.

eGov monitor & Thomas B. Riley
This article appears in eGov monitor Weekly

8 November 2004

Security vs Privacy

Part One: The Issues

By Thomas B Riley, Executive Director and Chair, Commonwealth Centre for Electronic Governance

Introduction

There is a tension that can be found between the right to privacy and the duty of governments to protect their citizens from external threats, whether it is terrorism, crime, anti-social behaviour or any number of issues that threaten stability in society.

The concept of human rights and privacy legislation in our liberal democracies has grown over the past two centuries and most of this came to fruition in the 20th century. Privacy is now understood to be a human right.

Privacy is the right of an individual to have one's personal information protected from the undue prying eyes of government and private organisations seeking to use such personal information, without the consent of the individual, except in exceptional circumstances dictated by law. Privacy is the right to have certain aspects of our life protected by legal boundaries so, as individuals, we may choose to share or communicate information about ourselves as we wish and at our discretion.

Research has shown that there is more and more personal information being shared between databases within countries and other national jurisdictions. Many advocacy groups, human rights organisations and data protection and privacy commissioners, are concerned that we are moving towards a surveillance society. The question explored is to what extent is this trend a growing reality?

* * *

The changes to security laws since autumn 2003 have brought us airline passenger information databases, lawful access rights to government information that was once protected by legal instruments, proposed national identity cards, biometric passports, radio frequency identifier (RFID) chips, internet and video surveillance. When we move to the international arena we find stricter measures related to border crossings - of both people and information - and the pressure to accept international standards.

Privacy laws embody the premise of trust and confidence between the citizenry and the government when it comes to the delivery mechanisms and ingrained eGovernment programmes. eGovernment, eGovernance and eDemocracy are evolving onto the wider stage of the public's life in countries in the western world. Legislative and regulatory changes now being made in the security and privacy side of government cannot be viewed in a vacuum. The issues can potentially impact on the citizen at all levels of society.

A fundamental issue in the field of privacy is the way that personal information is collected, distributed, shared and used by public and private organizations alike.

A fundamental issue in the field of privacy is the way that personal information is collected, distributed, shared and used by public and private organizations alike. Collection of personal information to identify terrorists or potential terrorists in our society is a tool that security and law enforcement agencies use to combat and prevent terrorism. It is a classic case of a conflict between the inherent rights of the individual and the rights of the state to forward the "public interest" on behalf of the community. Security threats are conflicting examples of these two rights.

Surveys continually show that people still value their privacy. The contradiction is the extent of usage of technologies that lead to invasions of their privacy. Webcams and software programs allowing parents to monitor their homes from the office, and to check on how the baby sitter is dealing with the children; hidden cameras in hotels checking out guests by employees; hidden chips in ATMs allowing criminals to capture bank details on people's debit cards; identity theft in which an individual's identity is captured by another; surveillance cameras on street corners (the UK being the biggest user).

Yves de Montigny, of Justice Canada, in his speech to a seminar entitled, Security Laws and Privacy: Striking the Right Balance, held on October 20, 2003, presented survey data that laid out the changing attitudes of Canadians towards security and privacy since September 11, 2001. A broad-spectrum study undertaken in the nineties by the Office of the Federal Privacy Commissioner of Canada, showed that Canadians were very concerned about privacy and had a strong desire to control their information. However, after 9/11, while Canadians continued to show strong support for privacy values, they indicated that they trusted their government to protect their freedoms in the course of developing anti-terrorism measures.

There are nine basic principles that can be found in privacy legislation in Canadian jurisdictions and in other countries around the world. Privacy, as articulated by many international directives and declarations, and by national, provincial and state laws, includes basic Fair Information Practices. A file here is interpreted as personal data kept in either a paper file or similar format or through the use of a form of information technology:

These principles summarise the core values of privacy protection and are the foundation of what privacy analysts look for when assessing the impacts of security, anti-terrorism and public safety legislation. They are also widely seen in the privacy community as providing the basic elements of good information management, which privacy advocates argue is the underpinning of both good security and good privacy protection.

Information Management is a process that contributes to and serves to strengthen good governance, accountability and transparency. Good information practices can help to weed out and purge much information that is opinion, false or incorrect in some aspects.

The consequences of data mistakes are becoming increasingly serious.

Accuracy of information has been raised as a key question, especially in the context of more frequent and more detailed information collection in all aspects of government work. This issue is even more important in the context of security-related decision-making. The consequences of data mistakes are becoming increasingly serious. Widening the scope of information inquiries - whether with regard to security or in other contexts - will only increase the risks.

'Striking the balance' is a way of describing the dichotomies between the two subjects at hand. However, in the October 2003 seminar, which brought together experts and government officials from Canada, the United States and the UK, the general consensus was that it was not about striking a balance, but creating a healthy "tension" in the debate to ensure that privacy values are maintained. There has been clear recognition that tighter security laws are needed but that our traditional values, not just of privacy but essential current civil liberties and human rights are respected.

In part two of this series: The emerging surveillance society

New anti-terrorism laws in Canada, the USA, the United Kingdom, and many other European countries have raised the spectre of more and more citizens and groups in our societies coming under increasing surveillance by the state. What is the reality of the situation of the tension between security and privacy?

This article is based on the report prepared by the Commonwealth Centre for e-Governance entitled Security vs. Privacy - A comparative analysis of Canada, the United Kingdom and the United Status, An update of the issues, which is available at the Centre's website - www.electronicgov.net - and also here.

Other articles by Thomas Riley:
- Information Sharing in a Digital World - Part 2: The shape of information rights to come: democracy's best tool?
- Information Sharing in a Digital World - Part 1: Information as a Democratic Tool
- The Digital Divide in the Developed World
- E-Democracy and the Resurgence of Democracy
- eGovernance to eDemocracy: Examining the Evolution
- Security Laws and Privacy: Striking the Balance [Part 2]
- Security Laws and Privacy: Striking the Balance [Part 1]
- An Overview of the Knowledge Economy
- eDemocracy: An Evolution in Progress
- Definining E-Government and E-Governance: Staying the Course
- The Role of Information in eGovernment Implementation
- Change Management and the Relationship to eGovernment
- Privacy Trends: Meeting New Demands
- eDemocracy in a Changing World

Thomas Riley is the co-Founder, Chair of the Board and Chief Executive of the Commonwealth Centre for Electronic Governance, a think-tank set up under a Commonwealth Secretariat programme in London. He is also the President of Riley Information Services, a consultant and advisor specialising in national and international IT policy development, and a Visiting Professor of Law and Technology at the University of Glasgow. For further information he can be contacted at rtriley6@cs.com

*


.