Friday, August 26, 2011

Response to Commission on a Bill of Rights

The Commission on a Bill of Rights established by the UK government in March this year has issued a discussion Paper, Do we need a UK Bill of Rights, the first step in their programme of public consultation. You can respond via or to their address. The deadline for responses is 11 November 2011. A copy of my response follows.

(1)   do you think we need a UK Bill of Rights?

Given the actions of the government, the media, the public and corporate sectors, the constant dilution, criticism and breaching (e.g. S and Marper v UK, 30562/04 [2008] ECHR 1581) of the Human Rights Act and other common law rights protections and the widespread development and deployment of modern communications technologies over the past 20 years, there is a case to be made that a Bill of Rights, covered by special constitutional supremacy protections, is increasingly necessary for the UK.

On the technology front alone it is worth bearing in mind the comments of European Data Protection Supervisor, Peter Hustinix, at the University of Edinburgh in the summer of 2011[1]:

 "Before 1995, the confidentiality of communications was a widely practiced rule. Interception or monitoring of communication was only allowed under strict conditions, subject to a series of safeguards."

Unfortunately now it seems confidentiality of communications is a widely ignored rule by the public and private sectors. Interception or monitoring of communication is commonplace on and offline.

It has been increasingly evident also, that government, under the glare and pressure of the 24 hour news cycle, requires robust constitutional constraints on their temptations to respond to complex socio-economic/political problems, such as the recent riots, with knee-jerk, liberty-undermining, ill-conceived legislation and/or irrational, populist mob ‘justice’ (e.g. the political pressure on the courts to issue excessively harsh sentences).

The prime minister’s idea, in the wake of the riots, of mandating control mechanisms in social media, for example, is at best unworkable and at worst will impede the activities of those trying to cope with emergency situations. Those very same networks are used by those in danger who through no fault of their own get caught up in a riot situation and emergency services trying to respond it. 

Additionally modern communications technologies and networks pervade all aspects of our lives these days in the UK, not just facilitating communications with friends, family and wider social circles but providing access to basic public and private services, education, employment, consumer markets.  Cutting access to these things on a mere suspicion involves an arbitrary interference with the right to communicate without due process, upending the principle of the burden of proof and applying pre-emptory criminal sanctions, potentially in the absence of any criminal act. It’s a short slippery slope from there to thought crimes (which arguably we already have in the UK with some of the anti-terrorism legislation already in place).  Such research as is currently available on this largely concludes that deep packet inspection that is fundamental to such activities is dangerous technology and that it :
  • is ineffective at blocking illicit material (false positive) and communications
  • blocks legal content (false negative) and communications
  • sometimes assists access to illicit material - eg organised gangs find it easy to get access to "secret" lists of banned communications
  • does not achieve the aim of removing nefarious communications from the Net
  • does absolutely nothing to protect society from criminal acts 
All states, including Western liberal democracies, want to block something and internet blocking is often based on vague arbitrary laws - you only have to look at the HADOPI regulations in France or the Digital Economy Act in the UK to see that.  The blocking also often relies on secret banned lists, collated by unaccountable quangos, public or private, in dark smoky rooms. These blocking provisions or banning orders additionally tend to ignore due process – those affected get to know about the blocking after the event and it can be difficult to challenge.

Yet the blocking is pretty easy to bypass by people who know what they are doing and criminal gangs who have ready access to people who can facilitate such circumvention.

More generally in the context of the bill of rights is the need to understand the power of the internet as a panopticon.  The internet applies the hard wired architecture of Bentham’s idea to the whole of society - the internet essentially facilitates mass surveillance of online activities and internet surveillance is linked to real world surveillance. Regardless of the relative amount of time we spend online we live in the real world.

In summary, the principle a bill of rights which confers and protects the civil and political rights of citizens and which has constitutional protections against parliamentary sovereignty is a sound one.  In practice I doubt the political will exists to give such a bill of rights supremacy over all other laws and over parliamentary sovereignty.  And if a new bill of rights is to be no more than a coalition government branded and diluted version of the Human Rights Act then there is little point in expending energy and resources pursuing it.

(2) what do you think a UK Bill of Rights should contain?

In principle it should minimally include the existing protections of the European Convention on Human Rights.

• Right to life (Article 2);
• Prohibition of torture or inhuman or degrading treatment or punishment (Article 3);
• Prohibition of slavery or servitude, or forced or compulsory labour (Article 4);
• Right to liberty and security (Article 5);
• Right to a fair trial (Article 6);
• No punishment without law (Article 7);
• Right to respect for private and family life, home and correspondence (Article 8);
• Freedom of thought, conscience and religion (Article 9);
• Freedom of expression (Article 10);
• Freedom of peaceful assembly and association (Article 11);
• Right to marry (Article 12);
• Right to an effective remedy (Article 13);
• Prohibition of discrimination (Article 14).
• Protection of property (Protocol 1,Article 1);
• Right to education (Protocol 1, Article 2);
• Right to free elections (Protocol 1, Article 3).

Additionally there has to be some provision tackling the increasing tendency of governments to sub contract activities to the private sector or other governments (in the case of torture) in a way which attempts to avoid/circumvent their human rights obligations. The US government’s mass, warrantless, unconstitutional, wiretapping activities were facilitated by the large telecom companies. The internet and associated technologies are largely controlled by the private sector, the primary interest of which is to make money not to operate in accordance with the principles of international human rights conventions.

I would suggest bringing the private sector into the remit of the bill of rights in relation to:

  • Right to respect for private and family life, home and correspondence (Article 8);
  • Freedom of thought, conscience and religion (Article 9);
  • Freedom of expression (Article 10);
  • Freedom of peaceful assembly and association (Article 11);
  • Right to an effective remedy (Article 13);
  • Prohibition of discrimination (Article 14).
On articles 9, 10 and 11 it may be possible to address these alternatively through technological architecture obligations and principles of net neutrality.  I recognise that the consideration, drafting and implementation of such provisions are likely to be complex but however it is done the private sector cannot be provided with a free pass to ignore fundamental rights.

I’m open to suggestions on how this aspect of the Bill would work.  It may be that a first step in the right direction would be for private sector organisations with substantial control of communications infrastructure to sign up to an internet charter of principles[2], based on the Convention and emerging constitutional-type principles of internet governance[3].

It is critical that respect for fundamental rights and the rule of law should apply to the operation of the internet and associated technologies. There should be no government or private sector secret compilations or deployment of secret blocking lists.  All restrictions of rights should be based on clear, accessible, transparent, foreseeable, proportionate, necessary, effective, regulations; no arbitrary unchecked authority, no bypassing of due process; absolutely no excuses for mass, suspicionless, warrantless surveillance e.g. data retention[4]; and these rules should not be limited to government and public sector activities but also apply to the private sector that effectively controls the technologies of the internet and, in a real practical sense, the control of the governance of the internet is inherent in the control of that  technological architecture.

(3) how do you think it should apply to the UK as a whole, including its four component countries of England, Northern Ireland, Scotland and Wales?

In principle, as far as possible, there should be no margin of appreciation in the application of the bill of rights to the constituent countries of the UK i.e. it should be applied consistently across the UK.

(4) having regard to our terms of reference, are there any other views which you would like to put forward at this stage?

Not at this stage.

[1] Public Lecture, University of Edinburgh, School of Law Edinburgh, 7 July 2011
"Do not track or right on track? – The privacy implications of online behavioural advertising"
[2] As suggested by Brown, I. and Korf, D. (2011) ‘Social Media, Political Activism and Human Rights’. Issue Paper for the Council of Europe Commissioner for Human Rights.
[3] For example, Council of Europe Recommendation CM/Rec(2008)6 of the Committee of Ministers to member states on measures to promote the respect for freedom of expression and information with regard to Internet filters.
See also UN General Assembly Human Rights Council Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression
[4] The EU Data Protection Supervisor, Peter Hustinix, has issued a strongly worded opinion saying the data retention directive is incompatible with the EU's privacy protections;.