The top United Nations human rights official criticized the “disturbing lack of transparency” in government online surveillance policies and practices and laid down some guiding principles for businesses approached by state agencies to release customer data or provide technical assistance in snooping activities.
Introducing before the UN general assembly her office’s report entitled: The Rights of Privacy in the Digital Age, Navi Pillay, UN high commissioner for human rights, slammed practices such as “de facto coercion of private sector companies to provide sweeping access to information and data relating to private individuals without the latter’s knowledge or consent.”
“The onus is on the State to demonstrate that such interference is neither arbitrary nor unlawful,” she said.
The report also pointed to the increasing reliance of governments on enterprise to conduct and facilitate their surveillance programs. Governments use both “formal legal mechanisms and covert methods” to gain access to content and metadata.
(Excerpt from the UN report)
“This process is increasingly formalized: as telecommunications services provision shifts from the public sector to the private sector, there has been a delegation of law enforcement and quasi-judicial responsibilities to Internet intermediaries under the guise of self-regulation or cooperation,” the report said.
There may be legitimate reasons why a state requires information and communication technology from a technology company, the report said.
However, when a company provides data or user information to state in response to a request that contravenes the right to privacy under international law, of the use of such information violates human rights or there are no adequate safeguards “that company risks being complicit in or otherwise involved with human rights abuse,” the report warned.
Pillay noted that article 17 of the International Convention on Civil and Political Rights states that “no one shall be subjected to arbitrary or unlawful interference with his or her privacy, family, home or correspondence, nor to unlawful attack on his or her honour and reputation.”
State-sponsored mass surveillance is “emerging as a dangerous habit rather than an exceptional measure” in many countries and expose a “lack of adequate national legislation and/or enforcement, weak procedural safeguards and ineffective oversight,” according to the report submitted by UN High Commissioner’s office.
The report said that the secret nature of certain surveillance powers lends itself to arbitrary exercise and therefore demands greater discretion and oversight. The report said states must create independent procedures of monitoring such surveillance that would include the administrative, judicial and parliamentary branches of government.
According to the report enterprises are expected to honour the principles of human rights when they are faced with demands from government agencies for access to data.
Companies that provide content or Internet services, or supply technology and equipment for digital communication, should adopt “an explicit policy statement” outlining their commitment to human rights throughout the company’s activities.
“This can mean interpreting government demands as narrowly as possible, seeking clarification from a government with regard to the scope and legal foundation for the demand, requiring a court order before meeting government requests for data, and communicating transparently with users about risks and compliance with government demands,” the report said.
“The complexity of the challenges to the right to privacy in this rapidly and dramatically evolving digital age is going to require constant scrutiny between all key sectors,” Pillay said.