Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2016
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Comments for a Panel-Session at the ACMA Information Communications Entertainment Conference, Canberra, 23-24 November 2006
Roger Clarke **
Notes of 21 November 2006
© Xamax Consultancy Pty Ltd, 2006
Available under an AEShareNet licence or a Creative Commons licence.
This document is at http://www.rogerclarke.com/DV/DigPriv-0611.html
The slide-set is at http://www.rogerclarke.com/DV/DigPriv-0611.ppt
This event is run by government, but for and about eBusiness. In a panel session on Digital Privacy, I was asked to provide some background on why privacy (still) matters.
Privacy is the interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations.
It involves multiple dimensions, including privacy of the physical person, privacy of personal behaviour, privacy of personal communications, and privacy of personal data.
For less brief treatment, see 'What's Privacy?', prepared for the current ALRC Inquiry into Privacy.
Reflecting its importance, privacy is declared as a fundamental human right. See the Universal Declaration of Human Rights (UDHR), the International Covenant on Civil and Political Rights (ICCPR), the European Convention on Human Rights, the Charter of Fundamental Rights of the European Union, and various national Constitutions and Bills of Rights. See the APF's resource-site.
People frequently assume that privacy is just a psychological need, that is felt primarily by the weak. And that privacy rights are easily traded off against other interests. But privacy is vital at many levels of human existence.
At the physical level, people's safety depends upon not being found at the wrong time by the wrong people.
At the psychological level, people without private space are reduced to automatons.
At the social and sociological level, people's behaviour is chilled by the continual threat of being observed.
At the economic level, people need privacy in order to feel free enough to experiment and innovate. Innovators are, by definition, 'deviant'.
At the political level, people need to be free to think, and argue, and act. Surveillance chills political speech, and undermines democracy.
At the philosophical level, humanism regards people as very important for their own sake. The concepts of human dignity, integrity, individual autonomy and self-determination play significant roles in many countries.
Privacy is an interest that has to be balanced against many other, often competing, interests. Privacy Protection is a process of finding appropriate balances between privacy and multiple competing interests.
The formulation of detailed, operational rules about privacy protection is a difficult exercise. Effective solutions depend on legal frameworks, constructive dialogues, codes and ongoing consultative processes, but also on laws, sanctions and enforcement regimes.
People's behaviour varies considerably depending on the context that they're in. Given how much excitement the first decade of the open, public Internet has brought with it, it's no surprise that cyberspace behaviour has made interesting watching.
But people have brought to cyberspace an ethos remarkably like what they display in local communities. Its key features are:
People are upset when other people breach that ethos, and they get upset about businesses that do it too.
Each new wave of malware has brought with it a surge in uncertainties, and a lurch in eBusiness growth. Spam undermined confidence in email. Viruses and worms undermined confidence in eCommerce. Phishing undermined confidence in Internet banking. Eventually, Microsoft could ignore the clamour no longer, and was forced to do something about the appalling security vulnerabilities in its software that were making it easy for even the most fat-thumbed crackers to break in.
Public concerns have already forced action in relation to spam, and now it's the turn of tele-marketing. Watch for more action in such areas as IETF-standards breaching cookies, web-bugs, adware and spyware.
But the lack of meaningful legal protections, and the substantial absence of regulatory action, are becoming real problems. The public is mightily unimpressed at the failure of ACMA and the TIO to exercise control over unreasonable actions by ISPs. The old ACA failed the test on ISP abuse of silent numbers, and controls over reverse white-pages. Now the regulation of IPND is lacking critical protections, and ENUM and RFID, not to mention biometrics, are threatening to run out of control.
Another sore point with the public is employer monitoring of staff email and web-usage. Perhaps the single most inadequate action by the (previous) Privacy Commissioner was to say that employers can do anything they like as long as they declare it in advance. His guidelines of 2000 remain in place, and they are very probably wrong at law, because courts always find balance-points. The law doesn't provide employers with unfettered powers in relation to visual and audio-monitoring or telephone interception; and they won't in relation to email and the Web either. But even it was correct in law, it's extremely bad advice for companies to pay heed to. Instead, use Electronic Frontiers Australia (EFA)'s carefully balanced Model Acceptable Use Policy for Employee Use of the Internet.
Claims have been made that 'Privacy is dead - Get over it'. And similar messages are peddled in less extremist flavours, suggesting that, in the digital world, people are less interested in privacy than they used to be.
Those arguments miss some vital points:
In the short term, the excitement generated by MySpace, Flickr, blogging and YouTube is over-riding privacy concerns. But, despite the wishful thinking of some people in both business and government, in the medium term, the excitement will subside and the privacy concerns will surge to the fore.
Because privacy is a fundamental human need, and recognised as a fundamental human right, it won't conveniently fade away. It will come back and bite privacy-invasive businesses.
APF 'Privacy Laws - Commonwealth of Australia' Australian Privacy Foundation, 2006
APF 'Privacy Laws - States and Territories of Australia' Australian Privacy Foundation, 2006
Clarke R. (2003) 'Publications Relevant to ePrivacy', Xamax Consultancy Pty Ltd, 2003, plus subsequent papers, 2004-06
EFA 'Privacy and Surveillance', Electronic Frontiers Australia Inc., 2006
EPIC 'EPIC Online Guide to Practical Privacy Tools' Electronic Privacy Information Center, Washington DC, 2006
Roger Clarke is a consultant who focuses on the strategic and policy aspects of eBusiness, information infrastructure, and dataveillance and privacy. He has been active in privacy matters since 1972, as advocate, researcher and consultant, and is probably the longest-serving privacy consultant in the country. He has published many papers on the topic, all since 1995 on his web-site, which has accumulated over 20 million hits. They include many papers on ePrivacy dating back to 1996, and the primary history of the Internet in Australia.
He is Principal of Xamax Consultancy Pty Ltd, based in Canberra. He has been a Board member of the Australian Privacy Foundation (APF) since its inception in 1987, and of Privacy International since its formation. He was a Board member of Electronic Frontiers Australia (EFA) from 2001 to 2005.
He is also a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., a Visiting Professor in the E-Commerce Programme at the University of Hong Kong, and a Visiting Professor in the Department of Computer Science at the Australian National University.
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 16 November 2006 - Last Amended: 21 November 2006 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/DigPriv-0611.html