As the Snowden revelations continue to capture global headlines, individual privacy has become an elevated concern for many people around the world. Intelligence gathering is an established government function, but online surveillance has created a grey area in the rules of the game. The CIC’s conference on the Electronic Surveillance State, took place on February 28th – March 1st, 2014, and brought together a variety of experts and stakeholders to discuss these issues.
The event began with a keynote speech from the Ontario Information and Privacy Commissioner Ann Cavoukian, and was structured around three panels: (1) Canada and the Electronic Surveillance State; (2) The Global Implications of Electronic Surveillance; and (3) The Question of Reform. At the conclusion of a successful program, participants were left with two fundamental lessons.
#1/ Privacy is a necessary condition for freedom.
“In the absence of the right to privacy, there can be no true freedom of expression and opinion, and therefore no effective democracy” (see Borger, 2013)
– Ms. Dilma Rousseff, President of Brazil
Privacy is an individual human right, codified into international law and the national legislation of many (but not all) governments. When the Snowden leaks first hit mainstream media, many citizens were of the opinion that mass state surveillance was inconsequential, because they ‘had nothing to hide’ or ‘were not doing anything bad or illegal’. These sentiments fail to capture the relationship between privacy and freedom. Privacy rights are essential for maintaining a free and self-governing society, because it enables individuals to freely express themselves. Throughout history, people’s willingness to engage in debate on controversial subjects in the public sphere has always been linked to the possibilities for doing so anonymously (UN General Assembly, 2011). If people cannot express themselves in an anonymous and safe space, democracy cannot exist.
#2/ The ‘Innocuous Metadata’ Myth
“This is just metadata there is no content involved- in other words, not content of a communication” (see O’Keif, 2013)
– Dianne Feinstein, U.S. Senator
Internet technologies such as email, search engines and social media applications have facilitated the development of large amounts of transactional data about individuals. This information – known as metadata – includes personal information on individuals, their location, and their online behavioural information such as the emails they send and receive, the websites they frequent, or the type of hardware and software they use. Unlike the data generated from previous technological innovations, metadata is easily storable, accessible and searchable. Combining the sources and content of an individual’s metadata is extremely valuable. Vint Cerf, one of the founders of the Internet has expressed that, “traffic data can be much more revealing than the content of the communications” (as cited in Cavoukian, 2013). This is because metadata can give states and other actors insights into individual behavior, and even predict future actions. It can also reveal people’s political or religious affiliations, their sexual orientation, as well as their personal and intimate relationships.
Mass State Surveillance Trends
The ability to collect, analyze and store metadata can be attributed to the changing landscape in which surveillance and intelligence collection takes place. Innovations in information and communication technology (ICT) have increased the speed and scale at which data is communicated and shared across cultures and given individuals a new communicative platform to exercise fundamental human rights. At the same time, technological innovations in ICT have increased the opportunity for states to conduct arbitrary surveillance of an individual’s private communications in ways that go against their individual human right to privacy.
State surveillance is not a new phenomenon. From the inception of the first form of remote communications, states have intercepted and monitored the private communications of individuals for law enforcement and national security purposes (United Nations General Assembly, 2013). This is because private communications represent an individual’s most personal and intimate information, and in many cases, can provide insight into an individual’s or group’s past or future actions. For states, this is a valuable source of evidence for preventing and prosecuting serious crimes or forestalling potential national security emergencies (United Nations General Assembly, 2013).
To this date, the disclosure and use of metadata by state authorities remains largely unregulated around the world. In addition, privacy laws and standards have poorly adapted to this changing technological environment. In many states, legal standards are “either non-existent or inadequate to deal with the modern communications surveillance environment” (United Nations General Assembly, 2013).
The Question of Reform
Canada has begun the discussion of reform. The Office of the Privacy Commissioner Canada and other stakeholders have called for increased regulation and oversight of the intelligence collection authority CSEC, and reforms to Canadian privacy laws to better protect Canadians’ privacy in a digital age. The Privacy Commissioner of Canada suggested that these recommendations should be relatively easy and affordable to implement – the low-hanging fruit of privacy reform. However, while these are important strategies for addressing national concerns over Canadians’ personal information, even if robustly enacted, they will not enough to fully protect Canadian privacy in the context of mass state surveillance.
Data protection is an issue that transcends the physical borders of states. In particular, Internet routing infrastructure was designed on principles of speed, efficiency and interoperability. As a result, information shared on the Internet is often routed across numerous legal jurisdictions and national borders, posing challenges to privacy that a single state cannot address solely through domestic strategies.
Some conference attendees suggested that effective international reform will require an international treaty or convention on mass state surveillance, to protect the privacy rights of individuals around the world. However, while international cooperation is surely necessary, the best tools and mechanisms for creating improved practices are not as easy to pick.
In practice, global governance is accomplished by a combination of “hard” and “soft” laws. Hard law, in the form of domestic statutes or international treaties, coexists alongside various forms of soft law, which are less binding, less precise and/or rely on less centralized forms of interpretation and enforcement (Bradshaw & Harris, 2013).
Abbot and Snidal (2000) have argued that in new and complex situations, soft law is a superior tool relative to traditional hard law instruments such as treaties. Once hard laws are established, they are difficult to change: at the national level governments must go through long processes to change or update domestic laws and at the international level, difficulties reaching agreement among culturally heterogeneous parties may make reaching a consensus much more difficult. In contrast, soft law instruments can allow for greater flexibility in interpretation, making it easier for contracting parties to come to an agreement and effectively lowering sovereignty costs. Over time, soft law also facilitates learning about the implications of particular kinds of rules and governance arrangements.
As our relationships with digital networks and ICT continue to deepen and evolve, the capacity for such regulatory learning is essential – and we should actively build such capacity into our governance regimes.
Abbot, Kenneth & Duncan Snidal. (2000). Hard and Soft Law in International Governance. International Organization 54 (3) pp. 421-456.
Borger, Julian. (2013). Brazilian president: US surveillance a ‘breach of international law’. The Guardian, September 24, 2013. http://www.theguardian.com/world/2013/sep/24/brazil-president-un-speech-nsa-surveillance
Bradshaw, Samantha & Harris, Kyle. (2013). Internet Governance via Hard and Soft Laws: Choosing the Right Tools for the Job. The Centre for International Governance Innovation, January 30, 2013.
Cavoukian, Ann. (2013). A Primer on Metadata: Separating Fact from Fiction. http://www.ipc.on.ca/images/Resources/metadata.pdf
O’Keefe, Ed. (2013). Transcript: Dianne Feinstein, Saxby Chambliss explain, defend NSA phone records program. The Washington Post. June 6, 2013.
United Nations General Assembly. (2011). Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue. A/HRC/17/27. http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf
United Nations General Assembly. (2013). Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue. A/HRC/23/40. http://www.ohchr.org/Documents/HRBodies/HRCouncil/RegularSession/Session23/A.HRC.23.40_EN.pdf
Canadian International Council – Toronto Branch Guest Blogger
Research Assistant, Global Security & Politics, Centre for International Governance Innovation (CIGI)