Key Privacy Policy Issues: Insights from Legal Experts and Conference Discussions

1. PRIVACY POLICY FORUM - REPORT Panel: ECHR Judge Popovic Hana Gawlasova (practicing lawyer) Prof. Richard de Mulder Mr Josef Prokes (Data Protection Office) Intervenors - Professors: Steve Saxby Jon Garon Michael Birnhack Questions & views from the Conference participants

2. THE KEY PRIVACY POLICY ISSUES – The Panel’s views PRIVACY POLICY ISSUES on & off the agenda • ECHR Judge Popovic • The key question is ‘What sources of law apply to Privacy?’ Not the old • constitutions. It may be easier to make under ‘anglo-saxon’ legal regimes. • The trend is to avoid the courts of law. Lower costs and quicker resolution. • There is a need to ensure separation of powers on data privacy along the lines • John Locke and others. • We need to have an international / regional approach to data privacy, applied at the • national level. • We neglect differences between Western and Eastern Europe. There needs to be • more aid from the west, transferring technologies and data privacy-related ideas.

3. THE KEY PRIVACY POLICY ISSUES – The Panel’s views PRIVACY POLICY ISSUES on & off the agenda • Professor Steve Saxby: • Failures of government to safeguard public data. • Losing the distinction between public and private space. • Data Protection focus is on personal data processing with old style registers. • Is the answer to give the Information Commissioner more power? • The Digital Age – the endless opportunities to merge, manipulate and • intermix data – how do we ensure we do not over-reach ourselves? • Function creep – a dataset used for one purpose used for others. How do • we set sensible limits? Do we really need a £9billion UK ID Card, in • addition to passport, driving licence etc. • Education and the Generations – facebook / myspace – are the younger • naïve or more confident? Is there a half way position?

4. THE KEY PRIVACY POLICY ISSUES – The Panel’s views PRIVACY POLICY ISSUES on & off the agenda • Professor Richard de Mulder: • Access to personal files held by government, e.g. medical records • including those of deceased close relatives. • The lack of access is a serious error. • A rule meant to protect the citizen is abused to do the opposite. • Privacy is not an absolute right in the world today. • We need to be open to new technologies and assess accordingly. • A more explicit monitoring power is needed – and easier ways to do this. • Mr Josef Prokes (Czec Data Protection Office) • The weight of implementation activities in particular public data • registration. • Locally, private CCTV system registrations.

5. THE KEY PRIVACY POLICY ISSUES – The Panel’s views PRIVACY POLICY ISSUES on & off the agenda • Professor Jon Garon • ‘We care too much.’ • No constitutional right to privacy in many nations. In USA inconsistent across • sectors, e.g. medical, financial. • Facebook entries for friends may be accessed by employers. (S. Saxby’s point on • the digital age) – naïve younger users. • Privacy is not the issue – it is the use and misuse of data – define uses and prohibit • violators of that. Focus on ‘do not cross’ lines. • Professor Ed Morse • There are limits of the law with regard to privacy. • ‘Be better people’ …… however ‘perhaps we do care too much.’ • A fools errand to provide an over-arching privacy regulator role - perhaps better to • adopt a sectoral focus like USA, e.g. finance, medical. • Frankly it is very expensive – sand thrown in the bearings.

6. THE KEY PRIVACY POLICY ISSUES – The Panel’s views PRIVACY POLICY ISSUES on & off the agenda • Professor Michael Birnhack: • Cognitive failures result in unreasonable disclosure. • When government and the market join hands and bypass the constitutional & sector / • horizontal control toolkits on data protection and privacy. • The Unholy alliance – EU/US conflict in data protection / privacy and yet EC compromise • on PNR (airline) and Swift information (terrorism-related). • Data Retention Directive and the role put upon ISPs. • Privacy is also a cultural issue in different countries and generations. • Hana Gawlasova (practicing lawyer) • Most clients view Data Privacy legislation as burdensome. Simpler rules required? • Data Security is the main concern. • Stealing identities , ease of data down-loading and combining. • The new generation – have a different value mix to previous generations. • A different mix of hard work, integrity, morality, ethics and leadership.

7. PRIVACY POLICY ISSUES from conference speakers • Balancing of Rights; security (national) versus individual rights (Igor Nemec) • terrorism & associated fears swaying the balance • employers and employee rights balancing • diluted by narrow public perceptions as to the risks • The Power of Surveillance technologies in daily life swaying the balance • Of public spaces (e.g tolls, CCTV recognition) • Electronic RFID traces • Text message/email employer reading • Lawful interception • Public sector open government & exploitation of our data • increased regulatory powers for information commissioners • access to health records of deceased patients

8. PRIVACY POLICY ISSUES from conference speakers PRIVACY POLICY ISSUES on & off the agenda • Internet governance, transparency, openness • – who rules? A new regime required for 2010 needs? • – mobile and on-line advertising? (Phorm-control) • – child pornography, terrorism and hate • – cyber-bullying • – piracy & file sharing • Security losses impacting large number of citizens privacy • Internet banking customer protections; cards, payment protections & liability • Hot Issues: • The Proposed e-Privacy Directive on electronic communications • The Telecom Package

9. THE KEY PRIVACY POLICY ISSUES – CHALLENGE 2 THE PANEL to bring an updated view at the next Conference - and what they have done about the issues in the interim.