Friday, 3 September 2010

The Privacy Debate

The Brunei mobile phone community will soon be able to access Blackberry services. The rumour mill suggests that September will be the likely launch date. Mainly targeted for business users, Blackberry has changed the way face of business by giving its users global availability. But what of the recent attempts by the Saudi and Indian governments to ban Blackberry's services? Are these merely overreactions which used to typify official responses in the early days to the threats posed by the Internet?

The complaint is based on the issue that RIM's Blackberry network is too secure that it prevents governments from monitoring data flowing on though its system. Governments justify the need to monitor in the name of national security. Opponents of this view call it spying and intrusion.

And there is where the crux of the issue lies - opposing concepts of privacy.

As with any legislative scheme, laws are passed according to the political, social and cultural developments within a given jurisdiction. Specific rules in any particular country have a governance function, reflecting the country’s choices regarding the roles of the state, market, and individual within the country’s political and social structure[1]. Laws relating to privacy are no different. The concept of privacy has not gained global consensus and this is true even among western nations which are seen as having better developed privacy norms based on a tradition and ideology of human rights. This is evident in the different approaches to privacy protection within the context of data protection laws of Europe and the United States.

For most countries in Asia, privacy concerns have arisen more out a response to the ‘rapid globalization of electronic communications network’[2] and is therefore more a response to specific societal or economic problems rather than a human rights based issue.

For example, in China, the word ‘privacy’ “隐私” is apparently a recent introduction into the Chinese lexicon – the closest word to ‘privacy’ previously was “隐情” which only conveyed the literal meaning of ‘hidden facts’ which was generally meant to infer criminal conduct, immoral behaviour or damage to public interests. The previously understood connotations in turn allowed the State the right to monitor ‘private’ information in the name of protecting public interest.

The patriarchal structure of Asian societies also gave rise to citizens who are accustomed to ‘routinely submitting personal information to authorities’ where politically, the modus operandi of the governments in the region is that of control’.[3] Privacy is hence given little or virtually no recognition, both explicitly and implicitly within the constitutions of ASEAN countries, although there have been development in the privacy arena. Comprehensive data protection laws grounded on privacy protection have been implemented within the Asia-Pacific countries of Australia, New Zealand and Hong Kong.

Nevertheless, the prevailing consensus is that data protection laws within the ASEAN region ‘remain considerably underdeveloped and in some countries, ‘still does not exist in any form’.[4]

The tussle between governments and RIM brings to the fore, the argument of whose version of privacy should prevail. RIM being a Canadian based company, will inevitably be bound by Canada's comprehensive privacy and data protection laws. RIM's co-CEO Michael Lazaridis' statement that the arguments made by these governments are based on primarily on their inability to deal with the Internet is oversimplifying the issue at hand. The arguments raised by both sides represent for me, a classic clash of civilizations.

Behind the socio-political arguments will always be the economic perspective. Technology like RIM's Blackberry services represent the modern face of doing business. Any attempts at blocking or preventing the advance of such technology carries the flip side of portraying a business-unfriendly environment or worse, the absence of a drive for economic progress.

Faced with the effects of globalized electronic communications networks, technological advances and the borderless nature of data flow which the Internet engenders, governments have had to balance their traditional  need for control against the inherent economic value in the transnational exchange of information and its uses. Countries who have recognised this fact have experienced enviable economic growth and these countries have also tended to deal with the thorny issue of privacy by taking a pragmatic side path by opting for socio-economic progress while not addressing the difficult question of where to place rights to privacy as against other rights.

I believe that the issue of privacy has come back to haunt and taunt those who have not paid sufficient attention to its development - or have merely paid lip service. In failing to do so, there could a point to Lazaridis' statement: "If they can't deal with the Internet, they should shut it off."

Would any one care or dare to take that challenge?


[1] Reidenberg J.R, Resolving Conflicting International Data Privacy Rules in Cyberspace, 52 Stan. L.R 1315 (May 2000) at p.1319

[2] Chik W., A Comparative Case Study of Hong Kong and Singapore - Two Differing Asian Approaches. IJL & IT 2006 14 (47)

[3] [4] Kennedy, Data Protection in the Asia-Pacific Region, Computer Law & Security Review, 25 (2009) 59-68


Anonymous said...

You have highlighted a very pertinent issue that will continue to baffle the constitutional, criminal and human rights lawyers alike not just in Brunei but everywhere else. When this UAE announcement came out, the issue of privacy as an individual right is of course a legitimate concern for everyone but at the same time there is a also national security concern. Unfortunately it is a sad fact that the middle east has been the hotbed of perpetrators of terrorist acts and understandably when this announcement was made the US Government did not come out condemning the announcement outright. The US Secretary of State Hillary Clinton was quoted in saying “we know that there is a legitimate security concern, but there’s also a legitimate right of free use and access. So I think we will be pursuing both technical and expert discussions as we go”

The perpetrators of the London and the Bali bombings were able to be identified and apprehended through the ability of the law enforcement and the intelligence agencies to use lawful interception technologies. I believe that many more crimes and terrorist acts or even attempted criminal acts that had been either solved or prevented from being committed through the use of such wiretapping technologies.

All countries one way or another have some form of laws that allows the practice of wire tapping or lawful interception. The telecommunication licenses issued to the telecommunication service providers will state a requirement for security agencies or law enforcement agencies the ability to access or “wiretap” communications. For instance in the U.S., telecommunications carriers are required by law to cooperate in the interception of communications for law enforcement purposes under the terms of Communications Assistance for Law Enforcement Act. The number of wiretaps authorized by state and federal judges in criminal investigations jumped 26 percent from 2008 to 2009. The Courts there authorized 2,376 criminal wiretap orders in 2009, with 96 percent targeting mobile phones in drug cases. Federal officials requested 663 of the wiretaps, while 24 states accounted for 1,713 orders. Not one request for a wiretap was turned down!

In Brunei, we do not have any specific law on wire tapping but at the same time there is no law that prohibits its use as a way to apprehend perpetrators of criminal acts or use any evidence acquired through wiretapping as evidence for the subsequent prosecution of the perpetrators. The general common law on the admissibility of evidence has always been that any evidence is admissible “if its probative value outweighs it prejudicial effect”. In fact certain laws like the Computer Misuse Act or the Prevention of Corruption Act do have specific provisions in the Acts for the law enforcement officers to request for any type of assistance from anyone (which according to my interpretation is wide enough to include request to wiretap lines from Telecommunication service providers) in carrying out their investigative powers.

What I think we should have is a clear position where all the legitimate concerns of the various stakeholders including the individual’s are raised and taken care of. I for one do not wish to see that lawful interception be used arbitrarily as it can open itself to abuse. Most countries adopt judicial approval before wiretapping can be done. Some countries adopt executive approval. To me as long as there is enough accountability and “check and balance” in the process and to my question “who watches the watchdog?” has been satisfactorily answered, wiretapping or lawful interception by law enforcement agencies or security services is unfortunately a necessary evil that we must learn to accept.

Stercusaccidit168 :-)

Anonymous said...

Well said. However, I am afraid that unless any stand is taken on which side of the privacy picket line Brunei will take, this will be a tricky issue to resolve. And we're not alone - Singapore's data protection laws has been delayed yet again, and my suspicion is that its due to the privacy tightrope that underpins any data protection legislation.