Privacy in Mobile and Pervasive Computing. Florian Schaub
Читать онлайн книгу.
most prominent being the Universal Declaration of Human Rights, adopted by the United Nations in 1948, which states in its Article 12 that [United Nations, 1948]:
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.
Similar protections can be found in Article 8 of the Council of Europe’s Convention of 1950 [Council of Europe, 1950], and again in 2000 with the European Union’s Charter of Fundamental Rights [European Parliament, 2000], which for the first time in the European Union’s history sets out in a single text the whole range of civil, political, economic, and social rights of European citizens and all persons living in the European Union [Solove and Rotenberg, 2003]. Article 8 of the Charter, concerning the Protection of Personal Data, states the following [European Parliament, 2000].
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority.
The rise of the Internet and the World Wide Web in the early 1990s had prompted many to proclaim the demise of national legal frameworks, as their enforcement in a borderless cyberspace seemed difficult at least.3 However, the opposite effect could be observed: at the beginning of the 21st century, many national privacy laws have not only been adjusted to the technical realities of the Internet, but also received a substantial international harmonization facilitating cross-border enforcement.
Today, more than 100 years after Warren and Brandeis laid the foundation for modern data protection laws, two distinctive principles for legal privacy protection have emerged: the European approach of favoring comprehensive, all-encompassing data protection legislation that governs both the private and the public sector, and the sectoral approach popular in the United States that favors sector-by-sector regulation in response to industry-specific needs and concerns in conjunction with voluntary industry self-regulation. In both approaches, however, privacy protection is broadly modeled around what is known as “Fair Information Practice Principles.”
The Fair Information Practice Principles
If one would want to put a date to it, modern privacy legislation was probably born in the late 1960s and early 1970s, when governments first began to systematically make use of computers in administration. Alan Westin’s book Privacy and Freedom published in 1967 [Westin, 1967] had a significant impact on how policymakers in the next decades would address privacy. Clarke [2000] reports how a 1970 German translation of Westin’s book significantly influenced the world’s first privacy law, the “Datenschutzgesetz” (data protection law) of the West German state Hesse. In the U.S., a Westin-inspired 1973 report of the United States Department for Health Education and Welfare (HEW) set forth a code of Fair Information Practice (FIP), which has become a cornerstone of U.S. privacy law [Privacy Rights Clearinghouse, 2004], and has become equally popular worldwide. The five principles are as follows [HEW Advisory Committee, 1973].
1. There must be no personal data record keeping systems whose very existence is secret.
2. There must be a way for an individual to find out what information about him is in a record and how it is used.
3. There must be a way for an individual to prevent information about him that was obtained for one purpose from being used or made available for other purposes without his consent.
4. There must be a way for an individual to correct or amend a record of identifiable information about him.
5. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data.
In the early 1980s, the Organization for Economic Cooperation and Development (OECD) took up those principles and issued “The OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data” [OECD, 1980], which expanded them into eight practical measures aimed at harmonizing the processing of personal data in its member countries. By setting out core principles, the organization hoped to “obviate unnecessary restrictions to transborder data flows, both on and off line.” The eight principles are as follows [OECD, 2013].4
1. Collection Limitation Principle. There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
2. Data Quality Principle. Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
3. Purpose Specification Principle. The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
4. Use Limitation Principle. Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with the Purpose Specification principle except:
(a) with the consent of the data subject; or
(b) by the authority of law.
5. Security Safeguards Principle. Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
6. Openness Principle. There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity about usual residence of the data controller.5
7. Individual Participation Principle. Individuals should have the right:
(a) to obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to them;
(b) to have communicated to them, data relating to them
i. within a reasonable time;
ii. at a charge, if any, that is not excessive;
iii. in a reasonable manner; and
iv. in a form that is readily intelligible to them;
(c) to be given reasons if a request made under subparagraphs (a) and (b) is denied, and to be able to challenge such denial; and
(d) to challenge data relating to them and, if the challenge is successful, to have the data erased; rectified, completed or amended.
8. Accountability Principle. A data controller should be accountable for complying with measures which give effect to the principles stated above.
Even though the OECD principles, just as the HEW guidelines before them, carried no legal obligation, they nevertheless constituted an important international consensus that substantially influenced national privacy legislation in many countries in the years to come [Solove and Rotenberg, 2003]. In what Michael Kirby, former Justice of the High Court in Australia, has called the “decade of privacy” [Clarke, 2006], many European countries (and the U.S.) followed the German state Hesse in passing comprehensive data protection laws—the first national privacy law was passed in Sweden in 1973, followed by the U.S. (Privacy Act of 1974, regulating processing of personal information by federal agencies), Germany (1977), and France (1978).
The FIPs, while an important landmark in privacy protection, are, however, not without their flaws. Clarke [2000]