720
Views
4
CrossRef citations to date
0
Altmetric
Current Development

The United Nations data privacy system and its limits

Pages 224-248 | Received 22 Oct 2017, Accepted 08 Jan 2018, Published online: 25 Jan 2018
 

ABSTRACT

While the United Nations (UN) pioneered in recognizing the impact of modern technological developments on (data) privacy as far back as 1968, little has so far been achieved in terms of introducing a truly global data privacy framework. The present UN data privacy framework is by and large a mere patchwork of rules that exhibit a number of weaknesses. This weak structure of the present framework is a result of political and ideological controversies of the Cold War era. This article considers the extent to which the current UN data privacy system provides protection to data privacy and highlights its major limitations. It concludes that the discourse at the UN set in motion, particularly in the aftermath of the Snowden revelations, wields a potential to result in a major reform in the UN data privacy system.

Acknowledgements

The author gratefully thanks Prof Andrew Kenyon, Prof Megan Richardson and Prof Paul De Hert as well as the anonymous reviewers for feedback on an earlier version.

Disclosure statement

No potential conflict of interest was reported by the author.

Notes

1 Cf WFP Directive on Information Disclosure, 7 June Citation2010, Section 3 (iv) [prohibiting that disclosure of information that is likely to violate rights or invade privacy of any individual, save disclosure for public interest].

2 For the influence in Africa, see Makulilo (Citation2016, 18–19).

3 See his personal details at http://bit.ly/2lwQFiL (Last accessed on 3 January 2017).

4 For more on this, see Bygrave, (Citation2014, 52–53).

5 For details on the elements of the modernization process, see http://bit.ly/2eAR6Ji (Last accessed on 3 January 2018).

6 See, for instance, UNESCO Declaration on the Human Genome and Human Rights, supra n 46, Art 24; see more details at http://bit.ly/2mIyFCb (Last accessed on 3 January 2018).

7 For a summary of cases where the principles of the Convention have been considered, see Pere Vilanova, The Right to Privacy in the Case Law of the ECtHR, in Proceedings of the High-Level Seminar on International Case Law in Bioethics: Insight and Foresight, 2016, pp. 21 et seqq.

8 Examples of case law that remotely touched on (data) privacy include: I.P. v Finland, Communication No. 450/1991, 26 July Citation1993; Antonius Cornelis Van Hulst v The Netherlands, Communication No.903/1999, 15 November Citation2004; Nabil Sayadi and Patricia Vinck v Belgium, Communication No. 1472/2006, 29 December Citation2008; H.S. v Australia, Communication No. 2015/2010, 13 May Citation2015. Recent examples of concluding observations having to do with data privacy include: Concluding Observations of the Human Rights Committee: Sweden, 2 April Citation2009, para 18; Concluding Observations of the Human Rights Committee: Hungary, 16 November Citation2010, para 6; Concluding Observations of the Human Rights Committee: France, 13 July Citation2008, par 22.

9 It is also interesting to note that this case has also relied upon the ILO Code of Practice on the Protection of Workers’ Personal Data of Citation1997. See id, paras 38–40.

10 A recent Resolution of the Human Council breaks the trend, and mentions the UN Guidelines, which might in due course put the Guidelines in the UN agenda. See The Right to Privacy in the Digital Age, Resolution of the Human Rights Council 34, 22 March Citation2017, Preamble, para 5.

11 In his latest report to the Human Rights Council, the Special Rapporteur ‘encourages’ countries recently adopting national data privacy law to ensure that the ‘minimum standards’ set out in the CoE Data Protection Convention are met. One would expect the UN Guidelines was referred to instead not least because the set minimum guarantees and are UN instruments. See Report of the Special Rapporteur on the Right to Privacy, Joseph Cannataci, 24 February Citation2017, para 9. An October 2017 report of the Special Rapporteur to the General Assembly does refer to the Guidelines but in a clearly tangential manner after the OECD Guidelines (whose principles the report details) and the CoE Data Protection Convention. See Report of the Special Rapporteur on the Right to Privacy, Joseph Cannataci, 19 October Citation2017, paras 71–72.

12 In another report co-authored for the UNESCO, Cannataci has also noted the UN Guidelines as being part of the international framework for the protection of privacy. See Cannataci et al. (Citation2016, 36).

13 For a related view, see Greenleaf, (Citation2014, 100). Recent examples of cases adjudged by the ECtHR that involved data privacy principles include L.H. v Latvia, Application No. 52019/07, 29 April Citation2014 [concerning processing of health data], Uzun v Germany, Application No. 35623/05, 2 September Citation2010 [Concerning processing of location data], S and Marper v UK, Application Nos. 30562/04 & 30566/04, 4 December Citation2008 [concerning retention of personal data such as fingerprints, Cellular samples and DNA profiles].

14 See details at http://bit.ly/2mIyFCb (Last accessed on 3 January 2018).

15 See, for instance, Montreux Declaration, The Protection of Personal Data and Privacy in a Globalized World: A Universal Right Respecting Diversities, September Citation2005; Resolution on Anchoring Data Protection and the Protection of Privacy in International Law, 35th International Conference of Data Protection and Privacy Commissioners, Warsaw, Poland, 26 September Citation2013. Cf. Draft of International Standards on the Protection of Privacy with regard to the Processing of Personal Data, which was commissioned by the Conference and adopted later in November 2009.

16 On the call for a ‘Geneva style Convention’, see Alexander (Citation Citation2015), available at http://bit.ly/2h2bEYF (Last accessed on 3 January 2018).

17 Those put forward post the Snowden revelations include the following: Mitsilegas (Citation2016, 73–77); Brown et al. (Citation2015, 25 et seqq); Deeks (Citation2015, 343 et seq).

18 See also Saadat and Ballard (Citation2007, 15) [arguing that a global privacy instrument will have to reflect the values of states to be involved in its negotiation and conclusion, which could be a ‘tall goal’].

19 The Special Rapporteur’s February 2017 report, however, slightly shows ambivalence regarding the nature of the possible international treaty, and notes that it is premature to make a decision on the ‘desirability or feasibility’ of such treaty but he aims to outline possible options to the UN in Autumn 2018. While he considers the possibility of an all-out ‘Internet Governance Treaty’ which would address inter alia ‘the very important yet oft-neglected […] right to protection of reputation which is both distinct and akin to privacy’, he also outlines merits of introducing an ‘international authority’ that would issue ‘international data access warrants’ under the CoE Cybercrime Convention’ as the best option of protecting privacy from unfettered surveillance in international law. See Report of the Special Rapporteur on the Right to Privacy, Joseph Cannataci, supra n 87, para 46. See also Planned Thematic Reports and Call for Consultation of the Special Rapporteur, February Citation2017, para 3, available at http://bit.ly/2noQFSG (Last accessed on 3 January 2018).

20 Note that the author of this article had the opportunity to review and offer feedback to the Special Rapporteur on an earlier version of the drafted instrument during the first round of the consultation.

Log in via your institution

Log in to Taylor & Francis Online

PDF download + Online access

  • 48 hours access to article PDF & online version
  • Article PDF can be downloaded
  • Article PDF can be printed
USD 53.00 Add to cart

Issue Purchase

  • 30 days online access to complete issue
  • Article PDFs can be downloaded
  • Article PDFs can be printed
USD 878.00 Add to cart

* Local tax will be added as applicable

Related Research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.