Guide to International Law and Surveillance Privacy International August 2017 Version 1.0 25 August 2017 Guide to International Law and Surveillance The 21st century has brought with it rapid development in the technological capacities of Governments and corporate entities to intercept, extract, filter, store, analyse, and disseminate the communications of whole populations. The costs of retaining data have decreased drastically, and continue to do so every year, and the means of analysing the information have improved exponentially due to developments in automated machine learning and algorithmic designs. These technological advancements have rendered the safeguards protecting the right to privacy obsolete. Recent revelations about the scope and nature of mass surveillance and bulk interception programs have led to a surge in legal discourse surrounding the role that international law, and in particular international human rights law, can and should play in responding to this evolving reality. International and regional courts, international human rights treaty bodies, U.N. agencies, multilateral organizations, and special rapporteurs, have all published authoritative statements on the law surrounding the right to privacy in the sphere of surveillance. The “Guide to International Law and Surveillance” is an attempt to collate relevant excerpts from these judgments and reports into a single principled guide that will be continuously updated. Despite its name the guide isn’t just aimed at lawyers. It is really a handy reference tool for anyone engaging in campaigning, advocacy, and scholarly research, on these issues. The guide is quite long but there is no need to read it cover to cover. We suggest that you either use the hyperlinked table of contents or search for key words to find the most relevant quotes from you. The guide is thus meant to be used in a light touch way, but providing you with the most hard-hitting results. The guide covers array of relevant topics such as the (il)legality of mass surveillance operations, the law surrounding data retention, the extraterritorial application of human rights law and digital surveillance, the international law on hacking for surveillance purposes, crypto- wars and the “going dark” debate, and the responsibility of multinational corporations in protecting the right to privacy. The first section of the guide offers an abridged version, a compressed list of the most substantive articulations of law surrounding of the sub-issues covered, as they are reflected under both U.N. law and Regional Human Rights Law. If you cite nothing else, these are the quotes that you want to reference. The second section of the guide offers additional quotes for each of the sub-issues, beyond the primary ones introduced in the first section. The guide is a living and breathing document and we will be adding new content as more statements and resolutions emerge. Please reach out to us via Twitter (@Privacyint) if you have any other quotes you want us to add or topics you want us to cover. 1 Version 1.0 25 August 2017 Table of Contents A. Highlighted Quotes Chapter 1: The Right to Privacy in International and Regional Treaties.......................4-6 Chapter 2A: Principles Surrounding Surveillance and the Right to Privacy……....…7-27 a. The Principle of Legality………………………………………………….....7-9 i. Accessibility requirement…………………………………..……….....8 ii. Foreseeability requirement…………………………...……………...8-9 b. The Principle of Necessity……………………………………………….....9-11 c. The Principle of Proportionality…………………………………………..11-12 d. The Principle of Adequate Safeguards……………………………………12-26 i. Reasonable Suspicion………………………………………………...13 ii. Effective Oversight…………………………………………….....13-15 iii. Data Retention…………………………………………………….15-18 iv. Transparency Requirements………………………………………18-19 v. Safeguards in Intelligence Sharing and Data Transfers………...…19-22 vi. Distinctions in Safeguards Between Metadata and Content and Between GEOINT and SIGINT…………………………………………….22-23 vii. Distinctions in Safeguards Between Law Enforcement and Intelligence Agencies……………………………………………………………...23 viii. Professional Confidentiality and Privileged Communications……23-26 e. The Principle of Access to Remedy: Victimhood, Standing, and Notification…………………………………………….............................26-27 Chapter 3A: Surveillance and Other Human Rights Provisions…………..……….…28-29 a. Surveillance and the Jurisdictional Clause (Extraterritorial Application) …………………………………………………………………………….….28 b. Surveillance and the Principle of Non-Discrimination……………………28-29 Chapter 4A: Mass Surveillance Programs………………………………….………….30-32 Chapter 5A: Debates Surrounding Surveillance-Related Capabilities…………….…33-36 a. The Debate over Encryption and “Going Dark”…………………………..33-34 b. The Debate over Hacking and Vulnerability Exploitation………………...35-36 Chapter 6A Right to Privacy and the Roles and Responsibilities of MNCs……….....37-38 B. Additional Quotes Chapter 2B: Principles Surrounding Surveillance and the Right to Privacy…….…39-122 a. The Principle of Legality……………………………………….……….39-57 i. Accessibility requirement…………………………………..……..45-48 ii. Foreseeability requirement…………………………...…………...48-57 b. The Principle of Necessity…………………………………..…………...57-62 c. The Principle of Proportionality…………………………………...……..62-64 d. The Principle of Adequate Safeguards……………………………….…65-109 i. Reasonable Suspicion……………………………………………..68-72 ii. Effective Oversight…………………………………………….....72-87 iii. Data Retention…………………………………………………….87-98 iv. Transparency Requirements…………………………………..…98-100 v. Safeguards in Intelligence Sharing and Data Transfers……...…100-104 vi. Distinctions in Safeguards Between Metadata and Content and Between GEOINT and SIGINT………………………………………….105-108 2 Version 1.0 25 August 2017 vii. Distinctions in Safeguards Between Law Enforcement and Intelligence Agencies…………………………………………………………….108 viii. Professional Confidentiality and Privileged Communications…108-109 e. The Principle of Access to Remedy: Victimhood, Standing, and Notification…………………………………………….........................109-122 Chapter 3B: Surveillance and Other Human Rights Provisions…………..………123-126 a. Surveillance and the Jurisdictional Clause (Extraterritorial Application) ………………………………………………………………………….123-125 b. Surveillance and the Principle of Non-Discrimination…………………125-126 Chapter 4B: Mass Surveillance Programs………………………………….……….127-131 Chapter 5B: Debates Surrounding Surveillance-Related Capabilities……………132-136 a. The Debate over Encryption and “Going Dark” ………………………..132-133 b. The Debate over Hacking and Vulnerability Exploitation……………...133-136 Chapter 6B Right to Privacy and the Roles and Responsibilities of MNCs……....137-139 Annex: List of Sources………………………………………………………..………140-146 3 Version 1.0 25 August 2017 Chapter 1: The Right to Privacy in International and Regional Treaties Universal Declaration of Human Rights, Article 12 (10 December 1948) “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.” American Declaration on the Rights and Duties of Man, Article V: Right to protection of honor, personal reputation, and private and family life (2 May 1948) “Every person has the right to the protection of the law against abusive attacks upon his honor, his reputation, and his private and family life.” European Convention for the Protection of Human Rights and Fundamental Freedoms, Article 8: Right to Respect for Private and Family Life (4 November 1950) “1. Everyone has the right to respect for his private and family life, his home and his correspondence. 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic wellbeing of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.” International Covenant on Civil and Political Rights, Article 17 (16 December 1966) “1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. 2. Everyone has the right to the protection of the law against such interference or attacks.” American Convention on Human Rights (Pact of San Jose), Article 11: Right to Privacy (22 November 1969) “1. Everyone has the right to have his honor respected and his dignity recognized. 2. No one may be the object of arbitrary or abusive interference with his private life, his family, his home, or his correspondence, or of unlawful attacks on his honor or reputation. 3. Everyone has the right to the protection of the law against such interference or attacks.” Organization for Economic Cooperation and Development (OECD) Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, Part 1: General (23 September 1980) “2. These Guidelines apply to personal data, whether in the public or private sectors, which, because of the manner in which they are processed, or because of their nature or the context in which they are used, pose a risk to privacy and individual liberties... 4 Version 1.0 25 August 2017 6. These Guidelines should be regarded as minimum standards which can be supplemented by additional measures for the protection
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages147 Page
-
File Size-