SlideShare uma empresa Scribd logo

Surveillance Coursework (COMPLETED-2

Transferir como DOCX, PDF
M
Matthew MacNabb

UK law provides some protection for personal data through laws like the Data Protection Act 1998, but these laws are not coherent or effective enough. The DPA is outdated and has many weaknesses, such as principles that only cover basic data protection cases. Multiple pieces of legislation and exemptions mean the government and corporations can evade accountability for compromising personal data. For UK privacy laws to be truly effective, a major reform is needed to make protection of personal data a higher priority, cover emerging technologies, and follow the more extensive approaches taken in other countries like France.

1 de 12
Explain if, and to what extent, you agree that UK law provides a necessary, coherent and effective means of protecting personal data. Name: Matthew MacNabb Student Number: B00640045 Module: Surveillance and the Law CRN: 3167 Word Count: 2655
Introduction “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.”1 This essay will examine how the privacy laws in the UK do not provide a necessary, coherent and effective means of protecting its citizens personal data, it will scrutinise the reasons why this is the case and determine how the laws should be modified to sufficiently protect personal data. The development of data collection and society, along with technological advances has the potential to lead to many noxious effects such as the ability to erode trust, societal cohesion and even democracy itself.2 In modern times, the explosion of data has meant protecting data is a much more formidable challenge compared to earlier times. It is clear to see that even though data protection laws in the UK are necessary to protect citizens, the laws are not coherent because (i) there are too many different pieces of legislation (ii)data protection laws only cover the most basic cases of data protection breaches. The effect of this is that citizens are vulnerable and the government and large corporations have the power to evade retribution for acts which compromise personal data. There was no law on privacy until the case of Entick v Carrington3 where it was clarified that a warrant is needed to be on a citizen’s property, the court found that to infringe a persons space (or property) was to interfere with their privacy. Indeed, this lack of clarification is a problem for the judicial system. The absence of a specific tort of privacy has meant that the courts have had to deal with the defects of the law in the sense of ‘putting old torts on the Procrustean bed and stretching them out of shape to meet new requirements’4. This could be used as an argument for a tort of privacy. However, the most recent judgement in relation to this problem has presented a potential stumbling block. Lord Justice Mummery asserted in the case of R v Wainwright5 that the proposition of a privacy act would bring more problems and claimed that the public was in fact entirely uninterested in the concept. This 1Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (first published 2 March 2015) 2 Kevin D Haggerty & Richard V Ericson, The New Politics of Surveillance & Visibility (University of Toronto Press, 2006) pp363-384 3(1765) 19 How St. Tr. 1030 4Basil Markesinis,Colm O’Cinneide,Jörg Fedtke and Myriam Hunter-Henin, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October 5 [2001] EWCA Civ. 2081, at para. 42
assertion contradicted previous judgements by Lord Cottenham LC who called for a tort of privacy in the case of Prince Albert v. Strange6 and Lord Denning who spoke in support of Lord Mancroft’s Privacy Bill7 in the House Of Lords. The Jurisprudential Foundations Of Privacy (i)The courts previously relied on breach of confidence in relation to privacy. Lord Nicholls defined this as “[the imposition] of a duty of confidence whenever a person receives information he knows or ought to know is fairly and reasonably to be regarded as confidential”8 There is no doubt that there has been significant development in relation to this area of law as seen in cases such as Creation Records v News Group Newspapers9 and Douglas v Hello! Ltd10 where it was decided in both judgments that to publish information that could be considered private was a breach of confidence. This was in contrast to the case of Malone v Metropolitan Police Commissioner11 where the judge decided that the interception of phone calls was not deemed a breach of confidence12. However, it is clear that there is still dissatisfaction in regards to breach of confidence in privacy law. This is reflected by A.Morgan who argues that ‘the development of the law of confidence since Douglas & Zeta-Jones is only the latest artificial and unsatisfactory attempt to stretch the fabric of an existing tort to fit privacy within its straitjacket.’13 (ii)The current laws governing the protection of personal data are incoherent (see appendix); a clear example of this is The Data Protection Act 1998 (DPA). The unsatisfactory nature of legislation relating to privacy and the disclosure of the EU Data Protection Directive of 1995, which required Member States to protect people's fundamental rights and freedoms, in particular their right to privacy with respect to the processing of personal data led to the enactment of the DPA. The DPA is designed to provide safeguards for both the consumer and the company. The question that needs to be asked however is whether the Data Protection Act succeeds in the purpose it was designed for? Firstly, it must be clarified that the Data Protection Act at the time of its enactment was one of the 6(1849) 1 Mac.&G.25, 47. Privacy was the interest that had really been affected in this case. 7HL Debates, Vol. 229, col. 638. 8Lord Nicholls in Campbell v MGN Ltd [2004] A.C.457 at 464-5 9[1997] EMLR 444 10[2005] EWCA Civ 595 11[1979] Ch 344. 12 Megarry VC in the case of Malone v Metropolitan Police Commissioner “ No doubt a person who uses a telephone to give confidential information to anothermay do so in such a way as to impose an obligation of confidence on that other: but I do not see how it could be said that any such obligation is imposed on those who overhear the conversation, whether by means of tapping or otherwise.” 13 A.Morgan “Privacy, Confidence & Horizontal Effect: Hello Trouble” (2003) 62 (2) Cambridge Law Journal 444
most significant advances in laws relating to privacy in the United Kingdom. Nevertheless, the Data Protection Act is a deeply flawed piece of statute. This is part down to the fact that it was enacted in a different era where data was not so important and detailed as it is now. More significantly, however is the concept that the government does not want to protect personal data to the extent the public want. Hence, it could be argued that the Data protection Act is a smokescreen, enacted so that the United Kingdom would comply with the EU directive in the most minimal manner possible. Simon Davies agrees with this notion, suggesting that the Act, ‘was written with the express intention of ensuring that data protection administration was weak, because this government saw data protection as a potential roadblock to profitable commerce.’14 Indeed this quote has never been more relevant in the United Kingdom with the recent news of the enactment of the Investigatory Powers Bill which will allow the police, intelligence services and the National Crime Agency ‘to be given powers to view everyone’s entire internet history.’15 Is it a plausible suggestion that the government are truly interested in protecting our personal data? David Anderson, the Independent Reviewer of Terrorism Legislation commented on the extent of the data protection problem in the United Kingdom, ‘noting that he knew of no other Western countries which forced service providers to retain “weblogs” and that new Australian legislation had been drafted in such a way as to prevent that happening’.16 So, what are the weaknesses of the Data Protection Act? Essentially, all the principles in schedule 117; more specifically the restrictive nature of the listed principles. It is clear that the principles act to cover the most basic protection of personal data. However, they only cover the surface of the protection of personal data; hence linking in the previously stated notion that the government has used the Act as a way of avoiding criticism from the general public. John Harris’ article on privacy sheds light on the depth of the problems with the Data Protection Act; or more specifically the incompetencies of the act. In this article it was stated that Credit reporting agency’s have access to 14 John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 15’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be-given-powers-to-view-everyones-entire-internet- history-34155192.html> accessed 30th October 2015 16’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be-given-powers-to-view-everyones-entire-internet- history-34155192.html> accessed 30th October 2015 17 Data Protection Act 1998 Schedule 1
‘very detailed personal information.’ In addition, they can “do more or less what they choose, and exempt themselves from any liability. That is unheard of anywhere else in the world.”18 Another, and possibly the most significant weakness of the DPA is the undeniable concept that it is outdated. Modern technology has developed far beyond the capabilities of the act. As the laws regarding privacy and specifically the data protection act remain idle, technology continues to develop and this is troublesome for the protection of personal data. This is evident in Moore’s Law, which is an observation made by Gordon Moore that data density had doubled every 18 months. The DPA does not have the capabilities to deal with the modern technology that was developed to handle the influx of personal data. Daniel B Garrie commented on this by suggesting that the, ‘laws seem to always lag behind human creativity’19. The problems that this can cause are disastrous. The problems with DPA 1998 are continuous and will remain that way unless action is taken; so, what modifications need to be made to the Act to ensure that personal data is protected? It is clear that significant modifications need to be made to the existing principles in schedule 120. C Raab sets out precisely what the DPA should look like; ‘…Data should be collected fairly and lawfully, kept for specified and legitimate purposes and not used incompatibly with them. They should be adequate, relevant and not excessive in relation to their purposes: accurate and not outdated: held only as long as necessary, and held securely. Especially sensitive information should be specially safeguarded. Data subjects should be able to have access to their data and get them corrected if necessary, and to obtain remedies.’21 (iii)It is clear that laws relating to privacy in the United Kingdom are not satisfactory, however they have developed significantly due to the introduction of the Human Rights Act 1998. ‘Few can doubt that the United Kingdom Human Rights, in incorporating the ECHR and in particular the guarantee of the right to privacy in Article 8 of the convention…is having a considerable effect on the developing protection of human privacy in English common law.’22 18John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 19Garrie, D. & Wong,R., ‘Social Networking Opening the Floodgates to Personal Data.’ [2010] Computer and Telecommunication Law Review. 20Data Protection Act 1998 Schedule 1 21 Raab, C.,’Co-Producing Data Protection’ (1997) International Review of Law, Computers and Technology 11-24 22Basil Markesinis,Colm O’Cinneide,Jörg Fedtke and Myriam Hunter-Henin, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October
Article 8 of the ECHR is the right to respect for privacy and family life. The importance of Article 8 is seen in the case S and Marper v United Kingdom23 where it was held that holding DNA samples of a person acquitted of a crime is a violation of the right to privacy under Article 8. This case reveals potentially the most important features of the article, its open-ended nature in relation to matters that concern privacy.24 As a result of this policy, this means that member states including the United Kingdom are bound by this rationale. It is clear that the impact of Article 8 was revolutionary in European Law. Unfortunately, the United Kingdom have not executed themselves in line with the article to the same extent other member states have. For example, in Germany. In line with Article 8, Germany has put in the effort to ensure that they have conducted themselves in the most lawful manner. This is seen clearly in their laws relating to Facebook. People in Germany are not obliged to use their real name on Facebook; they can use a fake name. German courts ruled that people have a right to use a pseudonym name in line with EU law.25 (iv)The Freedom Of Information Act26 (FOI) was issued with the objective that it creates public “right of access” to information held by public authorities.27 The Act was intended ‘to amend the Data Protection Act 1998 and the Public Records Act 1958’28. Previously, the United Kingdom had no legislation that obligated the public sector to make information available to the general public.29 Initially the FOI Act was promising as it was based on the1997 white paper, ‘Your right to Know’ which was met with widespread enthusiasm.30 However, it is clear that the FOI Act is not the promising act that was expected. It is evident that the scope of the provisions in the Act have been significantly limited. This opinion is reverberated by Hazel Robert in which she warned before the 23 S and Marper v United Kingdom [2008] ECHR 1581 24 Bernadette Rainey, Elizabeth Wicks, Clare Ovey, Jacobs, White & Ovey: the European Convention on Human Rights (12 August 2014) 334 25 Facebook in Germany privacy battle over users'fake names (BBC News, 29 July 2015) <www.BBC.co.uk/news/technology-33702674> accessed 4th November 26 Freedom Of Information Act 2000 27 Freedom Of Information Act 2000 s.1 28 ‘Lucy A.Dalglish,State Open Government Law and Practice in a post 9/11 (World Lawyers and Judges Publishing Company Inc Oct 2007) 29Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November 30Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November
release that the ‘FOI risks becoming a hollow shell’.31 Consequentially, Hazel Robert’s warning has become a reality. Lord MacKay divulged into the weaknesses of the FOI Act by stating that provisions that allow ministers to veto applications create a “get out clause” essentially rendering the bill “toothless”.32 The FOI Act has many more exemptions than any other bill relating to Freedom of Information in similar democratic societies. The question again must be raised, are the government truly committed to protecting our data? The United Kingdom Data Protection Reformation (i)The power the government and large corporations have with the control of our personal data is alarming. This could be potentially devastating, ‘Control over personal information is control over an aspect of the identity one projects to the world’33. The laws relating to privacy in the United Kingdom do not protect data. Essentially leaving every citizen extremely vulnerable. Therefore, it is clear that a major reform is needed to ensure privacy laws in the United Kingdom adequately protect data. So what can be done to improve data protection in the United Kingdom? Firstly It is evident that the law should be more proactive in protecting our data. They should not wait for some major controversy before adapting our privacy laws. Instead they should look at potential problems and actively seek to amend that area of law. (ii)Furthermore, Privacy laws in the United Kingdom need to be more extensive in covering matters which relate to data protection. The courts need to be rigorous with matters concerning data breaches. French law should be extensively employed to aid the government in covering data protection matters. The Cour de cassation have established that every citizen is entitled to privacy.34 The case of Le Grand Secret is a classic example of where French courts have ensured that a 31Hazel, Robert, ‘Commentary on The Freedom of Information White Paper’ <http://www.ucl.ac.uk/spp/publications/unit-publications/19.pdf.> accessed 4th November 32Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November 33 Agie P.E., Rotenberg M.(eds), ‘Technolgy & Privacy, The New Landscape’ MIT Press, [1998] 34 Civ. 1ère 23 October 1990, Bull. civ., n°222
person, no matter what their public position are entitled to privacy.35 However, recent developments have proven that there is more leniency in the release of personal information if it concerns a public person.36 Therefore, the protection of information belonging to an ordinary citizen in France is of the upmost importance and if this is not adhered to the French Courts have the ability to act to uphold ones privacy. (iii)There should be a publicity campaign to bring awareness to the issue of data protection in the UK. The citizens should know what their rights entail. This would allow them to form their own opinion on data protection laws; meaning that as a democracy, society can dictate what should be done to improve the protection of personal data in the UK. (iv)The United Kingdom needs a Privacy Act which focuses entirely on matters which protects and upholds an individuals privacy. The benefit of having one Act that entirely focuses on privacy is that ordinary citizens will know their rights. This would bring publicity to the issue of data protection and allow for consistent development to the law of privacy. (v)The Information Commissioner (IC) who governs data protection should be given more powers. Currently the IC oversees the protection of data with the DPA and the FOI. They have the ability to fine corporations diminutive amounts of money. It is clear that the IC should be allowed to impose significant fines and embargoes on corporations that have violated data protection laws. This would act as a deterrent and ultimately decrease violations of data protection. (vi)Finally, there should be an independent specialist council to oversee issues and potential problems relating to data protection such as the Article 29 Working Party. This would mean that there would be a group of highly qualified legal persons who could focus entirely on the area of data protection. They would review the laws governing data protection and give expert advice to states regarding their data protection laws. Essentially, this would allow that specific problems relating to data protection are dealt with in an attentive manner. Furthermore, the specialist council would be able to prevent potential data breaches. Conclusion 35The case of Le Grand Secret concerns the former President of the Republic François Mitterrand and the injunction placed on the publication of a book of which details of his illness took place. See E. Agostini, “Le grand secret “,D.1996, p. 58; G. Memeteau, “L’honneur d’un Président “, G.P.1996.II., p. 754 36Cf. Civ. 1ère 23 April 2003, D.2003, n°28, p. 1854, note C. Bigot.
It is evident throughout this essay that the laws in the UK which protect personal data are incoherent and flawed. There are ultimately two main factors which have determined this conclusion. Firstly, there are too many pieces of legislation governing data protection. Secondly, current legislation only covers the most basic of personal data breaches. This is clearly the case with the examples which have been given. The laws relating to privacy in the United Kingdom do not compare to more rigorous legislation of model member states such as France or Germany. As previously stated, the United Kingdom have exacted themselves in the most minimal manner possible regarding Article 8 of the Human Rights Act. The reason for this can not be pinpointed, however there is strong indication that the government do not want data of citizens to be out of their reach. Data must be protected using sufficient safeguards in the form of legislation. Presently, the United Kingdom are in a crisis of privacy; if data protection laws do not change then the United Kingdom could face a disaster.
Table Of Legislation: • Criminal Justice Act 1988, s.39 • Criminal Justice and Public Order Act 1994 • Data Protection Act 1998 • Freedom Of Information Act 2000 • Human Right Act 1998, Article 8 • The Justices of the Peace Act 1361 Table Of Books: • Agostini E, “Le grand secret “,D.1996, p. 58 • Dalglish L,State Open Government Law and Practice in a post 9/11 (World Lawyers and Judges Publishing Company Inc Oct 2007) • Haggerty K & Ericson R, The New Politics of Surveillance & Visibility (University of Toronto Press, 2006) pp363-384 • Lyon D,The Electronic Eye: The Rise of Surveillance Society (University of Minnesota Press, 1994) 22 • Memeteau G, “L’honneur d’un Président “, G.P.1996.II., p. 754 • Reniner (1997) pp.1004-1005 • Rainey B,Wicks E, Ovey C, Jacobs, White & Ovey: the European Convention on Human Rights (12 August 2014) 334 • Schneier B, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (first published 2 March 2015) Table Of Journal Articles: • A.Morgan “Privacy, Confidence & Horizontal Effect: Hello Trouble” (2003) 62 (2) Cambridge Law Journal 444
• Garrie, D. & Wong, R., ‘Social Networking Opening the Floodgates to Personal Data.’ [2010] Computer and Telecommunication Law Review. • Raab, C.,’Co-Producing Data Protection’ (1997) International Review of Law, Computers and Technology 11-24 • Agie P.E., Rotenberg M.(eds), ‘Technolgy & Privacy, The New Landscape’ MIT Press, [1998] Table Of Online Journal Articles: • Hazel, Robert, ‘Commentary on The Freedom of Information White Paper’ <http://www.ucl.ac.uk/spp/publications/unit-publications/19.pdf.> accessed 4th November • Markesinis B,O’Cinneide C,Fedtke B and Hunter-Henin M, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October • Walsh R, ‘Human Nature-why surveillance is a way of life’ (2 June 2015)<www.bestvpn.com/blog/1259/human-nature-surveillance-way-life/> accessed 23rd October Table Of Reports: • HL Debates, Vol. 229, col. 638. Table Of Online Newspaper Articles: • John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 • ’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be- given-powers-to-view-everyones-entire-internet-history-34155192.html> accessed 30th October 2015 • Facebook in Germany privacy battle over users' fake names (BBC News, 29 July 2015) <www.BBC.co.uk/news/technology-33702674> accessed 4th November • Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation- information-commissioner> accessed 3rd November
Appendix Laws Currently governing Data Protection In the UK: • Data Protection Act 1998 • Article 8 Of the European Convention of Human Rights • The Regulatory Investigatory Powers Act • Protection from Harassment Act 1997 • Data Retention and Investigatory Powers Act 2014 • Freedom of Information Act 2000 • The EU Data Protection Directive 1995

Recomendados

The CFAA and Aarons Law
The CFAA and Aarons LawThe CFAA and Aarons Law
The CFAA and Aarons LawThomas Jones
 
Wikileaks, Hactivism, and Government: An Information War
Wikileaks, Hactivism, and Government: An Information WarWikileaks, Hactivism, and Government: An Information War
Wikileaks, Hactivism, and Government: An Information WarThomas Jones
 
2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)Felipe Prado
 
Hass & Associates Online Reviews
Hass & Associates Online ReviewsHass & Associates Online Reviews
Hass & Associates Online Reviewsaleenia23
 
Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Obama moves forward with internet id plan by batteryfast
Obama moves forward with internet id plan by batteryfastObama moves forward with internet id plan by batteryfast
Obama moves forward with internet id plan by batteryfastbattery-fast. com
 
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake Morgan
 
Amazon Tax Wars
Amazon Tax WarsAmazon Tax Wars
Amazon Tax WarsInternet Law Center
 

Recomendados

The CFAA and Aarons Law
The CFAA and Aarons LawThe CFAA and Aarons Law
The CFAA and Aarons LawThomas Jones
 
Wikileaks, Hactivism, and Government: An Information War
Wikileaks, Hactivism, and Government: An Information WarWikileaks, Hactivism, and Government: An Information War
Wikileaks, Hactivism, and Government: An Information WarThomas Jones
 
2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)2600 v19 n1 (spring 2002)
2600 v19 n1 (spring 2002)Felipe Prado
 
Hass & Associates Online Reviews
Hass & Associates Online ReviewsHass & Associates Online Reviews
Hass & Associates Online Reviewsaleenia23
 
Personal Data Privacy and Information Security
Personal Data Privacy and Information SecurityPersonal Data Privacy and Information Security
Personal Data Privacy and Information SecurityCharles Mok
 
Obama moves forward with internet id plan by batteryfast
Obama moves forward with internet id plan by batteryfastObama moves forward with internet id plan by batteryfast
Obama moves forward with internet id plan by batteryfastbattery-fast. com
 
Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake lapthorn In House Lawyer forum - 11 Sept 2012
Blake lapthorn In House Lawyer forum - 11 Sept 2012Blake Morgan
 
Amazon Tax Wars
Amazon Tax WarsAmazon Tax Wars
Amazon Tax WarsInternet Law Center
 
Washington's Privacy Tango
Washington's Privacy TangoWashington's Privacy Tango
Washington's Privacy TangoInternet Law Center
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010mleyden
 
DCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetDCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetPaul Elliott
 
Blog Wars at New Media Expo
Blog Wars at New Media ExpoBlog Wars at New Media Expo
Blog Wars at New Media ExpoInternet Law Center
 
Internet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law Center
 
Net Neutrality in Education
Net Neutrality in EducationNet Neutrality in Education
Net Neutrality in EducationCraig Geffre
 
Web tracking and privacy law
Web tracking and privacy lawWeb tracking and privacy law
Web tracking and privacy lawJoe Mornin
 
Fourth amendment cloud darren chaker
Fourth amendment cloud darren chakerFourth amendment cloud darren chaker
Fourth amendment cloud darren chakerDarren Chaker
 
Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Anthony Rapa
 
Apresentação de Jeanette Hofmann
Apresentação de Jeanette HofmannApresentação de Jeanette Hofmann
Apresentação de Jeanette HofmannFórum da Internet no Brasil
 
SM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation ManagementSM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation ManagementInternet Law Center
 
Security Regulatory Framework
Security Regulatory FrameworkSecurity Regulatory Framework
Security Regulatory Frameworkanthonywong
 
Legislation
LegislationLegislation
Legislationmegabyte
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailLance Michalson
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyThoughtworks
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of datadan hyde
 
Net nutrality
Net nutralityNet nutrality
Net nutralityandrewbourget
 
Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?Nicole Black
 
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastMichael Owen
 
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...Patton Boggs LLP
 

Mais conteúdo relacionado

Mais procurados

Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Financial Poise
 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010mleyden
 
DCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetDCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetPaul Elliott
 
Internet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law Center
 
Net Neutrality in Education
Net Neutrality in EducationNet Neutrality in Education
Net Neutrality in EducationCraig Geffre
 
Web tracking and privacy law
Web tracking and privacy lawWeb tracking and privacy law
Web tracking and privacy lawJoe Mornin
 
Fourth amendment cloud darren chaker
Fourth amendment cloud darren chakerFourth amendment cloud darren chaker
Fourth amendment cloud darren chakerDarren Chaker
 
Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Anthony Rapa
 
SM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation ManagementSM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation ManagementInternet Law Center
 
Security Regulatory Framework
Security Regulatory FrameworkSecurity Regulatory Framework
Security Regulatory Frameworkanthonywong
 
Legislation
LegislationLegislation
Legislationmegabyte
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailLance Michalson
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyThoughtworks
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of datadan hyde
 
Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?Nicole Black
 

Mais procurados (20)

Washington's Privacy Tango
Washington's Privacy TangoWashington's Privacy Tango
Washington's Privacy Tango
 
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
Cybersecurity & Data Privacy 2020 - Introduction to US Privacy and Data Secur...
 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010
 
DCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetDCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_Net
 
Blog Wars at New Media Expo
Blog Wars at New Media ExpoBlog Wars at New Media Expo
Blog Wars at New Media Expo
 
Internet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP InstituteInternet Law 2014 - Presentation at CalBar IP Institute
Internet Law 2014 - Presentation at CalBar IP Institute
 
Net Neutrality in Education
Net Neutrality in EducationNet Neutrality in Education
Net Neutrality in Education
 
Web tracking and privacy law
Web tracking and privacy lawWeb tracking and privacy law
Web tracking and privacy law
 
Fourth amendment cloud darren chaker
Fourth amendment cloud darren chakerFourth amendment cloud darren chaker
Fourth amendment cloud darren chaker
 
Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016Cyber Claims Brief Summer 2016
Cyber Claims Brief Summer 2016
 
Apresentação de Jeanette Hofmann
Apresentação de Jeanette HofmannApresentação de Jeanette Hofmann
Apresentação de Jeanette Hofmann
 
SM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation ManagementSM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
SM Chamber of Commerce TechTalk: 5 Rules of Reputation Management
 
Security Regulatory Framework
Security Regulatory FrameworkSecurity Regulatory Framework
Security Regulatory Framework
 
Legislation
LegislationLegislation
Legislation
 
Be aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to emailBe aware of the laws in South Africa that apply to email
Be aware of the laws in South Africa that apply to email
 
Data & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny LeroyData & Privacy: Striking the Right Balance - Jonny Leroy
Data & Privacy: Striking the Right Balance - Jonny Leroy
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data Privacy
 
Sovereignty: the state of data
Sovereignty: the state of dataSovereignty: the state of data
Sovereignty: the state of data
 
Net nutrality
Net nutralityNet nutrality
Net nutrality
 
Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?Does Cloud Computing Compromise Clients?
Does Cloud Computing Compromise Clients?
 

Semelhante a Surveillance Coursework (COMPLETED-2

DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastMichael Owen
 
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...Patton Boggs LLP
 
Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)itgsabc
 
NYCLA Privacy CLE_october_1_2014_presentation
NYCLA Privacy CLE_october_1_2014_presentationNYCLA Privacy CLE_october_1_2014_presentation
NYCLA Privacy CLE_october_1_2014_presentationAltheimPrivacy
 
80223977 school surveillance
80223977 school surveillance80223977 school surveillance
80223977 school surveillanceskimkiper
 
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAWRESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAWChirine Haddad ?
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Darren Chaker Computer Search Warrant
Darren Chaker Computer Search WarrantDarren Chaker Computer Search Warrant
Darren Chaker Computer Search WarrantDarren Chaker
 
NSA Persuasive Essay
NSA Persuasive EssayNSA Persuasive Essay
NSA Persuasive EssayJill Lyons
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1MohsinMughal28
 
Causes of the Growing Conflict Between Privacy and Security
Causes of the Growing Conflict Between Privacy and SecurityCauses of the Growing Conflict Between Privacy and Security
Causes of the Growing Conflict Between Privacy and SecurityDon Edwards
 
Privacy and Access to Information Law - Lecture 1
Privacy and Access to Information Law - Lecture 1Privacy and Access to Information Law - Lecture 1
Privacy and Access to Information Law - Lecture 1James Williams
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxadampcarr67227
 
E. Bryan - E-Governance and Personal Privacy
E. Bryan - E-Governance and Personal PrivacyE. Bryan - E-Governance and Personal Privacy
E. Bryan - E-Governance and Personal PrivacyEmerson Bryan
 

Semelhante a Surveillance Coursework (COMPLETED-2 (17)

DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the pastDRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
DRAFT 2 - The Internet has effectively rendered privacy as a thing of the past
 
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...The Transatlantic Trade and Investment Partnership: The Intersection of the I...
The Transatlantic Trade and Investment Partnership: The Intersection of the I...
 
Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)
 
Newsletter DP issue 19
Newsletter DP issue 19Newsletter DP issue 19
Newsletter DP issue 19
 
NYCLA Privacy CLE_october_1_2014_presentation
NYCLA Privacy CLE_october_1_2014_presentationNYCLA Privacy CLE_october_1_2014_presentation
NYCLA Privacy CLE_october_1_2014_presentation
 
80223977 school surveillance
80223977 school surveillance80223977 school surveillance
80223977 school surveillance
 
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAWRESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Darren Chaker Computer Search Warrant
Darren Chaker Computer Search WarrantDarren Chaker Computer Search Warrant
Darren Chaker Computer Search Warrant
 
NSA Persuasive Essay
NSA Persuasive EssayNSA Persuasive Essay
NSA Persuasive Essay
 
Argument for Snowden Clemency
Argument for Snowden ClemencyArgument for Snowden Clemency
Argument for Snowden Clemency
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
Causes of the Growing Conflict Between Privacy and Security
Causes of the Growing Conflict Between Privacy and SecurityCauses of the Growing Conflict Between Privacy and Security
Causes of the Growing Conflict Between Privacy and Security
 
Privacy and Access to Information Law - Lecture 1
Privacy and Access to Information Law - Lecture 1Privacy and Access to Information Law - Lecture 1
Privacy and Access to Information Law - Lecture 1
 
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docxhttpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
httpsdigitalguardian.comblogsocial-engineering-attacks-common.docx
 
CIAR_8_1_3.pdf
CIAR_8_1_3.pdfCIAR_8_1_3.pdf
CIAR_8_1_3.pdf
 
E. Bryan - E-Governance and Personal Privacy
E. Bryan - E-Governance and Personal PrivacyE. Bryan - E-Governance and Personal Privacy
E. Bryan - E-Governance and Personal Privacy
 

Surveillance Coursework (COMPLETED-2

  • 1. Explain if, and to what extent, you agree that UK law provides a necessary, coherent and effective means of protecting personal data. Name: Matthew MacNabb Student Number: B00640045 Module: Surveillance and the Law CRN: 3167 Word Count: 2655
  • 2. Introduction “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.”1 This essay will examine how the privacy laws in the UK do not provide a necessary, coherent and effective means of protecting its citizens personal data, it will scrutinise the reasons why this is the case and determine how the laws should be modified to sufficiently protect personal data. The development of data collection and society, along with technological advances has the potential to lead to many noxious effects such as the ability to erode trust, societal cohesion and even democracy itself.2 In modern times, the explosion of data has meant protecting data is a much more formidable challenge compared to earlier times. It is clear to see that even though data protection laws in the UK are necessary to protect citizens, the laws are not coherent because (i) there are too many different pieces of legislation (ii)data protection laws only cover the most basic cases of data protection breaches. The effect of this is that citizens are vulnerable and the government and large corporations have the power to evade retribution for acts which compromise personal data. There was no law on privacy until the case of Entick v Carrington3 where it was clarified that a warrant is needed to be on a citizen’s property, the court found that to infringe a persons space (or property) was to interfere with their privacy. Indeed, this lack of clarification is a problem for the judicial system. The absence of a specific tort of privacy has meant that the courts have had to deal with the defects of the law in the sense of ‘putting old torts on the Procrustean bed and stretching them out of shape to meet new requirements’4. This could be used as an argument for a tort of privacy. However, the most recent judgement in relation to this problem has presented a potential stumbling block. Lord Justice Mummery asserted in the case of R v Wainwright5 that the proposition of a privacy act would bring more problems and claimed that the public was in fact entirely uninterested in the concept. This 1Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (first published 2 March 2015) 2 Kevin D Haggerty & Richard V Ericson, The New Politics of Surveillance & Visibility (University of Toronto Press, 2006) pp363-384 3(1765) 19 How St. Tr. 1030 4Basil Markesinis,Colm O’Cinneide,Jörg Fedtke and Myriam Hunter-Henin, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October 5 [2001] EWCA Civ. 2081, at para. 42
  • 3. assertion contradicted previous judgements by Lord Cottenham LC who called for a tort of privacy in the case of Prince Albert v. Strange6 and Lord Denning who spoke in support of Lord Mancroft’s Privacy Bill7 in the House Of Lords. The Jurisprudential Foundations Of Privacy (i)The courts previously relied on breach of confidence in relation to privacy. Lord Nicholls defined this as “[the imposition] of a duty of confidence whenever a person receives information he knows or ought to know is fairly and reasonably to be regarded as confidential”8 There is no doubt that there has been significant development in relation to this area of law as seen in cases such as Creation Records v News Group Newspapers9 and Douglas v Hello! Ltd10 where it was decided in both judgments that to publish information that could be considered private was a breach of confidence. This was in contrast to the case of Malone v Metropolitan Police Commissioner11 where the judge decided that the interception of phone calls was not deemed a breach of confidence12. However, it is clear that there is still dissatisfaction in regards to breach of confidence in privacy law. This is reflected by A.Morgan who argues that ‘the development of the law of confidence since Douglas & Zeta-Jones is only the latest artificial and unsatisfactory attempt to stretch the fabric of an existing tort to fit privacy within its straitjacket.’13 (ii)The current laws governing the protection of personal data are incoherent (see appendix); a clear example of this is The Data Protection Act 1998 (DPA). The unsatisfactory nature of legislation relating to privacy and the disclosure of the EU Data Protection Directive of 1995, which required Member States to protect people's fundamental rights and freedoms, in particular their right to privacy with respect to the processing of personal data led to the enactment of the DPA. The DPA is designed to provide safeguards for both the consumer and the company. The question that needs to be asked however is whether the Data Protection Act succeeds in the purpose it was designed for? Firstly, it must be clarified that the Data Protection Act at the time of its enactment was one of the 6(1849) 1 Mac.&G.25, 47. Privacy was the interest that had really been affected in this case. 7HL Debates, Vol. 229, col. 638. 8Lord Nicholls in Campbell v MGN Ltd [2004] A.C.457 at 464-5 9[1997] EMLR 444 10[2005] EWCA Civ 595 11[1979] Ch 344. 12 Megarry VC in the case of Malone v Metropolitan Police Commissioner “ No doubt a person who uses a telephone to give confidential information to anothermay do so in such a way as to impose an obligation of confidence on that other: but I do not see how it could be said that any such obligation is imposed on those who overhear the conversation, whether by means of tapping or otherwise.” 13 A.Morgan “Privacy, Confidence & Horizontal Effect: Hello Trouble” (2003) 62 (2) Cambridge Law Journal 444
  • 4. most significant advances in laws relating to privacy in the United Kingdom. Nevertheless, the Data Protection Act is a deeply flawed piece of statute. This is part down to the fact that it was enacted in a different era where data was not so important and detailed as it is now. More significantly, however is the concept that the government does not want to protect personal data to the extent the public want. Hence, it could be argued that the Data protection Act is a smokescreen, enacted so that the United Kingdom would comply with the EU directive in the most minimal manner possible. Simon Davies agrees with this notion, suggesting that the Act, ‘was written with the express intention of ensuring that data protection administration was weak, because this government saw data protection as a potential roadblock to profitable commerce.’14 Indeed this quote has never been more relevant in the United Kingdom with the recent news of the enactment of the Investigatory Powers Bill which will allow the police, intelligence services and the National Crime Agency ‘to be given powers to view everyone’s entire internet history.’15 Is it a plausible suggestion that the government are truly interested in protecting our personal data? David Anderson, the Independent Reviewer of Terrorism Legislation commented on the extent of the data protection problem in the United Kingdom, ‘noting that he knew of no other Western countries which forced service providers to retain “weblogs” and that new Australian legislation had been drafted in such a way as to prevent that happening’.16 So, what are the weaknesses of the Data Protection Act? Essentially, all the principles in schedule 117; more specifically the restrictive nature of the listed principles. It is clear that the principles act to cover the most basic protection of personal data. However, they only cover the surface of the protection of personal data; hence linking in the previously stated notion that the government has used the Act as a way of avoiding criticism from the general public. John Harris’ article on privacy sheds light on the depth of the problems with the Data Protection Act; or more specifically the incompetencies of the act. In this article it was stated that Credit reporting agency’s have access to 14 John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 15’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be-given-powers-to-view-everyones-entire-internet- history-34155192.html> accessed 30th October 2015 16’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be-given-powers-to-view-everyones-entire-internet- history-34155192.html> accessed 30th October 2015 17 Data Protection Act 1998 Schedule 1
  • 5. ‘very detailed personal information.’ In addition, they can “do more or less what they choose, and exempt themselves from any liability. That is unheard of anywhere else in the world.”18 Another, and possibly the most significant weakness of the DPA is the undeniable concept that it is outdated. Modern technology has developed far beyond the capabilities of the act. As the laws regarding privacy and specifically the data protection act remain idle, technology continues to develop and this is troublesome for the protection of personal data. This is evident in Moore’s Law, which is an observation made by Gordon Moore that data density had doubled every 18 months. The DPA does not have the capabilities to deal with the modern technology that was developed to handle the influx of personal data. Daniel B Garrie commented on this by suggesting that the, ‘laws seem to always lag behind human creativity’19. The problems that this can cause are disastrous. The problems with DPA 1998 are continuous and will remain that way unless action is taken; so, what modifications need to be made to the Act to ensure that personal data is protected? It is clear that significant modifications need to be made to the existing principles in schedule 120. C Raab sets out precisely what the DPA should look like; ‘…Data should be collected fairly and lawfully, kept for specified and legitimate purposes and not used incompatibly with them. They should be adequate, relevant and not excessive in relation to their purposes: accurate and not outdated: held only as long as necessary, and held securely. Especially sensitive information should be specially safeguarded. Data subjects should be able to have access to their data and get them corrected if necessary, and to obtain remedies.’21 (iii)It is clear that laws relating to privacy in the United Kingdom are not satisfactory, however they have developed significantly due to the introduction of the Human Rights Act 1998. ‘Few can doubt that the United Kingdom Human Rights, in incorporating the ECHR and in particular the guarantee of the right to privacy in Article 8 of the convention…is having a considerable effect on the developing protection of human privacy in English common law.’22 18John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 19Garrie, D. & Wong,R., ‘Social Networking Opening the Floodgates to Personal Data.’ [2010] Computer and Telecommunication Law Review. 20Data Protection Act 1998 Schedule 1 21 Raab, C.,’Co-Producing Data Protection’ (1997) International Review of Law, Computers and Technology 11-24 22Basil Markesinis,Colm O’Cinneide,Jörg Fedtke and Myriam Hunter-Henin, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October
  • 6. Article 8 of the ECHR is the right to respect for privacy and family life. The importance of Article 8 is seen in the case S and Marper v United Kingdom23 where it was held that holding DNA samples of a person acquitted of a crime is a violation of the right to privacy under Article 8. This case reveals potentially the most important features of the article, its open-ended nature in relation to matters that concern privacy.24 As a result of this policy, this means that member states including the United Kingdom are bound by this rationale. It is clear that the impact of Article 8 was revolutionary in European Law. Unfortunately, the United Kingdom have not executed themselves in line with the article to the same extent other member states have. For example, in Germany. In line with Article 8, Germany has put in the effort to ensure that they have conducted themselves in the most lawful manner. This is seen clearly in their laws relating to Facebook. People in Germany are not obliged to use their real name on Facebook; they can use a fake name. German courts ruled that people have a right to use a pseudonym name in line with EU law.25 (iv)The Freedom Of Information Act26 (FOI) was issued with the objective that it creates public “right of access” to information held by public authorities.27 The Act was intended ‘to amend the Data Protection Act 1998 and the Public Records Act 1958’28. Previously, the United Kingdom had no legislation that obligated the public sector to make information available to the general public.29 Initially the FOI Act was promising as it was based on the1997 white paper, ‘Your right to Know’ which was met with widespread enthusiasm.30 However, it is clear that the FOI Act is not the promising act that was expected. It is evident that the scope of the provisions in the Act have been significantly limited. This opinion is reverberated by Hazel Robert in which she warned before the 23 S and Marper v United Kingdom [2008] ECHR 1581 24 Bernadette Rainey, Elizabeth Wicks, Clare Ovey, Jacobs, White & Ovey: the European Convention on Human Rights (12 August 2014) 334 25 Facebook in Germany privacy battle over users'fake names (BBC News, 29 July 2015) <www.BBC.co.uk/news/technology-33702674> accessed 4th November 26 Freedom Of Information Act 2000 27 Freedom Of Information Act 2000 s.1 28 ‘Lucy A.Dalglish,State Open Government Law and Practice in a post 9/11 (World Lawyers and Judges Publishing Company Inc Oct 2007) 29Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November 30Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November
  • 7. release that the ‘FOI risks becoming a hollow shell’.31 Consequentially, Hazel Robert’s warning has become a reality. Lord MacKay divulged into the weaknesses of the FOI Act by stating that provisions that allow ministers to veto applications create a “get out clause” essentially rendering the bill “toothless”.32 The FOI Act has many more exemptions than any other bill relating to Freedom of Information in similar democratic societies. The question again must be raised, are the government truly committed to protecting our data? The United Kingdom Data Protection Reformation (i)The power the government and large corporations have with the control of our personal data is alarming. This could be potentially devastating, ‘Control over personal information is control over an aspect of the identity one projects to the world’33. The laws relating to privacy in the United Kingdom do not protect data. Essentially leaving every citizen extremely vulnerable. Therefore, it is clear that a major reform is needed to ensure privacy laws in the United Kingdom adequately protect data. So what can be done to improve data protection in the United Kingdom? Firstly It is evident that the law should be more proactive in protecting our data. They should not wait for some major controversy before adapting our privacy laws. Instead they should look at potential problems and actively seek to amend that area of law. (ii)Furthermore, Privacy laws in the United Kingdom need to be more extensive in covering matters which relate to data protection. The courts need to be rigorous with matters concerning data breaches. French law should be extensively employed to aid the government in covering data protection matters. The Cour de cassation have established that every citizen is entitled to privacy.34 The case of Le Grand Secret is a classic example of where French courts have ensured that a 31Hazel, Robert, ‘Commentary on The Freedom of Information White Paper’ <http://www.ucl.ac.uk/spp/publications/unit-publications/19.pdf.> accessed 4th November 32Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation-information- commissioner> accessed 3rd November 33 Agie P.E., Rotenberg M.(eds), ‘Technolgy & Privacy, The New Landscape’ MIT Press, [1998] 34 Civ. 1ère 23 October 1990, Bull. civ., n°222
  • 8. person, no matter what their public position are entitled to privacy.35 However, recent developments have proven that there is more leniency in the release of personal information if it concerns a public person.36 Therefore, the protection of information belonging to an ordinary citizen in France is of the upmost importance and if this is not adhered to the French Courts have the ability to act to uphold ones privacy. (iii)There should be a publicity campaign to bring awareness to the issue of data protection in the UK. The citizens should know what their rights entail. This would allow them to form their own opinion on data protection laws; meaning that as a democracy, society can dictate what should be done to improve the protection of personal data in the UK. (iv)The United Kingdom needs a Privacy Act which focuses entirely on matters which protects and upholds an individuals privacy. The benefit of having one Act that entirely focuses on privacy is that ordinary citizens will know their rights. This would bring publicity to the issue of data protection and allow for consistent development to the law of privacy. (v)The Information Commissioner (IC) who governs data protection should be given more powers. Currently the IC oversees the protection of data with the DPA and the FOI. They have the ability to fine corporations diminutive amounts of money. It is clear that the IC should be allowed to impose significant fines and embargoes on corporations that have violated data protection laws. This would act as a deterrent and ultimately decrease violations of data protection. (vi)Finally, there should be an independent specialist council to oversee issues and potential problems relating to data protection such as the Article 29 Working Party. This would mean that there would be a group of highly qualified legal persons who could focus entirely on the area of data protection. They would review the laws governing data protection and give expert advice to states regarding their data protection laws. Essentially, this would allow that specific problems relating to data protection are dealt with in an attentive manner. Furthermore, the specialist council would be able to prevent potential data breaches. Conclusion 35The case of Le Grand Secret concerns the former President of the Republic François Mitterrand and the injunction placed on the publication of a book of which details of his illness took place. See E. Agostini, “Le grand secret “,D.1996, p. 58; G. Memeteau, “L’honneur d’un Président “, G.P.1996.II., p. 754 36Cf. Civ. 1ère 23 April 2003, D.2003, n°28, p. 1854, note C. Bigot.
  • 9. It is evident throughout this essay that the laws in the UK which protect personal data are incoherent and flawed. There are ultimately two main factors which have determined this conclusion. Firstly, there are too many pieces of legislation governing data protection. Secondly, current legislation only covers the most basic of personal data breaches. This is clearly the case with the examples which have been given. The laws relating to privacy in the United Kingdom do not compare to more rigorous legislation of model member states such as France or Germany. As previously stated, the United Kingdom have exacted themselves in the most minimal manner possible regarding Article 8 of the Human Rights Act. The reason for this can not be pinpointed, however there is strong indication that the government do not want data of citizens to be out of their reach. Data must be protected using sufficient safeguards in the form of legislation. Presently, the United Kingdom are in a crisis of privacy; if data protection laws do not change then the United Kingdom could face a disaster.
  • 10. Table Of Legislation: • Criminal Justice Act 1988, s.39 • Criminal Justice and Public Order Act 1994 • Data Protection Act 1998 • Freedom Of Information Act 2000 • Human Right Act 1998, Article 8 • The Justices of the Peace Act 1361 Table Of Books: • Agostini E, “Le grand secret “,D.1996, p. 58 • Dalglish L,State Open Government Law and Practice in a post 9/11 (World Lawyers and Judges Publishing Company Inc Oct 2007) • Haggerty K & Ericson R, The New Politics of Surveillance & Visibility (University of Toronto Press, 2006) pp363-384 • Lyon D,The Electronic Eye: The Rise of Surveillance Society (University of Minnesota Press, 1994) 22 • Memeteau G, “L’honneur d’un Président “, G.P.1996.II., p. 754 • Reniner (1997) pp.1004-1005 • Rainey B,Wicks E, Ovey C, Jacobs, White & Ovey: the European Convention on Human Rights (12 August 2014) 334 • Schneier B, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World (first published 2 March 2015) Table Of Journal Articles: • A.Morgan “Privacy, Confidence & Horizontal Effect: Hello Trouble” (2003) 62 (2) Cambridge Law Journal 444
  • 11. • Garrie, D. & Wong, R., ‘Social Networking Opening the Floodgates to Personal Data.’ [2010] Computer and Telecommunication Law Review. • Raab, C.,’Co-Producing Data Protection’ (1997) International Review of Law, Computers and Technology 11-24 • Agie P.E., Rotenberg M.(eds), ‘Technolgy & Privacy, The New Landscape’ MIT Press, [1998] Table Of Online Journal Articles: • Hazel, Robert, ‘Commentary on The Freedom of Information White Paper’ <http://www.ucl.ac.uk/spp/publications/unit-publications/19.pdf.> accessed 4th November • Markesinis B,O’Cinneide C,Fedtke B and Hunter-Henin M, ‘Concerns and Ideas about the Developing English Law of Privacy’ Institute of Global Law <http://www.ucl.ac.uk/laws/global_law/publications/institute/docs/privacy_100804.pdf> accessed 31st October • Walsh R, ‘Human Nature-why surveillance is a way of life’ (2 June 2015)<www.bestvpn.com/blog/1259/human-nature-surveillance-way-life/> accessed 23rd October Table Of Reports: • HL Debates, Vol. 229, col. 638. Table Of Online Newspaper Articles: • John Harris, ‘The John Harris Files’ (The Guardian,Saturday 5 April 2008)<http://www.theguardian.com/uk/2008/apr/05/privacy> accessed 10th October 2015 • ’Police to be given powers to view everyone's entire internet history’(The Belfast Telegraph,Friday 30 October 2015)<http://www.belfasttelegraph.co.uk/technology/police-to-be- given-powers-to-view-everyones-entire-internet-history-34155192.html> accessed 30th October 2015 • Facebook in Germany privacy battle over users' fake names (BBC News, 29 July 2015) <www.BBC.co.uk/news/technology-33702674> accessed 4th November • Freedom Of Information Act 2000 (The Guardian, Monday 18 May 2009) <http://www.theguardian.com/commentisfree/libertycentral/2009/may/18/freedomofinformation- information-commissioner> accessed 3rd November
  • 12. Appendix Laws Currently governing Data Protection In the UK: • Data Protection Act 1998 • Article 8 Of the European Convention of Human Rights • The Regulatory Investigatory Powers Act • Protection from Harassment Act 1997 • Data Retention and Investigatory Powers Act 2014 • Freedom of Information Act 2000 • The EU Data Protection Directive 1995