSCE, UN, OAS and ACHPR)”, 1 June 2011, available at <http://www.osce.org/fom/78309>.
75. UNESCO, Brisbane Declaration: Freedom of Information, The Right to Know, 3 May 2010. “Brisbane Declaration, Freedom of Information: The Right to Know” (UNESCO World Press Freedom Day conference, Brisbane, Australia, 2010), available at <http://www.unesco.org/new/en/unesco/events/prizes-andcelebrations/celebrations/international-days/world-press-freedom-day/previous-celebrations/2010/brisbane-declaration/>.
76. http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/WPFD/WPFD2016_Finlandia_declaration_3_may_2016.pdf
77. First Optional Protocol to the ICCPR, available at <http://www.ohchr.org/EN/HRBodies/TBPetitions/Pages/HRTBPetitions.aspx>.
78. HRC, Robert W. Gauthier v. Canada, Communication No. 633/1995, UN Doc. CCPR/C/65/D/633/1995 (1999).
79. HRC, Mavlonov and Sa’di v. Uzbekistan, Communication No. 1334/2004, UN Doc. CCPR/C/95/D/1334/2004 (2009).
80. HRC, CCPR General Comment No. 34: Article 19 (Freedoms of Opinion and Expression), 12 September 2011, UN Doc. CCPR/C/GC/34, para. 19, available at <http://www2.ohchr.org/english/bodies/hrc/docs/gc34.pdf>.
81. HRC, General Comment No. 31 on the Nature of the General Legal Obligation Imposed on States Parties to the Covenant, 29 March 2004, UN Doc. CCPR/C/21/Rev.1/Add.13, paras. 3-5, available at <https://www1.umn.edu/humanrts/gencomm/hrcom31.html>.
82. EU, Convention on Access to Information, Public Participation in Decision-Making and Access to Justice in Environmental Matters (Aarhus Convention), 1998, available at <http://ec.europa.eu/environment/aarhus/>.
83. UN General Assembly, United Nations Convention against Corruption, 31 October 2003, UN Doc. A/RES/58/4, available at <http://www.un-documents.net/a58r4.htm>.
84. UN General Assembly, United Nations Convention against Corruption, 31 October 2003, UN Doc. A/RES/58/4, available at <http://www.un-documents.net/a58r4.htm>.
85. EU, Convention on Access to Information, Public Participation in Decision-Making and Access to Justice in Environmental Matters (Aarhus Convention).
86. Recommendation Rec(2002)2 of the Committee of Ministers to Member States on Access to Official Documents, Council of Europe, Committee of Ministers, 21 February 2002, 2, available at <https://wcd.coe.int/ViewDoc.jsp?id=262135>.
87. Recommendation Rec(2002)2 of the Committee of Ministers to Member States on Access to Official Documents, Council of Europe, Committee of Ministers, 21 February 2002, 2, available at <https://wcd.coe.int/ViewDoc.jsp?id=262135>.
88. EU, Charter of Fundamental Rights of the European Union.
89. Quoted in “Promoting Open Government: Commonwealth Principles and Guidelines on the Right to Know” (Commonwealth Expert Group Meeting on the Right to Know and the Promotion of Democracy and Development, London, 1999), available at <http://www.humanrightsinitiative.org/programs/ai/rti/international/cw_standards/commonwealth_expert_grp_on_the_rti_99-03-00.pdf>.
90. Commonwealth Heads of Government Meeting, 20 October 1991, paras. 4 and 9. Heads of Government in Harare, “Harare Commonwealth Declaration” (Harare, Zimbabwe: The Commonwealth, 1991), paras. 4 and 9, available at <http://thecommonwealth.org/history-of-the-commonwealth/harare-commonwealthdeclaration>. See also The Common Wealth, “Millbrook Commonwealth Action Plan on the Harare Declaration” (London, 12 November 1995), available at <http://thecommonwealth.org/history-of-thecommonwealth/millbrook-commonwealth-action-plan-harare-declaration>.
91. Organization of African Unity, African Charter on Human and Peoples’ Rights (Banjul Charter).
92. African Union (AU), African Charter on Values and Principles of Public Service and Administration, 2011, available at <http://www.au.int/en/content/african-charter-values-and-principles-public-service-andadministration>.
93. African Union (AU), Convention on Preventing and Combating Corruption, 2003, available at <{{cite web |url=http://www.au.int/en/sites/default/files/AFRICAN_UNION_CONVENTION_PREVENTING_COMBATING_CORRUPTION.pdf |title=Archived copy |accessdate=2016-06-05 |deadurl=yes |archiveurl=https://web.archive.org/web/20150605075300/http://www.au.int/en/sites/default/files/AFRICAN_UNION_CONVENTION_PREVENTING_COMBATING_CORRUPTION.pdf |archivedate=2015-06-05 |df= }}>.
94. African Commission on Human and Peoples’ Rights, “Declaration of Principles on Freedom of Expression in Africa”, 17 October 2002, available at <http://www1.umn.edu/humanrts/achpr/expressionfreedomdec.html>.
95. See <http://www.article19.org/resources.php/resource/3642/en/gambia:-african-commission-adoptsmodel-law-on-access-to-information>.
96. OAS, “Model Inter-American Law on Access to Information, A/RES/2514 (XXXIX-O/09)”, 8 June 2010, available at <http://www.oas.org/en/sla/dil/access_to_information_model_law.asp>.
97. OAS, “Model Inter-American Law on Access to Information, A/RES/2514 (XXXIX-O/09)”, 8 June 2010, available at <http://www.oas.org/en/sla/dil/access_to_information_model_law.asp>.
98. Toby Mendel, (2008) Freedom of Information: A Comparative Legal Survey, Second Edition, Paris: UNESCO, p. 144, available at <http://portal.unesco.org/ci/en/ev.php-URL_ID=26159&URL_DO=DO_TOPIC&URL_SECTION=201.html>.
99. Toby Mendel, (2008) Freedom of Information: A Comparative Legal Survey, Second Edition, Paris: UNESCO, p. 144, available at <http://portal.unesco.org/ci/en/ev.php-URL_ID=26159&URL_DO=DO_TOPIC&URL_SECTION=201.html>.
100. Eric Barendt, (2007) Freedom of Speech, Second Edition, Oxford: Oxford University Press, footnote 165.
101. OHCHR, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
102. Toby Mendel et al., (2012) Global Survey on Internet Privacy and Freedom of Expression, UNESCO Series on Internet Freedom, Paris: UNESCO, p. 95, available at <http://www.unesco.org/new/en/communicationand-information/resources/publications-and-communication-materials/publications/full-list/globalsurvey-on-Internet-privacy-and-freedom-of-expression/>.
103. OHCHR, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, para. 24, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
104. OHCHR, Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, Frank La Rue, 17 April 2013, UN Doc. A/HRC/23/40, paras. 13 and 22, available at <http://ap.ohchr.org/documents/dpage_e.aspx?si=A/HRC/23/40>.
105. Outcome Document of the Connecting the Dots conference http://www.unesco.org/new/fileadmin/MULTIMEDIA/HQ/CI/CI/pdf/outcome_document.pdf
106. See the real case of a mother over-expressing her love of the new born on social networking sites of which others have no personal interest to know and complain openly, Section 2.1, Privacy, free expression and transparency, UNESCO.
107. Sylvia Mercado Kierkegaard, “War Against Spam: A Comparative Analysis Of The US And The European Legal Approach”, (2015) Communications of the IIMA, Vol. 5, No. 2, p. 5.
108. Ian Brown, Online Freedom of Expression, Assembly, Association and the Media in Europe, Report, Council of Europe Conference of Ministers Responsible for Media and Information Society, 15 October 2013, p. 17, available at <https://www.coe.int/t/dghl/standardsetting/media/Belgrade2013/Online%20freedom%20of%20expression,%20assembly,%20association_MCM(2013)007_en_Report_IanBrown.pdf >.
109. Ian Brown, Online Freedom of Expression, Assembly, Association and the Media in Europe, Report, Council of Europe Conference of Ministers Responsible for Media and Information Society, 15 October 2013, p. 19, available at <https://www.coe.int/t/dghl/standardsetting/media/Belgrade2013/Online%20freedom%20of%20expression,%20assembly,%20association_MCM(2013)007_en_Report_IanBrown.pdf >.
110. Daniel J. Solove, (2007) The Future of Reputation: Gossip, Rumor, and Privacy on the Internet, New Haven, London: Yale University Press, pp. 135-136.
111. William B.T. Mock, “On the Centrality of Information Law: A Rational Choice Discussion of Information Law and Transparency”, (1999) The John Marshall Journal of Information Technology & Privacy Law, Vol. 17, No. 4, pp. 1069 and 1078-1081, available at <http://works.bepress.com/william_mock/12>.
112. Frederick Schauer, “Transparency in Three Dimensions”, (2011) University of Illinois Law Review, No. 4 (2011), pp. 1343-1344, available at <http://www.illinoislawreview.org/article/transparency-in-three-dimensions/>.
113. Don Tapscott, “Why Transparency and Privacy Should Go Hand in Hand”, The Huffington Post, 5 May 2011, available at <http://www.huffingtonpost.com/don-tapscott/why-transparency-and-priv_b_643221.html>.
114. “UN Human Rights Committee: General Comment No. 34”, 4 July 2011, available at <http://www.opensocietyfoundations.org/publications/un-human-rights-committee-general-comment-no-34>.
115. “Peck v United Kingdom (2003) 36 EHRR 41”, 5RB, accessed 7 May 2015, available at <http://www.5rb.com/case/peck-v-united-kingdom/>.
116. Frederick Schauer, “Transparency in Three Dimensions”, (2011) University of Illinois Law Review, No. 4, p. 1356, available at <http://www.illinoislawreview.org/article/transparency-in-three-dimensions/>.
117. Kieron O’Hara, “Transparent Government, Not Transparent Citizens: A Report on Privacy and Transparency for the Cabinet Office”, 27 March 2014, p. 3, available at <https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61279/transparency-and-privacy-review-annex-a.pdf>.
118. ECJ, Case C-131/12 Google Spain SL, Google Inc. v. Agencia Española de Protección de Datos, Mario Costeja González, Judgment, 13 May 2014.
119. See a discussion of the case the related legal doctrine at: James C. Mitchell, “The Accidental Purist: Reclaiming the Gertz All Purpose Public Figure Doctrine in the Age of ‘Celebrity Journalism”, (2002) Loyola of Los Angeles Entertainment Law Review, Vol. 22, pp. 559-581.
120. Nathaniel Jurist Gleicher, “John Doe Subpoenas: Toward a Consistent Legal Standard”, (2008) Yale Law Journal, Vol. 118, No. 320, p. 118, available at <http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1378742>.
121. Scott. J. Shackelford, “Fragile Merchandise: A Comparative Analysis of the Privacy Rights for Public Figures”, (2012) American Business Law Journal, Vol. 49, No. 1, p. 5.
122. ECtHR, Von Hannover v. Germany, Judgment, 24 June 2004, Application No. 59320/00.
123. ECtHR, Sapan v. Turkey, Judgment, 8 June 2010, Application No. 44102/04.
124. ECtHR, Hachette Filipacchi Associes v. France, Judgment, 14 June 2007, Application No. 71111/01.
125. ECTHR, Lillo-Stenberg and Saether V. Norway, Judgment, 16 January 2014, Application No. 13258/09.
126. ECtHR, Delfi AS v. Estonia, Judgment, 16 June 2015, Application No. 64569/09, para. 158.
127. Magyar Tartalomszolgáltatók Egyesülete and Index.hu Zrt v. Hungary, Application No. 22947/13, European Court of Human Rights, 2016
128. UNODC, The Use of the Internet for Terrorist Purposes, Report, September 2012, Vienna: United Nations, pp. 3-13, available at <https://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf>.
129. UNODC, The Use of the Internet for Terrorist Purposes, Report, September 2012, Vienna: United Nations, pp. 13, available at <https://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf>.
130. Pillay, “The Right to Privacy in the Digital Age”, 9.
131. “Transcript of President Obama’s Jan. 17 Speech on NSA Reforms”, The Washington Post, 17 January 2014, available at <http://www.washingtonpost.com/politics/full-text-of-president-obamas-jan-17-speech-onnsa-reforms/2014/01/17/fa33590a-7f8c-11e3-9556-4a4bf7bcbd84_story.html>.
132. “White House Releases Report on NSA Surveillance Six Years Later”, The Guardian, available at <http://www.theguardian.com/world/2015/apr/25/nsa-surveillance-report-white-house-releases-six-years-later>, accessed 16 May 2015.
133. Devlin Barrett and Damian Paletta, “NSA Phone Program Is Illegal, Appeals Court Rules,” Wall Street Journal, 7 May 2015, sec. US, available at <http://www.wsj.com/articles/appeals-court-rules-nsa-phone-program-notauthorized-by-patriot-act-1431005482>.
134. “Data Security/Breach Notification | U.S. Chamber of Commerce”, 23 April 2015, available at <https://www.uschamber.com/issue-brief/data-securitybreach-notification>.
135. Owen Bowcott and Legal Affairs Correspondent, “UK-US Surveillance Regime Was Unlawful ‘for Seven Years”, The Guardian, available at <http://www.theguardian.com/uk-news/2015/feb/06/gchq-mass-Internetsurveillance-unlawful-court-nsa>, accessed 16 May 2015.
136. “US NSA Surveillance Programme, Surveillance Bodies in Various Member States and Impact on EU Citizens’ Fundamental Rights - P7_TA-PROV(2014)0230”, March 2014, available at <http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P7-TA-2014-0230>.
137. ECJ, Joined cases C-293/12 Digital Rights Ireland Ltd v. Minister for Communications and Others and C-594-12 Kärntner Landesregierung and Others, Judgment, 8 April 2014.
138. ECJ, Case C-212/13 František Ryneš v Úřad pro ochranu osobních údajů, Judgment, 11 December 2014.
139. Dan Cooper and Maria-Martina Yalamova, “Top 10 International Privacy Developments of 2014”, InsidePrivacy.com, 4 February 2015, <http://www.insideprivacy.com/international/european-union/top-10-international-privacy-developments-of-2014/>.
140. Dan Cooper and Maria-Martina Yalamova, “Top 10 International Privacy Developments of 2014”, InsidePrivacy.com, 4 February 2015, <http://www.insideprivacy.com/international/european-union/top-10-international-privacy-developments-of-2014/>.
141. OHCHR, CCPR General Comment No. 16: Article 17 (The Right to Respect of Privacy, Family, Home and Correspondence, and Protection of Honour and Reputation), 8 April 1988, UN Doc. HRI/GEN/1/Rev.9 (Vol. I), para. 1, available at <http://www.refworld.org/docid/453883f922.html>, accessed 29 May 2015.
142. Disclosure: the lead author of this report, Prof. Joseph A. Cannataci, was appointed as the Rapporteur. He and his team were commissioned for this research before his appointment.
143. “Resolution Adopted by the General Assembly on 18 December 2013 [on the Report of the Third Committee (A/68/456/Add.2)] 68/167. The Right to Privacy in the Digital Age”, December 2013, available at <http://www.un.org/ga/search/view_doc.asp?symbol=A/RES/68/167>.
144. Institute for Human Rights and Business, “ICT, Human Rights & Business: A Roundup of 2014 and Challenges for 2015”, 12 January 2015, available at <http://www.ihrb.org/commentary/ict-human-rightsbusiness-roundup-2014.html>, accessed 16 May 2015.
145. Global Network Initiative, “Data Beyond Borders: Mutual Legal Assistance in the Internet Era | Global Network Initiative”, available at <https://www.globalnetworkinitiative.org/content/data-beyond-bordersmutual-legal-assistance-Internet-era>, accessed 16 May 2015.
146. Morgan Kennedy, “Digital Advertising Alliance Will Begin Enforcing Its Mobile Guidance September 1, 2015”, InsidePrivacy.com, 14 May 2015, available at <http://www.insideprivacy.com/advertising-marketing/digitaladvertising-alliance-will-begin-enforcing-its-mobile-guidance-september-1-2015/>.