From the response to Parliamentary questions (in Dutch) it emerged this week that there is no specific legal basis for the secret use of drones by police in the
Without a specific legal basis in accordance with Article 8 paragraph 2 ECHR, every police drone constitutes an inadequate means of criminal investigation that shouldn't be used. Therefore the use of such drones should be suspended with immediate effect. In individual criminal cases, it is up to the judge to exclude information gathered with police drones from legal proceedings as it concerns unlawfully obtained evidence.
Privacy First hereby makes an urgent appeal to the Dutch House of Representatives to institute a moratorium on the further use of drones. Such a moratorium should only be lifted after a broad democratic debate has taken place and the use of drones has been properly regulated. In case the current Dutch situation will continue to be politically tolerated, Privacy First reserves the right to enforce a moratorium in court.
As of 2 October 2012, the new Dutch National Human Rights Institute (College voor de Rechten van de Mens, CRM) will open its doors. Recently the Institute under formation established the essential pillars of its policy for the coming years, namely 1) care for the elderly, 2) immigrants and 3) discrimination on the labor market. However, of all human rights, in recent years the right to privacy is worst off in the Netherlands. Contrary to the above mentioned pillars (that concern vulnerable groups of people), the right to privacy appertains to anyone who finds him or herself on Dutch soil. In essence this has turned the entire Dutch population into a vulnerable group, especially in comparison to the situation in other countries where the protection of privacy is much better regulated. A few years ago the right to privacy was even about to become a complete illusion in the Netherlands. In May 2009 this state of affairs led to the foundation of the Dutch Platform for the Protection of Civil Rights (Platform Bescherming Burgerrechten) in which various non-governmental organisations (NGOs) have joined forces. This week the Platform sent the below appeal (co-authored and signed by Privacy First) to the chairman of the future National Human Rights Institute, Laurien Koster:
Dear Ms. Koster,
Today, of all human rights, the right to privacy finds itself under the most pressure. Therefore, it is with concern that the Platform for the Protection of Civil Rights recently took note of the three essential pillars of the National Human Rights Institute for the coming years, namely 1) care for the elderly, 2) immigrants and 3) discrimination on the labor market. Not willing to take anything away from the social importance of these three pillars, in this letter we ask you to still consider adopting privacy as one of the pillars of your Institute.
In recent years, there seems to be the tendency in the Netherlands to confront every social problem with a standard formula, that is say, more digital registration, more linkage of files, opening up systems and central databases that become accessible to ever more officials and third parties, restriction of professional autonomy, preventive controls and profiling. It seems as if people, especially politicians, influenced as they are by the media and the vox populi – which in turn is affected by the media – think that these instruments exert a certain control over society that should lead to more order, tranquillity and security. In our opinion the opposite effect is increasingly the case. After all, digitalization implies that the quantity of data that is stored of every citizen becomes ever greater and less clear and less controllable. This especially applies to data that have been inserted or linked up erroneously or that are obsolete. The exponential growth of digital registrations sees a dramatic increase in risks of data leakages while new forms of identity fraud and identity theft arise. This means that the insecurity of digital systems becomes a direct threat to citizens. Furthermore, there’s a risk that citizens become their own digital ‘doubles’ through digital profiling. This implies that the autonomy of the free citizen who participates in society – a characteristic so very important in a democratic constitutional State – is seriously put at stake.
Going back to a society without the Internet or digital files is by no means what we advocate for (if it were possible anyway). However, a sensible use of technological means, among which data storage, biometrics and other such technological assets, will be necessary to retain our democratic constitutional State and affiliated fundamental rights. Particularly in these times of unforeseen technological possibilities we should once more realize how important the fundamental principles of our society are. Therefore, it should every time be assessed what is within the boundaries of acceptability and to what extent possible alternatives on a human scale, such as personal contact but also assistance and service, are desirable or necessary.
Privacy constitutes the basis of our democratic constitutional State. Without privacy many other human rights are at issue, among which are the right to confidential communication and freedom of speech, non-discrimination, freedom of movement, association and assembly, demonstration, culture and religion, press freedom as well as the right to a fair trial. Apart from that we observe that in the Netherlands the right to privacy can only rely on patchy protection by government supervision, that is to say, it only concerns the protection of personal data. As far as the protection of personal privacy in the broadest sense of the word is concerned (and this includes the inviolability of the home and the right to physical integrity) there is hardly any government supervision. Moreover, with regard to the realization and compliance to as well as the protection and promotion of the right to privacy in conjunction with other human rights, government supervision is lacking altogether. It is especially in these areas that your Institute has added value and can help overcome the ‘human rights gap’ that has come into existence in the Netherlands in recent decades.
We hope that your Institute will still make the right to privacy one of its policy pillars. If you wish, the organizations that together form the Platform for the Protection of Civil Rights are happy to supply you with information and advice.
On behalf of the participants of the Platform for the Protection of Civil Rights I remain respectfully yours.
chairman of the Platform for the Protection of Civil Rights
On behalf of the Platform participants:
Humanistisch Verbond (Humanist Association)
Stichting KDVP (KDVP Foundation; Dome of DBC Free Practices)
Stichting Meldpunt Misbruik ID-plicht (Contact Point on Abuse of Mandatory Identification)
Ouders Online (Parents Online)
Stichting Privacy First (Privacy First Foundation)
Burgerrechtenvereniging Vrijbit (Civil rights society Vrijbit)
Jacques Barth (on behalf of Stichting Brein en Hart i.o. (Brain and Heart Foundation under formation)
Joyce Hes (advisor to the Platform for the Protection of Civil Rights)
Kaspar Mengelberg (on behalf of DeVrijePsych (The Free Psychiatrist))
A pdf version of this letter can be found HERE (in Dutch)
Update: in a written reply (pdf) the Institute under formation notifies that in the Netherlands there is indeed ‘‘still a lot to be done to safeguard the right to privacy’’. The Institute also acknowledges the limited mandate of the Dutch Data Protection Authority (College Bescherming Persoonsgegevens). However, for the time being the Institute sticks to its intended strategic agenda. Nevertheless, in the future (also the coming three years) the Institute ‘‘can’t and won’t distance itself from problems when realizing the right to privacy’’. Privacy First will be eager to remind the Institute of this in urgent cases.
"Courts are investigating the legality of a European Union regulation requiring biometric passports in Europe. Last month, the Dutch Council of State (Raad van State, the highest Dutch administrative court) asked the European Court of Justice (ECJ) to decide if the regulation requiring fingerprints in passports and travel documents violates citizens’ right to privacy. The case entered the courts when three Dutch citizens were denied passports and another citizen was denied an ID card for refusing to provide their fingerprints. The ECJ ruling will play an important role in determining the legality of including biometrics in passports and travel documents in the European Union.
The Dutch Council referred the question of legality to the ECJ, arguing that the restrictions on privacy do not outweigh the ostensible aim of fraud prevention, and questioning the RFID technique. The Council also questioned whether fingerprints could be safeguarded so that they would only be used in passports or identity cards and not in databases for other purposes (known as function creep). The four cases that prompted this challenge to the biometric passport regulation are suspended pending the ECJ’s response.
The Netherlands has mandated fingerprints in passports and ID-cards since 2009. The Dutch biometric Passport Act is the misshapen offspring of the European Regulation compelling security features and biometrics in passports. The Regulation mandates that passports include two fingerprints taken flat in interoperable formats.
The Netherlands' storage of a biometric database was suspended in 2011, following privacy concerns as well as questions over the reliability of biometric technology. The Mayor of the City of Roermond reported that 21 percent of fingerprints collected in the city could not be used to identify any individuals. In April 2011, the Dutch Minister of Interior, in a letter to the Dutch House of Representatives, asserted that the number of false rejections was too high to warrant using fingerprints for verification and identification. Currently, only fingerprints stored in Radio Frequency Identification (RFID) chips embedded in ID documents are being collected.
The Amsterdam-based Privacy First Foundation (Stichting Privacy First) appreciates the critical stance on biometrics taken by the Dutch Council of State in line with the position taken by a German court: "We hope the ECJ will soon rule that the European Passport Regulation is invalid both in a formal, procedural sense (having been improperly adopted in 2004) and in a material sense (violating the human right to privacy and data protection). In the meantime, we hope the Dutch Parliament will scrap compulsory fingerprinting for Dutch ID cards as soon as possible."
A government proposal to this effect is currently before the Dutch House of Representatives.
The Dutch Council concerns echo questions raised by a German court earlier this year regarding the legality of the German biometric passports with RFID chips. The German court has questioned whether the EU regulation is compatible with the Charter of Fundamental Rights of the European Union (EU Charter) and the European Convention of Human Rights (ECHR). The German case was preempted when a German citizen, Michael Schwarz, refused to provide his fingerprints to obtain his new passport and the City of Bochum decided not to issue him one.
Mr. Schwarz argued that the regulation infringes privacy as protected under the ECHR and the EU Charter. In this case, the German court argued that the European Union has no legislative competence to enact rules on standards for security features and biometrics in passports as there is no direct relation of such rules to the protection and security of EU external frontiers.
The German court decided that the requirement of biometric data in passports is a “serious infringement” on privacy, arguing that the measure does not satisfy the proportionality test of being appropriate, necessary, or reasonable."
Read the entire article (including sources) on the website of the Electronic Frontier Foundation (EFF) HERE.
In the context of a public consultation, the Dutch Ministry of the Interior recently requested Privacy First to react to the current government proposal to revise Article 13 of the Dutch Constitution (right to confidentiality of postal mail, telephone and telegraph). Below are our comments on the current draft of the legislative proposal (click HERE for the original Dutch version in pdf):
Ministry of the Interior and Kingdom Relations
Deputy Director for Constitutional Affairs and Legislation
Mr. W.J. Pedroli, LL.M.
PO Box 20011
2500 EA The Hague
Amsterdam, 29 December 2012
Re: Comments by Privacy First on the revision of Article 13 of the Constitution
Dear Mr. Pedroli,
On October 16th 2012 you requested the Privacy First Foundation to react to the draft legislative proposal to revise Article 13 of our Constitution. Privacy First is grateful for your request and is happy to hereby provide you with critical comments. In the first place, Privacy First fully endorses the desire of this government to modernise the current, archaic Article 13 of the Constitution. However, Privacy First regrets the fact that the government has not seized the opportunity to also renew and reinforce other ‘fundamental rights in the digital age’.
In the view of Privacy First, the first and third paragraphs of the current draft legislative proposal to revise Article 13 of the Constitution form powerful anchors for a future-proof right to confidential communication. The first paragraph rightly upgrades the old confidentiality of postal mail, telephone and telegraph to a technology-independent (or technology-neutral) confidentiality of mail and telecommunication. The third paragraph forms a correct guarantee for the horizontal effect thereof. Moreover, Privacy First endorses the broad interpretation that is being given by the draft Explanatory Memorandum (EM) to various relevant concepts. However, the second paragraph of the draft proposal contains a systematic imbalance which, in times less democratic, could endanger the rule of law in our society. It is precisely this paragraph which most of Privacy First’s criticism is focused upon. Other points of criticism concern compulsory notification towards citizens in the event that special powers have been used by the intelligence and security services, traffic data as well as the lack of a comparative legal section in the EM.
Judicial authorisation and national security
The EM rightly states that "in light of Article 13 (...) the protection of citizens against violations by the government is paramount, especially in light of the actions by the police and intelligence services. Demanding a judicial authorisation under the Constitution provides a strong and clear constitutional guarantee." It is therefore incomprehensible that in the second paragraph of the draft legislative proposal the domain of national security is being excluded from judicial supervision. After all, where the concentration of power is supreme, judicial checks and balances should be the most potent to prevent any (future) abuses of power. In light of European history, the exception in paragraph 2 is in fact entirely irresponsible: unfortunately, even in our part of the world a democratic constitutional State is not a static matter of fact. Apart from that, the current draft proposal sends out a dangerous signal to foreign governments. Furthermore, Privacy First deems the exception in paragraph 2 unwise in view of possible technological developments in the (far) future. The same holds true in relation to the (further) expansion of the notion of ‘national security’. Also in the future, the Dutch population needs to be protected against arbitrary violations of confidentiality of communication; in this regard the current wording of paragraph 2 offers no guarantee whatsoever.
Adding an extra ‘judicial layer’ would strengthen the current system of internal and external supervision on the intelligence and security services (and hence reinforce our democratic constitutional State). In this regard, the system of judicial supervision in a country like Canada could be a source of inspiration. Such judicial control would also be in line with the case-law of the European Court of Human Rights:
“The Court has indicated, when reviewing legislation governing secret surveillance in the light of Article 8 [ECHR], that in a field where abuse is potentially so easy in individual cases and could have such harmful consequences for democratic society as a whole, it is in principle desirable to entrust supervisory control to a judge.”
In light hereof, the current wording of paragraph 2 is not expedient. Privacy First thus advises a revision of this paragraph as follows:
“This right can be restricted in cases defined by law with the authorisation of a judge or, in the interest of national security, with authorisation from one or more ministers appointed by law.’’ [lining through by Privacy First]
As a possible alternative to the introduction of judicial supervision in the security domain, Privacy First advises to upgrade the existing Dutch Review Committee on the Intelligence and Security Services (CTIVD) into a more powerful, independent supervisory body, similar to the Belgian or German model with overall compulsory inspections beforehand instead of random supervisory inspections afterwards.
A second point of criticism concerns the lack of an explicit constitutional notion of compulsory notification in the event of any infringement of the confidentiality of mail and telecommunication. Compulsory notification provides legal protection to citizens and contributes to the correct enforcement of law by the government, also in the security domain. Like judicial authorisation, this offers the best guarantuees against short-term as well as long-term violations.
From Privacy First's point of view, traffic data too need to fall within the scope of Article 13 of the Constitution. These data are often related to the content of communication; this even follows from the text of the EM itself, where text messages ('SMS') and the email subject line are rightly mentioned as examples. The same goes for instance for search terms in search engines. Apart from that, it is possible to deduce the content of communication between individuals and/or companies from traffic data in conjunction with other data (possibly collected in real-time). So here too, a vigorous regime of Article 13 of the Constitution in conjunction with judicial supervision is essential.
Finally, in the current EM Privacy First misses a comparative legal paragraph in which current Article 13 of the Constitution is compared with constitutional best practices from countries with either a civil law or a common law tradition. Additionally, with a new Article 13 of the Constitution that is state-of-the-art internationally, the Netherlands could positively distinguish itself and to some degree regain its former position as a leader in human rights.
Privacy First hopes that this advice will be of use to you. We are willing to give clarifications on the above points upon request.
Privacy First Foundation
Director of Operations
 EM, at 18, 20.
 Compare EM at 11, 1st paragraph.
 ECHR 22 November 2012, Telegraaf vs. Netherlands (Appl.no. 39315/06), para. 98. Compare also ibid., paras. 98-102.
 EM, at 18.
Update 8 February 2013: see also the critical comments by the Netherlands Committee of Jurists for Human Rights (NJCM), Bits of Freedom and the newly established Netherlands Institute for Human Rights (in Dutch).
This morning in Geneva the long-awaited Universal Periodic Review (UPR) of the Netherlands took place before the Human Rights Council of the United Nations (UN). In the run up to this four-year session, the Privacy First Foundation and various other organisations had emphatically voiced their privacy concerns about the Netherlands to both the UN and to almost all UN Member States; you can read more about this HERE. The Dutch delegation for the UPR session was led by Interior Minister Ms. Liesbeth Spies. The opening statement by Spies contained the following, remarkable passage about privacy:
"The need to strike a balance between different interests has sometimes been hotly debated in the Dutch political arena, for example in the context of privacy measures and draft legislation limiting privacy. The compatibility of this kind of legislation with human rights standards is of utmost importance. This requires a thorough scrutiny test, which is guaranteed by our professionals and institutions. Improvements in this regard have been made when necessary, especially in the starting phase of new draft legislation. This has been done in the field of privacy, where making Privacy Impact Assessments (PIAs), describing the modalities for the planned processing of personal data, are compulsory now." (pp. 5-6, italics Privacy First)
A "thorough scrutiny test" and compulsory Privacy Impact Assessments are the terms that positively stand out for Privacy First.
Prior to the UPR session, the United Kingdom had already put the following questions to the Netherlands: "Given recent concerns about data collection and security, including the unintended consequences of cases of identity theft, does the Netherlands have plans for measures to ensure more comprehensive oversight of the collection, use and retention of personal data?" (Source) On behalf of the Netherlands, Minister Spies responded to this question in Geneva this morning saying: "On the review of our laws on data protection, The Netherlands are currently working on a legislative proposal on data breach notification, following announcements of this proposal in the present coalition agreement. The proposal, which would require those responsible for personal data to notify the data protection authorities in case of "leakage" of personal data with specific risks for privacy (including identity theft), is expected to be tabled in Parliament in the coming months." This answer is rather concise and unfortunately it doesn’t contain any new elements. However, a new Dutch law on compulsory notification for data leakages will hopefully become a best practice for other UN Member States. The credits for this go to our colleagues of the Dutch NGO Bits of Freedom who have worked on this for a long time.
During the UPR session Estonia called the protection of privacy and personal data a "human rights challenge of the 21st century". Morocco then asked a critical question about the privacy issue: "Quelles sont les mesures concrètes entreprises par les autorités néerlandaises pour sécuriser l'utilisation des donnés personnelles?" ("What are the concrete measures taken by the Dutch authorities to protect the use of personal data?") The Philippines also raised the issue of the right to privacy, but only in these words: "The Philippine delegation appreciates the frank assessment of the Netherlands of the obstacles and challenges it has to hurdle in the implementation of the right to privacy especially in the area of protection of personal information." The comments by Greece, India, Russia and Uzbekistan were more content-focused. Greece addressed the practice of preventive searches: "We take note of reports regarding the issue of preventive body searches. We recommend that the Netherlands ensure that in its application of preventive body searches, all relevant human rights are adequately protected, in particular the right to privacy and physical integrity and the prohibition of discrimination on the basis of race and religion." India exhorted the Netherlands on ethnic profiling of citizens: "We encourage the Dutch Government to take concrete measures to combat discrimination including discrimination by the Government such as ethnic profiling." Russia too advised the Netherlands "to introduce measures to stamp out discrimination arising as a result of the practice of racist, ethnic or religious profiling." The Netherlands was addressed about this very issue by Uzbekistan as well: "We are concerned over the existence of information on the increasingly broad use by the police of racist profiling."
As a reaction to these points Minister Spies referred to recent research by the Dutch police, scientists and the National, the Amsterdam and the Rotterdam Ombudsman about preventive body searches, discrimination and ethnic profiling. With regard to digital profiling (in general), she moreover proclaimed the following: "In its recent proposal for a general Data Protection Regulation, the [European] Commission has included rules on profiling, which can address the problems associated with profiling and the protection of personal data. The Netherlands endorses the need for clear legislative rules with regard to this topic, given the specific challenges for privacy protection that this technique entails. This is also the background against which the Netherlands welcomed in 2010 the Council of Europe Resolution on this topic, which contained a useful definition of profiling that would also be beneficial for inclusion in the [European] Commission proposals. The Netherlands will draw attention to this ongoing discussion in Brussels. The Regulation, once in force, will be directly applicable in the Netherlands."
By and large this is a reasonable result, given that up until now the privacy issue had hardly played any role at all within the UN Human Rights Council. However, it’s a shame that most countries still hardly dare to confront this issue, let alone ask specific and critical questions about it. Many of the recommendations by Privacy First have not been touched upon during this UPR session, although diplomats in Geneva and The Hague had earlier shown great interest in them. Perhaps they were stopped by their Foreign Affairs departments in capital cities because many privacy issues are also sensitive in their own domestic politics? Who knows... However, the fact remains that the international community was informed by Privacy First well in advance, which was part of the reason that the Dutch UN delegation headed by Minister Spies was properly focussed on the job at hand. This can only be to the benefit of general awareness and the protection of privacy, both inside and outside the Netherlands. In the end, for us this is what it’s all about.
Update 4 June 2012: This afternoon, a working group of the Human Rights Council adopted a draft report on the Dutch UPR session. The final version of this report will be adopted by the Human Rights Council in September 2012, accompanied by a (motivated) acceptance or rejection by the Netherlands of each individual recommendation in the report. Furthermore, this will also be discussed by the Dutch House of Representatives.
A total of 49 countries have taken part in the Dutch UPR session. It is noteworthy that Belgium, Italy and Austria did not take part in the session (although Belgium and Italy had in fact enrolled beforehand). As far as Austria is concerned this is particularly regrettable, because of all the UN Member States it was actually Austria which had in advance expressed the most interest in the Privacy First UPR shadow report and had intimated to be able to make a powerful, overall recommendation to the Netherlands about the right to privacy.
Update 21 September 2012: This morning, the UN Human Rights Council discussed its recommendations to the Netherlands. The Dutch Permanent Representative in Geneva declared which recommendations have been accepted or rejected by the Netherlands; see this UN document and this video. The two recommendations by the Human Rights Council that related to ethnic profiling and preventive body searches have both been accepted by the Netherlands under the following clarification:
- ethnic profiling: "The Dutch government rejects the use of ethnic profiling for criminal investigation purposes as a matter of principle." About profiling in a more general sense: "In its recent proposal for a General Data Protection Regulation, the European Commission included rules on profiling that address problems that may arise due to the increasing technical possibilities for in-depth searches of databases containing personal data. The Netherlands endorses the need for clear legislative rules on this subject, given the specific challenges for privacy protection that this technology entails." (Source, 98.57 & n. 75).
- preventive body searches: "The power to stop and search is strictly regulated in the Netherlands. The mayor of a municipality may designate an area where, for a limited period of time, preventive searches may be carried out in response to a disturbance of or grave threats to public order due to the presence of weapons. The public prosecutor then has discretion to order actual body searches and searches of vehicles and luggage for weapons." (Source, 98.74 & n. 95).
See also this statement by the Netherlands Committee of Jurists for Human Rights (Dutch abbreviation: NJCM) from this morning (video). Just like the NJCM, Privacy First regrets the lack of government consultation in the run up to today’s UPR session.
Below you can watch the 31 May 2012 UPR session in its entirety (click HERE for video segments of individual countries).
A broad international alliance of NGOs demands that there will be a European investigation into biometric data storage. Governments increasingly lay claim to people's biometric data (such as fingerprints), which are then stored on radio-frequency identification (RFID)-chips in passports and ID-cards. Some countries, such as the
The alliance of more than 60 organisations (including Privacy First) has urgently requested the Secretary-General of the Council of Europe, Mr. Thorbjørn Jagland, to request the countries concerned for an explanation about whether or not their legislation on these matters complies with the European Convention on Human Rights (ECHR) as speedily as possible. The alliance is of the opinion that a thorough investigation is to be conducted on whether the guarantees and criteria of human rights with respect to the necessity, proportionality, subsidiarity and security guarantees that the ECHR demands for the use of biometrics, are in actual fact being adhered to. This is very much put in doubt by a recent report of the Council of Europe.
It is actually worth pointing out that the idea for the current European enrolment and storage of biometric data has partly come into existence in the Council of Europe itself, that is to say, at the behest of a few working groups that devoted themselves to combating terrorism around 2004. One of these working groups was the Group of Specialists on Identity and Terrorism (CJ-S-IT) which operated under Dutch chairmanship. In April 2004, this working group made the following recommendation:
"The creation or development of systems which allow identity checks with reference
Give consideration to and promote research and ongoing cooperation between police
Meanwhile, it is up to that very Council of Europe to map European national laws that since that time have lost their balance in this area. Where national laws do not respect human rights, the Member States in question are to be called to order. Privacy First looks forward with confidence to the Secretary-General of the Council of Europe carrying out these duties.
The general philosophy of the Fair Information Principles
The most fundamental principle is notice. Consumers should be given notice of an entity's information practices before any personal information is collected from them. Without notice, a consumer cannot make an informed decision as to whether and to what extent to disclose personal information. Moreover, three of the other principles discussed below -- choice/consent, access/participation, and enforcement/redress -- are only meaningful when a consumer has notice of an entity's policies, and his or her rights with respect thereto.
While the scope and content of notice will depend on the entity's substantive information practices, notice of some or all of the following have been recognized as essential to ensuring that consumers are properly informed before divulging personal information:
- identification of the entity collecting the data;
- identification of the uses to which the data will be put;
- identification of any potential recipients of the data;
- the nature of the data collected and the means by which it is collected if not obvious (passively, by means of electronic monitoring, or actively, by asking the consumer to provide the information);
- whether the provision of the requested data is voluntary or required, and the consequences of a refusal to provide the requested information; and
- the steps taken by the data collector to ensure the confidentiality, integrity and quality of the data.
Some information practice codes state that the notice should also identify any available consumer rights, including: any choice respecting the use of the data; whether the consumer has been given a right of access to the data; the ability of the consumer to contest inaccuracies; the availability of redress for violations of the practice code; and how such rights can be exercised.
In the Internet context, notice can be accomplished easily by the posting of an information practice disclosure describing an entity's information practices on a company's site on the Web. To be effective, such a disclosure should be clear and conspicuous, posted in a prominent location, and readily accessible from both the site's home page and any Web page where information is collected from the consumer. It should also be unavoidable and understandable so that it gives consumers meaningful and effective notice of what will happen to the personal information they are asked to divulge.
The second widely-accepted core principle of fair information practice is consumer choice or consent. At its simplest, choice means giving consumers options as to how any personal information collected from them may be used. Specifically, choice relates to secondary uses of information -- i.e., uses beyond those necessary to complete the contemplated transaction. Such secondary uses can be internal, such as placing the consumer on the collecting company's mailing list in order to market additional products or promotions, or external, such as the transfer of information to third parties.
Traditionally, two types of choice/consent regimes have been considered: opt-in or opt-out. Opt-in regimes require affirmative steps by the consumer to allow the collection and/or use of information; opt-out regimes require affirmative steps to prevent the collection and/or use of such information. The distinction lies in the default rule when no affirmative steps are taken by the consumer. Choice can also involve more than a binary yes/no option. Entities can, and do, allow consumers to tailor the nature of the information they reveal and the uses to which it will be put. Thus, for example, consumers can be provided separate choices as to whether they wish to be on a company's general internal mailing list or a marketing list sold to third parties. In order to be effective, any choice regime should provide a simple and easily-accessible way for consumers to exercise their choice.
In the online environment, choice easily can be exercised by simply clicking a box on the computer screen that indicates a user's decision with respect to the use and/or dissemination of the information being collected. The online environment also presents new possibilities to move beyond the opt-in/opt-out paradigm. For example, consumers could be required to specify their preferences regarding information use before entering a Web site, thus effectively eliminating any need for default rules.
Access is the third core principle. It refers to an individual's ability both to access data about him or herself -- i.e., to view the data in an entity's files -- and to contest that data's accuracy and completeness. Both are essential to ensuring that data are accurate and complete. To be meaningful, access must encompass timely and inexpensive access to data, a simple means for contesting inaccurate or incomplete data, a mechanism by which the data collector can verify the information, and the means by which corrections and/or consumer objections can be added to the data file and sent to all data recipients.
The fourth widely accepted principle is that data be accurate and secure. To assure data integrity, collectors must take reasonable steps, such as using only reputable sources of data and cross-referencing data against multiple sources, providing consumer access to data, and destroying untimely data or converting it to anonymous form.
Security involves both managerial and technical measures to protect against loss and the unauthorized access, destruction, use, or disclosure of the data. Managerial measures include internal organizational measures that limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. Technical security measures to prevent unauthorized access include encryption in the transmission and storage of data; limits on access through use of passwords; and the storage of data on secure servers or computers that are inaccessible by modem.
It is generally agreed that the core principles of privacy protection can only be effective if there is a mechanism in place to enforce them. Absent an enforcement and redress mechanism, a fair information practice code is merely suggestive rather than prescriptive, and does not ensure compliance with core fair information practice principles.
The Fair Information Principles as put into Canadian Law
Klik hier voor de bron.
These principles are usually referred to as “fair information principles”.
They are included in the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private-sector privacy law, and called "Privacy Principles".
Principle 1 — Accountability
An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.
Principle 2 — Identifying Purposes
The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
Principle 3 — Consent
The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
Principle 4 — Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
Principle 5 — Limiting Use, Disclosure, and Retention
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes.
Principle 6 — Accuracy
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
Principle 7 — Safeguards
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Principle 8 — Openness
An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Principle 9 — Individual Access
Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Principle 10 — Challenging Compliance
An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance.