(No.59) Internet Privacy and Freedom of Expression: UNESCO launches a global survey on legal frameworks

Go to Report
Workshop Theme: 
Security, Openness and Privacy
Theme Question: 

Promote internet freedom and privacy in Internet goverance

Concise Description of Workshop: 

The workshop is a follow-up of earlier well-attended discussions on privacy protection and freedom of expression in relation to social networks at IGFs conducted by UNESCO since 2008. UNESCO will use the event as an opportunity to present the findings of a global research study aimed at mapping the issues in the current regulatory landscape with regard to Internet privacy, and to provide an overview of legal protection, self-regulatory guidelines, challenges, and case studies relating to the topic. This research was inspired by previous IGF debates on the issue and aims to inform and benefit all IGF stakeholders by giving a global picture of current trends related to privacy and freedom of expression. By providing up-to-date and accurate information on emerging issues which require immediate attention in developed and developing countries, the research will provide policymakers in specific countries with an accessible source that they can use to build upon, relating to the issues and regulations that already exist in other nations. It will also allow comparison of a number of regulatory approaches around the world. The research paper also gives information about reference materials that policymakers can use to further investigate each of the subjects that are highlighted. Given the increasing debate on privacy issues at global level, this Research Launch Workshop seeks to attract global policy makers, industry leaders, civil society, legal experts and other stakeholders, bringing them together to engage in dialogue and exchange views on feasible approaches and policy recommendations that are conducive to privacy protection without compromising freedom of expression. UNESCO, as enshrined within its Constitution, promotes the “free flow of ideas by word and image”, and has accordingly committed itself to enabling a free, open and accessible Internet space as part of promoting comprehensive freedom of expression both online and offline. On this basis, UNESCO has fully engaged in providing normative and technical assistance through research in this area to Member States and other stakeholders on mainstreaming the principle of FOE in Internet policy making, including in privacy protection. UNESCO will continue to provide a platform for exchange of good practices and international collaboration on privacy protection through a multi-stakeholder approach within the global Internet governance process.

Organiser(s) Name: 

UNESCO; Global Partners & Associates(Civil society); Council of Europe (Regional governmental organization); Article 19 (Civil Society)

Previous Workshop(s): 

2011 feeder workshop: Free flow of information and social networks: a role for democracy and social participation http://www.intgovforum.org/cms/component/chronocontact/?chronoformname=W...

Submitted Workshop Panelists: 


9:00   Opening and Introductory Remarks by Chair


Mr Guy Berger

Director, Division of Freedom of Expression and Media Development, Communication and Information Sector,  UNESCO

9:05  Presentation of the report by Mr Andrew Puddephatt, Director of Global Partners & Associates, and Ben Wagner, Researcher at the European University Institute in Florence and Associate of Global Partners & Associates

9:30  Comment by panelists:
Mr David Souter, Founder and Managing Director, ICT Development Associates
Ms Sophie Kwasny, Council of Europe
Ms Katitza Rodriguez, International Rights Director, Electronic Frontier Foundation, based in USA
Ms Ceren Ünal, Instructor, Bilkent University Faculty of Law, Turkey
Mr Max Senges, Google´s Policy Team, Berlin
Ms Gabrielle Guillemin, Legal Officer, Article 19

10 :00  Questions and Answers  (also open to remote participation)        

10:25  Closing Remark by Mr Guy Berger


Name of Remote Moderator(s): 
Cedric Wachholz, Programme Specialist, Section for Universal Access and Preservation, Knowledge Societies Division, Communication and Information Sector, UNESCO
Gender Report Card
Please estimate the overall number of women participants present at the session: 
The majority of participants were women
Please include any comments or recommendations you have on how to improve the inclusion of issues related to gender equality and: 

Although time did not allow for raising gender equality issues during the workshop itself, the publication that was launched and disseminated through it includes a section on useful resources for further reading on gender issues in relation to Internet privacy and freedom of expression.

Reported by: 
Guy Berger, Director, Division of Freedom of Expression and Media Development, Communication and Information Sector,UNESCO
A brief substantive summary and the main issues that were raised: 

Assessing the relationship between Internet privacy issues and freedom of expression was at the heart of this workshop, which was centered on a new publication of UNESCO (available at http://www.unesco.org/new/internet-privacy-and-foe)
Two authors, Andrew Puddephatt and Ben Wagner (of Global Partners and Associates), summarized the publication; and responses came from Gabrielle Guillemin (Article 19), Ceren Ünal (Ankara University), David Souter (ICT Development Associates), Katitza Rodriguez (Electronic Freedom Foundation), Sophie Kwasny of the Council of Europe, and Max Senges of Google. Several speakers contributed points from the floor.
The discussion registered that there are different interpretations of the concept of privacy, but the right could broadly be understood as “the reasonable expectation” of an individual, which was also distinct from “data protection” and “anonymity”. The authors of the UNESCO publication highlighted a diverse regulatory landscape around the world, and challenges related to discrepancies in legislation pertaining to the online and off-line spheres, and between national and international jurisdictions. It was noted that, in an interconnected world, the same model that works to balance privacy protection with free expression in one country can be emulated with negative impact on freedom of expression in another.
Also stated at the session, poor regimes in protecting freedom of expression are accompanied by poor privacy regimes as well. There was broad accord that most stakeholders needed advice about balancing of the two related rights when these came into competition.
The following points also emerged: 

  • Our understanding of privacy and free expression has evolved as the world has been rapidly transformed by the advent of “big data” and business models based around data.  Law enforcers want access to the “giant pool” of data, raising issues of privacy and free expression, as well as questions of the modality and parameters. Additional concerns include what happens to “digital footprints”, and to the security of data holdings in terms of possible abuse or theft.
  • The Internet presents particular challenges to privacy through its character as a platform where personal information can be easily collected, stored, shared, used, analyzed, commercialized and traced. Its trans-nationality, the speed and reach of information flows, the significant online market for personal data, and the growing convergence of devices connected to the Internet all make it difficult for users to have control over their personal information. These factors have also added to social habits of accepting terms of service or privacy policies without paying due attention. On the other hand, the point was also made that excessive privacy could limit data-mining possibilities, such as the raw materials needed to improve voice recognition and simultaneous interpretation.
  • Privacy can underpin many other human rights, including freedom of expression, such as by reinforcing anonymity as an enabler of free speech, and helping to protect journalists’ professional interest in keeping private the identities of whistleblowing sources. But cautions were expressed by the discussants that attempts to safeguard privacy online can sometimes undermine legitimate freedom of expression. Privacy regimes can be abused to maintain secrecy in regard to information that really deserves to be laid out in the sterilizing sunlight. The classic example is where those exposed by investigative journalism invoke a claim of violations of their privacy, even though the unearthing of this information can be in the public interest.
  • In these modes, privacy can also be used to conceal corruption and to limit the freedom of expression for those trying to expose it. Forging a balance is not an easy task, but the issue of public interest should be the deciding element to establish which should prevail if these come into competition on a particular issue. There is no hierarchy between the two rights, and neither is absolute, the Council of Europe pointed out. The overall public interest override is equally central when settling a conflict between privacy and the right to access information held by public bodies.

References were made to www.chillingeffects.org, http://www.google.com/transparencyreport/ and www.necessaryandproportionate.net

  • It is hard for firms that provide Internet services internationally to navigate the complex landscape constituted by different national privacy laws. Ambiguity in the legal arena contributes to hinder privacy protection. There seems to be a trend, even among democracies, to establish legal regimes that facilitate the use of personal information for law enforcement purposes, without always giving due consideration to privacy concerns.  
  • Knowing or suspecting that your data could be released to law enforcement officers could have a chilling effect on what data was made available.
  • Most data protection regimes include a number of specific rules to protect various public interests, they do not provide for a general public interest override, so they do not always fully protect freedom of expression. Blurred relationships between the right to information and data protection laws often lead to confusion.  
  • The right to be forgotten was not much supported in the discussion, with the arguments that there are already safeguards about accuracy and limited preservation periods. In addition to being technically challenging, it was very labour intensive for the individual to indicate all the time when information should expire, and it could grow into a rewriting of history.
  • One argument was in favour of pre-emptive measures to protect privacy, saying that punitive measures were too late as the damage could not be reversed. However, it was also pointed out that European Court of Justice has thrown out the idea of pre-notification about publication of private information. 
Conclusions and further comments: 

Among the recommendations were:

  • Governments should establish a strong constitutional protection of privacy and freedom of expression, imposing positive obligations on the state, allowing only for limited restrictions on these rights and referring to the overall public interest to balance these rights. Privacy should be protected from threats stemming from both public and private actors.
  • Resort to civil laws should be the primary practical means to protect privacy, with criminal rules used only for protecting certain highly sensitive information (e.g.: linked to banking).  
  • States should set up strong data protection regimes, allowing still for exceptions to these rules for certain data, particularly when concerning freedom of expression.
  • Many corporations need to develop better policies to protect privacy. These should confer as much control over privacy as possible to users. User-friendly privacy policies and users´ opt-ins and opt-outs were recommended.  The Mozilla model was referred to.  Privacy by design was recommended in terms of devices.
  • Public awareness-raising on privacy protection and new technologies, and media and Internet literacy efforts, were strongly recommended.  Media and information literacy should promote tolerance in relation to content online. P2P violations of privacy should not be overlooked. Users were seen to have some responsibility as to encrypting and tracking their information and communications, and present uptake of this was very low (3%). However, if the Internet is to be a public plaza, as the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has urged, then privacy needs to be weighed against this. Privacy should not be the default, and there should not be a prejudice against data per se.