Friday, 28 January 2011
Data Protection Day - Speech by Secretary General Thorbjørn Jagland
Secretary General of the Council of Europe
Data Protection Day (30th Anniversary)
Brussels, 28 January 2011
Ladies and Gentlemen,
Does privacy still matter?
A few weeks ago, the founder of Facebook, Mark Zuckerberg, said in a live webcast that the age of privacy was over. I hope this is not true. I hope privacy is not dead. It still matters, because privacy is a fundamental human right.
Do not get me wrong, information technology and especially the internet with tools like Google, YouTube, and Facebook have revolutionised freedom of expression in ways nobody could have dreamed. They are connecting people across all boundaries of time, distance, culture, and experience.
Online we share ideas, we build knowledge and understanding, we challenge conventional wisdom, and we create networks for positive change. But it has changed our understanding of privacy.
Let me tell you a little story. When Milan Kundera left Prague where every single, most intimate aspect of his life had been under a constant and close scrutiny of the secret police, he arrived in Paris, just to discover tabloid headlines with the most private details about a famous singer’s battle with cancer. He left his country to escape a degrading intrusion in privacy, just to discover that things were not much better in the West. And that was thirty years ago.
The fact is that the line between public life and private life is on the move, and if we do not act, this line will disappear.
But the question is: who is to regulate cyberspace? You, me, the government, which government? How can anything be decided concerning a space nobody owns, but everybody joins?
30 years ago – about the time Milan Kundera has arrived in Paris - the Council of Europe put together a legally-binding text on how to protect against unfair collection and processing of personal data.
This was the childhood of modern data technology. The Council of Europe Convention 108 on the Protection of Individuals with regard to Automatic Processing of Personal Data was a ground breaking legal instrument at the time IBM was launching its first Personal Computer.
This was a time without Internet, without Facebook, with no Twitter, no laptops and the only mobile phones which existed weighed a tonne and were mobile in theory more than in practice.
However, it was a time when huge computers used by public administrations and big enterprises became a way of doing business. Extensive data banks could collect and process personal data, challenging the individual’s right to privacy. And it became clear that someone had to regulate on this.
What was needed was a framework of specific standards to prevent unfair collection and processing of personal data. That is what the Convention - the first legally-binding international instrument with worldwide significance on data protection – provided for.
It drew inspiration directly from the European Convention on Human Rights and Fundamental Freedoms. In particular, from Article 8 of this Convention which states that “Everyone has the right to respect for his private and family life, his home and his correspondence”.
30 years on, the Data Protection Convention has become a benchmark for more than 40 countries in Europe, and has influenced legislation far beyond the European borders.
Today, thirty years later, Commissioner Reding and I decided to join forces celebrating this important anniversary here in Brussels. A fundamental human right has been secured for 30 years, but rapid technological developments have made it necessary to revise our instruments – the Convention and the European Union’s 1995 Directive.
Article 1 of the Convention says that its purpose is to secure for every individual, whatever his nationality or residence, respect for his rights and fundamental freedoms, and in particular his right to privacy.
It is a purpose as valid today as it was 30 years ago.
Today, privacy is challenged, more than ever before in the history of mankind.
Information and Communication Technologies have developed in such a way that information about us is constantly being recorded, communicated, stored and analysed, often without our knowledge, let alone our consent.
We easily overlook the fact that every action involving technology is recorded somewhere. People in George Orwell’s famous novel ‘1984’ were constantly reminded that they were under complete surveillance by the authorities. We should remind ourselves that our way of life interferes with privacy. There is a “Big Brother” watching you almost everywhere you go!
The estimated amount of digital information that was created in 2010 in blogs, tweets and social networks is 1.2 zettabytes. A number so great I cannot spell it out – it is even bigger than the numbers of the Norwegian Pension Fund.
1.2 zettabytes is the equivalent to a television series being broadcast continuously for 125 million years. And that is without commercials!
But, all of this information is stored somewhere. It can be used. And it can also be abused.
Reflecting on this phenomenon, a statement from the Ministers of Justice from the 47 member states of the Council of Europe last year concluded that: “Modern information and communication technologies enable observation, storage and analysis of most day-to-day human activities, more easily, rapidly and invisibly than ever before”, but it also warned that this potentially creates a feeling of being permanently watched, which may impair the free exercise of human rights and fundamental freedoms.
This says it very clearly. We are facing a huge challenge. 1.2 zettabytes of a challenge.
In Norway we have a saying that in a hundred years time everything is forgotten, unless – and I speak from experience – you have been a Prime Minister. Today, nothing is forgotten about anyone anywhere!
Every user of the internet is marked by an irremovable electronic tattoo which is growing bigger - and potentially embarrassing and damaging - with virtually every click of the mouse, every photo we share, every message we send.
Too alarming? Think again. How can we be sure that the electronic jests of our children, the innocent - or meant to be innocent - jokes and provocations exchanged on social networks in the belief that they will stay within a close circle of friends, will not resurface and be used against them ten, twenty, thirty years from now, when they will be entering serious relationships, looking for jobs or running for office?
How can we balance between the right to privacy as guaranteed by Article 8 of the European Convention on Human Rights and the fundamental right to freedom of expression as guaranteed by Article 10?
This very demanding task reflects the diversity and complexity of the 21st century.
Let me give you an example: if posted on a web site or re-published on a site managed by a newspaper, a radio or a TV station, an article can be read anywhere for an unlimited amount of time. There is no right to oblivion.
What I am saying applies to both true and false statements, which may cause terrible havoc. A search engine will be enough to retrieve an old news item you would like to have forgotten.
There is therefore a need to determine, in an international binding document, the right balance between two fundamental rights: the right to privacy and the right to freedom of expression.
The American comedian, Bill Cosby once said that “A new father quickly learns that his child will come to the bathroom at precisely the times when he's in there, as if he needed company. The only way for this father to be certain of bathroom privacy is to shave at the gas station”.
Maybe you can still shave in peace at the gas station, but there will be surveillance cameras, and electronic trace of your purchases. You will have company even if you don’t want it.
30 years of experience with data protection allow us to make one clear conclusion: the only way to strike the balance between freedom of expression and the right to privacy in data collection is having an international, legally-binding treaty.
We have now started to modernise the Convention. But a thorough and balanced instrument can only emerge if we are willing to learn from each others experiences, bringing closer together the various normative frameworks that have developed in different regions of the world.
That is why European Ministers of Justice have encouraged states from all over the world, NGOs and the private sector to actively participate in the modernisation process of Convention 108.
I am pleased to welcome so many speakers and participants here today, representing governments, civil society and the private sector, not only from our observer states such as Mexico and the United States of America, but also from Africa and Asia.
We must all join forces in participating actively in the modernisation process of Convention 108. It must be as international and inclusive as possible.
Today, we will start by launching the public consultation aimed at hearing your concerns, concerns of the general public, of the father shaving in the gas station, of the civil society, of the private sector, and of anyone else committed to a cyberspace which opens limitless opportunities, but never at the expense of human dignity and never at the expense of human rights.
Thank you for your attention.
(NB: Check against delivery)