Could a Global Data Privacy Standard Really Work?

The Citizen's Guide to the Future
Dec. 31 2013 10:36 AM

Could a Global Data Privacy Standard Really Work?

174532837
An Edward Snowden supporter at a protest in Germany

Photo by Sean Gallup/Getty Images

This essay originally appeared in Internet Monitor 2013: Reflections on the Digital World, published by the Internet Monitor project at Harvard’s Berkman Center for Internet & Society.  It is licensed under a Creative Commons Attribution 3.0 Unported license and has been lightly edited to align with Slate's style guide. 

Edward Snowden’s disclosure of NSA surveillance practices has provoked a public debate about the merits of establishing an international standard for privacy and data protection. Officials from a number of countries, including Brazil, Uruguay, Denmark, Holland, and Hungary, have expressed interest in such a standard. Perhaps the most intriguing development thus far is a proposal by Germany’s federal data protection officer, Peter Schaar, who has proposed adding a protocol to Article 17 of the U.N. International Covenant on Civil and Political Rights, which protects against “arbitrary or unlawful interference with…privacy, family, home or correspondence.” This proposal, and the debate that accompanies it, have raised two key questions: 1) Is creating an enforceable global privacy standard even possible? and, 2) If so, what form should this standard take?

Advertisement

Discussions about a global privacy standard predate the Snowden leaks. That being said, the current debate is very much grounded in the context of the Snowden controversy. Revelations of comparable prominence and scope (such as the Wikileaks releases of 2010) have historically had adverse effects on efforts to further secure the privacy of Internet users. Governments made to feel vulnerable by revelations of this nature sometimes respond defensively by cracking down on leakers and finding other ways to increase government access to information while reducing transparency. Furthermore, media coverage of past controversies has framed these leaks in the context of “leakers vs. the government,” pushing advocates on both sides of the issue (as well as members of the public) toward extreme positions that hinder productive discussion and policy development.

Despite this challenging context, a number of resources exist that may help inform the current discussion. In the last few years, a specialized subset of academic discourse has centered on global data privacy standards. One notable scholar in this field, Australian law professor Graham Greenleaf, has outlined an approach that differs from Schaar’s protocol addendum in one key aspect: Instead of involving the United Nations, he proposes building on the Council of Europe’s (CoE) existing Data Protection Convention 108. The arguments against and in support of Greenleaf’s proposal may be indicative of arguments that will surround Schaar’s proposed amendment to the ICCPR.

Although it is an established practice for non-CoE countries to sign such conventions, critics of Greenleaf’s approach argue that there are few apparent incentives for the U.S. government to do so at this time. Furthermore, from a privacy advocate’s standpoint, creating a global data privacy standard comes with the risk of starting a “race to the bottom.” This theory holds that as soon as a widespread data privacy treaty is in force, states with greater protective measures would have to justify why their measures exceed global standards. Studies suggest, however, that this fear is unfounded. Greenleaf himself has demonstrated that data privacy laws have a global trajectory that increasingly favors expanding protections rather than rolling them back. He adds that the primary principles shaping this trajectory draw on the EU Directive more than any other source.

Greenleaf’s arguments, and those of other optimistic advocates of increased data protection, are further bolstered by trends in the private sector driven by greater public demand for data protection. A primary example of this is how some IT companies, rather than viewing data protection standards as a state-imposed cost, are emphasizing privacy protection as a key selling point to consumers. In Germany, for instance, Internet service providers now advertise the fact that they encrypt email communication. These trends indicate that a shift to high data protection standards could be supported not only by government forces but also by private sector companies that wish to cater to public demand.

Given these developments, there is good reason to believe that a global standard for data privacy could be created and enforced. Determining what this standard should look like, who should be responsible for enforcing it, and what power it will actually have to shape the continuing evolution of the Internet will require further scholarship and debate. Academia can play a pivotal role in this process by generating research to focus the problem, creating and evaluating public and private solutions, and providing a platform for debate.

As the conversation moves from scholarship to policy creation, the ITU could serve as a suitable platform for negotiations, especially when paired with UNESCO involvement to monitor implications for freedom of speech. But it may also be necessary to think creatively about negotiating a new treaty independent of established U.N. institutions—a similar process was used to create the Rome Statute, which serves as the basis for the International Criminal Court.

The process of creating a global standard for data privacy requires an undeniably delicate balancing act that must negotiate a complex interplay of technological, social, economic, legal, and political factors. It is a process, however, that offers the chance to create a healthier Internet where all global citizens can enjoy the benefits of interconnectivity without unduly compromising their own security. While success may be uncertain, this goal is definitely worth pursuing.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

History

The Self-Made Man

The story of America’s most pliable, pernicious, irrepressible myth.

Does Your Child Have Sluggish Cognitive Tempo? Or Is That Just a Disorder Made Up to Scare You?

Mitt Romney May Be Weighing a 2016 Run. That Would Be a Big Mistake.

Amazing Photos From Hong Kong’s Umbrella Revolution

Rehtaeh Parsons Was the Most Famous Victim in Canada. Now, Journalists Can’t Even Say Her Name.

Television

See Me

Transparent is the fall’s only great new show.

Doublex

Lena Dunham, the Book

More shtick than honesty in Not That Kind of Girl.

What a Juicy New Book About Diane Sawyer and Katie Couric Fails to Tell Us About the TV News Business

Rehtaeh Parsons Was the Most Famous Victim in Canada. Now, Journalists Can’t Even Say Her Name.

  News & Politics
Damned Spot
Sept. 30 2014 9:00 AM Now Stare. Don’t Stop. The perfect political wife’s loving gaze in campaign ads.
  Business
Moneybox
Sept. 30 2014 11:25 AM Naomi Klein Is Wrong Multinational corporations are doing more than governments to halt climate change.
  Life
Atlas Obscura
Sept. 30 2014 10:10 AM A Lovable Murderer and Heroic Villain: The Story of Australia's Most Iconic Outlaw
  Double X
Doublex
Sept. 29 2014 11:43 PM Lena Dunham, the Book More shtick than honesty in Not That Kind of Girl.
  Slate Plus
Behind the Scenes
Sept. 30 2014 10:59 AM “For People, Food Is Heaven” Boer Deng on the story behind her piece “How to Order Chinese Food.”
  Arts
Brow Beat
Sept. 30 2014 10:48 AM One of Last Year’s Best Animated Shorts Is Finally Online for Free
  Technology
Future Tense
Sept. 30 2014 7:36 AM Almost Humane What sci-fi can teach us about our treatment of prisoners of war.
  Health & Science
Bad Astronomy
Sept. 30 2014 7:30 AM What Lurks Beneath the Methane Lakes of Titan?
  Sports
Sports Nut
Sept. 28 2014 8:30 PM NFL Players Die Young. Or Maybe They Live Long Lives. Why it’s so hard to pin down the effects of football on players’ lives.