The geopolitics of personal data and the governance of privacy
This presentation is the property of its rightful owner.
Sponsored Links
1 / 20

The Geopolitics of Personal Data and the Governance of Privacy PowerPoint PPT Presentation


  • 50 Views
  • Uploaded on
  • Presentation posted in: General

The Geopolitics of Personal Data and the Governance of Privacy. Colin J. Bennett Department of Political Science University of Victoria BC, Canada www.colinbennett.ca [email protected] Presentation to Conference on “Power and Difference,” Tampere, Finland, August 29 th.

Download Presentation

The Geopolitics of Personal Data and the Governance of Privacy

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


The Geopolitics of Personal Data and the Governance of Privacy

Colin J. Bennett

Department of Political Science

University of Victoria

BC, Canada

www.colinbennett.ca

[email protected]

Presentation to Conference on “Power and Difference,” Tampere, Finland, August 29th


Trends in Surveillance Practices – The “New Transparency”

  • Routinizationand expansion of "everyday surveillance”

  • Ambiguity about the nature of personal information

  • Surveillance of mobility and location

  • Embedding of surveillance in material objects

  • Peer-to-peer (horizontal) surveillance

  • Globalization of surveillance practices and processes

    Is the concept and regime of “privacy” appropriate to meet these challenges?


Justifications for Privacy in the West

  • As a Right of the Person

    • La Vie Privée (France)

    • Privatsphäre (Germany)

    • The “Right to be Let Alone” (United States)

    • “Integritet” (Sweden)

  • As a Political Value: A Check against Powerful State and Private Organizations

  • As an Instrumental Value

    • To ensure that the right data are used by the right people for the right purposes

    • To build “trust”in e-commerce and e-government

    • To manage “risk”


The Sociological Critique of “Privacy”

  • Rooted in individualism

  • A rights-based discourse

  • Excessive use of spatial metaphors

  • Insensitive to discrimination and “social sorting”

  • Cultural relativism


The Information Privacy Principles

  • Accountability

  • Purpose identification at time of collection

  • Informed consent for collection

  • To limit use and disclosure (finality)

  • Retention limitation

  • Data quality

  • Data security

  • Openness about policies and practices

  • Individual access and correction


A principled-based approach appears in:

  • Comprehensive data protection laws in around 80 countries

  • Sectoral Legislation in information intensive industries

  • International agreements from Council of Europe, OECD, European Union, Asia-Pacific Economic Cooperation

  • Self-regulatory codes and management and technical standards


International Policy Convergence

  • International policy learning

  • Elite networking

  • Policy harmonization

  • Policy penetration


The European Union

  • Directive 95/46/EC on Personal Data Protection

    • Harmonization of all European Data Protection laws to higher and common standard

    • Insistence on a “supervisory authority” with common powers in each state

    • An “adequate level of protection” in countries that receive European personal data

  • Directive 2009/136/EC: The “Cookie Rules”

  • Draft Regulation on Data Protection, January 2012


The EU’s “Adequacy Standards”

  • Articles 25 and 26 of the EU Data Protection Directive (1995) 95/46/EC

  • Personal data should not be transferred outside EU unless an “adequate level of protection” which requires:

    • Basic content principles: Purpose limitation; data quality and proportionality; transparency; security; rights of access, rectification and opposition; restrictions on onward transfers

    • Procedural/enforcement principles: good level of compliance with the rules; support and help provided to individual data subjects; appropriate redress provided to the injured party

  • Administered by Article 29 Working Party of Supervisory authorities


The Council of Europe Regime

  • 1981 Convention on the Protection of Individuals with Regard to the Automatic Processing of Personal Data (Treaty 108)

    • Ratified by 25 countries

    • Signed by 33 countries

    • Recommendations on specific practices


The OECD Regime

  • Guidelines on the Protection of Privacy and Transborder Flows of Personal Data(1981)

  • Guidelines for the Security of Information Systems (1992)

  • Guidelines for Cryptography Policy (1997)

  • 30 year anniversary of guidelines and analysis of their future?


The APEC Regime

  • The APEC Privacy Principles (2005)

  • Pathfinder process for accountable cross-border flows of personal data within APEC


International Standards Regime

  • ISO 27000 series (Data Security)

  • ISO 24745 (Biometric Information Protection)

  • ISO 24760 –( Framework for Identity Management).

  • ISO 29100 – (A Privacy Framework)

  • ISO 29101 (Privacy Reference Architecture)


The Policy Dilemma

ADEQUATE LAWS?

  • The presence of key legal principles

  • An independent supervisory authority

  • A good level of compliance

ACCOUNTABLE ORGANIZATIONS?

  • Makes original collector of personal data ‘responsible’ – ‘liable?’

  • Evaluates the “due diligence” of the organization

    • Use of contracts

    • Binding corporate rules

    • Self-certification schemes

    • Third-party certification to management and technical standards


The Framing (Discursive) Dilemma

  • The Protection of “Privacy”?

  • The Minimization of “Surveillance”?


The Geo-Political Dilemma

  • National Sovereignty

  • Personal Identity and Subjectivity

  • The “Anti-Geography” of the Internet


  • Login