IGF 2020 WS #223 Privacy & Access: upholding HRs in times of crisis

Thematic Track

Organizer 1: MARIUS LUKOSIUNAS, UNESCO
Organizer 2: Guilherme Canela De Souza Godoi, UNESCO
Organizer 3: Rachel Pollack, UNESCO
Organizer 4: Guilherme Canela Godoi , UNESCO

Speaker 1: Pansy Tlakula , Government, African Group
Speaker 2: Ailidh Callander, Civil Society, Western European and Others Group (WEOG)
Speaker 3: Bertoni Eduardo, Government, Latin American and Caribbean Group (GRULAC)

Moderator

Guilherme Canela Godoi , Intergovernmental Organization, Latin American and Caribbean Group (GRULAC)

Online Moderator

MARIUS LUKOSIUNAS, Intergovernmental Organization, Intergovernmental Organization

Rapporteur

Rachel Pollack, Intergovernmental Organization, Western European and Others Group (WEOG)

Format

Debate - Auditorium - 90 Min

Policy Question(s)

Policy questions: - Trends around the world related to the protection of access to information and privacy and complementarity and interdependence of access to information and privacy regulation in times of crisis. - Good practices in the field of law and policymaking ensuring implementation of access to information and data protection laws in times of crisis. - Policy novelties, introduced during the COVID 19 outbreak, in managing ATI requests and protecting privacy in line with international standards. - Policy and awareness oriented action undertaken by stakeholders to protect access to information and privacy as human rights in moments of crisis?

Potential iissues may include: - What trends have been observed around the world in recent years related to the protection of access to information and privacy? - In what ways is access to information and privacy complementary and interdependent? How can laws foster this complementarity? (e.g, confidentiality of journalistic sources; transparency of personal data policies and practices by internet companies…) - What are the biggest risks faced, and what urgent steps are needed? - What good practices exist for ensuring implementation of access to information and data protection laws in times of crisis? - How can the rights to access to information and to privacy be respected by governments and private sector actors, during and after the COVID-19 pandemic? - What was learned about the effectiveness and necessity of modifications of legal regimes and practices related to access to information and privacy during the COVID-19 crisis? (as well as privacy) during the crises? - Which novelties in managing ATI requests and protecting privacy were acceptable from the point of view of international standards? - Has the thinking of major stakeholders been modified because of the outbreak? What action can stakeholders take to protect access to information and privacy as human rights in moments of crisis?

SDGs

GOAL 16: Peace, Justice and Strong Institutions

Description:

Amid moments of crisis, such as this year’s public health and socioeconomic crises caused by the COVID-19 pandemic, governments face new challenges. In many cases, they have had to rapidly review some of the procedures aimed to provide access to official information and protect the privacy of citizens. This has often posed additional challenges to interpreting the scope and application of these two fundamental rights. Deciding on the availability of access to information and the applicability of restrictions to the right to privacy exemption are among lessons to be learned vis a vis future public health crises. It is especially important since the two rights – access and privacy – are often monitored and implemented by the same institutions. There is a growing consensus that life-saving actions and informed policy decisions depend on access to information, especially in times of crisis. Limiting the right to information does more harm than good, and the public’s access to official information must be implemented based on existing international norms and principles. The COVID-19 pandemic, what UN Secretary-General Antonio Guterres has called humanity’s greatest threat since World War II, has required many countries to review their activities and resources in many fields, including access to information and privacy. While some governments have proactively released public health data, others have gone in the other direction, clamping down whistleblowers, attacking journalists, restricting free speech, and shutting off access to the internet and social messaging platforms and services. Any restrictions to these rights should be justified; for example, limits to accessing public information could legitimately be permitted if authorities of particular institutions are overburdened by extraordinary demand, or to protect the health of staff members are under quarantine measures for their own health and safety. Any limitations on access to official information, including the suspension of specific legal clauses, must be laid out by law, have a legitimate aim, be necessary and proportionate to the aim of protecting public health, and limited by the duration of the crisis. The panel will discuss how to achieve both – adjust to the crisis and uphold the right to information. Another issue related issue to be addressed by the panel is the impact of the right to privacy during the COVID-19 pandemic, particularly through the use of digital technologies. In recent years, the rapid development of new digital technologies and services, including artificial intelligence and algorithmic decision-making, has presented new questions related to the right to privacy. Such technologies have allowed for the collection and sharing of unprecedented amounts of data. At the same time, this data is often collected, used and held by private sector companies for the purpose of personalized advertising, in some cases posing direct threats to the right to privacy. The release of some such data-sets risks revealing sensitive health information, especially when triangulated. In addition, technologies for mass surveillance to trace the spread of the virus and the enforcement of quarantine measures—including through geolocation, facial recognition and thermal checks—present unique risks to privacy and personal data protection. Often implemented by governments in partnership with tech companies, more transparency is needed to ensure that the processes for the collection, processing and retention of data follows data protection requirements and international human rights standards This session will share good practices regarding how to uphold the right to access information and the right to privacy, as well as strengthen proactive disclosure of information and ensure enabling environments for all, and in particular journalists and whistleblowers, in times of crisis.

Expected Outcomes

The discussions will lead to recommendations on how to improve national policies in these areas and how to guarantee that the regulators’ actions are in line with international standards for human rights. These recommendations will mainly be informed by what was learned about the effectiveness and necessity of modifications of legal regimes and practices to access to information and privacy / data protection laws during the crises. Recommendations on how to improve the protection of access to information and to privacy may include: (i) education and capacity building for national institutions (through massive open online courses (MOOC), open educational resources (OER), and training- programs (ii) sharing good practices in the field of implementation, in particular based on UNESCO’s national survey of SDG 16.10.2 on public access to information (iii) strengthening measures aimed to ensure rights to access information and to privacy by representatives of special/vulnerable groups. (iv) addressing the challenges to the right to information and the right to privacy in times of crisis from the point of view of international standards. In addition to these recommendations, the discussions will directly contribute to shaping UNESCO’s work in these areas. This will include supporting Member States in the implementation of right to information laws, providing technical advice to data protection authorities and information commission, building the capacities of judges and regulators, applying UNESCO’s media development and internet universality indicators at national level, shaping reports submitting to the Human Rights Council’s Universal Periodic Review, and producing research including through the 2021 global edition of UNESCO’s series on World Trends in Freedom of Expression and Media Development

The session is conceived as a debate, with a strong role being played by the moderators in involving the invited speakers and audience in contributing to the achievement of the key expected outcomes of the session. The moderator will introduce the session with context and then invite speakers to address briefly for no more than three minutes (total 45'). Following the discussion with the subject matter experts, the moderator will open the floor for questions and comments from the in-person and remote participants (45'). Depending on the room, either microphone will be available for participants to queue, or one or two persons will circulate with roving mics.

Relevance to Internet Governance: Freedom of expression, access to information and privacy have long been recognized as core topics for internet governance. While there is global consensus that these rights should be protected (such as through the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights), their application and interpretation in the digital age is still under debate. Norms and rules on these issues vary by country, with a lack of consensus posed by the flow of data enabled from digital technologies and services, including social media platforms and messaging service and emerging technologies such as artificial intelligence. Bringing together stakeholders from around the world is needed to exchange ideas and good practices, and to identify ways forward. In addition to international organizations, the private sector, and civil society, this session will include data protection authorities and information commissioners, stakeholders who have traditionally not participated in the IGF but have much to add to enrich these debates.

Relevance to Theme: Access to information and privacy are fundamental human rights and important pillars for achieving the 2030 Agenda for Sustainable Development, particularly Sustainable Development Goal 16.10 on peace, justice and strong institutions. Trust in digital technologies requires the individuals know how their personal data is being collect, processed and retain – which is in turn predicated on transparency from governments and private sector companies. Trust must be built among all stakeholders, in a multi-sector manner that empowers users. Without trust, people may abandon or wall off their use of the internet, leading to fragmentation, and threatening the human rights-based, open, accessible a multi-stakeholder nature of the internet (UNESCO’s concept of internet universality).

Online Participation

 

Usage of IGF Official Tool. Additional Tools proposed: The session will take steps to integrate remote participants as equal members in the discussion. Notably, the remote moderator will have a microphone and will be in close contact with the in-person moderator, to signal when questions or comments are received and to adapt as situations arise. In order to ensure a large number of remote participants, the session will be promoted by UNESCO on its website and through its Field Offices.