Hardback RRP stlg.22.50, ISBN 1 85521 381 8
Copyright © 1995 Simon Davies. First published in Web Journal of Current Legal Issues in association with Blackstone Press Ltd.
Much of present day interest in privacy stems from the growth of information technology and widespread concern over the potential for computers to intrude into the lives of individuals. Indeed, in 1971 - only a generation ago - the emergence of a Big Brother State was the single greatest public fear in Britain. For fifteen years, the breathtaking growth of computer technology had fuelled public anxiety. Huge repositories of personal information were being constructed, and many people genuinely feared these would merge into a central databank. Backbenchers in Parliament responded by introducing a variety of troublesome privacy bills, all of which were designed to clip the wings of computer technology. The government, in this case representing the interests of computer users, was keen to derail these hindrances. So, in 1971, as part of a deal to silence the backbenchers, it established the Younger Committee to investigate the subject of privacy.
One of the first tasks of the Committee was to conduct an opinion poll. The result was a surprise to everyone. Of all the concerns - nuclear war economic depression or communist infiltration - none attracted greater fear and hostility than the threat that the government might construct a central computer databank. A generation ago, George Orwell's vision was a nightmare still waiting to happen.
This extraordinary level of public concern was not lost to the mandarins of UNESCO. In 1970 it asked the International Commission of Jurists (ICJ) to prepare a report on privacy and personal data. At the time few countries had addressed the subject of computerised data, though it was the subject of many books and reports. It was to be another three years before the first national data protection law was enacted in Sweden.
The ICJ handed in its report in 1972, and its findings reflected a mood that in time fostered the enactment of specific laws in several countries. By the mid 1980s, a dozen nations had enacted Data Protection Acts based on a number of privacy principles formed at an international level over the preceding fifteen years. At that point, in 1985, UNESCO requested the ICJ to revise the original study. The new study was undertaken by Paul Sieghart, who looked after it until his untimely death in 1988. James Michael, of the Faculty of Laws of University College London continued the research after that point.
Privacy and Human Rights is the result of these efforts. It is a timely publication, especially as the European Parliament is likely in the next year to pass a common directive on Data Protection, obliging all member States to formulate wide ranging domestic law in the field. Currently, Italy and Greece do not have any data protection law. Others countries, particularly the UK, have laws which are fundamentally weak in several respects. These shortcomings will have to be addressed within three years.
James Michael has provided a succinct overview of the issues that have led to the formation of privacy law. He details the structures that have been adopted for the protection of privacy (Nordic, Common and Civil law as well as international instruments), and he discusses the relationship between technology, information, and the individual that have been the cause of much concern throughout the world. He then outlines the legislative situation in two dozen countries, explaining the background to the particular approach taken in each country.
Michael also discusses some of the peculiarities of information in a modern age. He devotes considerable space to an eloquent and thoughtful overview of the conundrum of transborder data flows, where information is transmitted across national or regional borders, often passing to, or through, areas of greater or lesser protection than existed at source. The question which faces the source country is whether its data should be allowed to flow to areas where lesser protection exists. The data protection laws of several European countries have for years contained external affairs powers to block the passage of data in such circumstances. Rarely have they been used. Nevertheless, at the European and the global level, commitments have been pursued to ensure the free flow of data, and these are outlined in the book.
The text could best be described as a useful contribution to the scant body of literature in this field, though it contains little that is novel or original. Not since Wayne Madsens Data Protection Handbook (McMillan 1992) has there been a compendium of international protections. Unfortunately, James Michael's work is now very dated, and certainly does not add anything to Madsens book. It appears to be current at 1991, a fact which is mentioned only in passing in the Preface. Since that time, much has changed. The Czech Republic, Hungary, Hong Kong, Taiwan, Belgium, Switzerland and Spain, among other countries, have enacted data protection laws, many of which are anticipated by but not detailed in this book. Likewise, the text does not mention the dozen or so current Bills before parliaments, including those of Bulgaria, Croatia, Estonia, Poland and Lithuania. There are also several new constitutions, such as that of South Africa, which now refer to privacy.
This shortcoming is a constant irritation. Much has changed even within those countries with established laws. Quebec, for example, now has private sector privacy legislation, a development of profound importance to the future of North American protection of data.
Another disappointment is that James Michael follows the unfortunate example of previous privacy texts by failing to demonstrate precisely why information privacy (as opposed to the more traditional notion of privacy) is a human right. Michael makes a brief effort to draw together some evidence and thinking on the matter, but he - like so many others - fails to make the case for anyone but the converted. The balance of privacy and other rights is hardly dealt with. A pity, because privacy is being rapidly eroded for want of an eloquent defence. Many countries are not convinced that privacy is a human right. Even those which have passed data protection laws are often loath publicly to acknowledge privacy as a human right, preferring instead to interpret it as a set of strict legal conditions relating to the quality and nature of data. The mere act of bringing the words Privacy and Human rights together in the title of a book is not going to convince an international community which, far from feeling more passionate about privacy, is moving to isolate its effect from the mainstream of law enforcement, revenue and commerce. The fate of the European Data Protection Directive bears eloquent testimony to this trend. All European nations worked in their own manner to dilute the text, and have thus succeeded in gutting many of its original provisions.
It is not surprising that this stance has been adopted. Contrary to the optimism of privacy advocates, the reality is that the public no longer regards privacy as a central concern. Ever since the fading of the Big Brother nightmare of a generation ago, privacy has become a concern recognised more in opinion polls than in the reality of peoples' day to day lives. The greatest threat to privacy is that it is being rapidly eroded by the twin abrasives of voluntary surrender and legal exemption. Legislators, by and large, have little interest in countering these forces.
None of this is discussed in Michael's book. The text is a straightforward account of the measures taken to establish privacy protection, and not an assessment of the success or otherwise of those measures. As far as it goes, James Michael does provide a superb summary of the most important legal and historical elements. However, given the pressing need for a broad and dynamic look at privacy, it is a pity that an author with such outstanding ability was constrained by such a narrow mandate.