Thursday, October 13, 2011

EPDS, net neutrality, privacy & UK Commission on Bill of Rights

Following the EDPS's opinion on net neutrality, traffic management and the protection of privacy and personal data, I've sent the Commission on a Bill of Rights an addendum to my original response to their discussion paper, Do we need a UK Bill of Rights. A copy follows.
As an addition to my response of Friday, August 26, 2011, and in particular the use and activities of the private/corporate sector in circumventing or ignoring human rights obligations and the potential for constitutional net neutrality principles to counteract such behaviours, could I draw your attention to the Opinion of the European Data Protection Supervisor, Peter Hustinx, on net neutrality, traffic management and the protection of privacy and personal data.

In my original response I suggested:

"I would suggest bringing the private sector into the remit of the bill of rights in relation to:

    Right to respect for private and family life, home and correspondence (Article 8);
    Freedom of thought, conscience and religion (Article 9);
    Freedom of expression (Article 10);
    Freedom of peaceful assembly and association (Article 11);
    Right to an effective remedy (Article 13);
    Prohibition of discrimination (Article 14).

On articles 9, 10 and 11 it may be possible to address these alternatively through technological architecture obligations and principles of net neutrality.  I recognise that the consideration, drafting and implementation of such provisions are likely to be complex but however it is done the private sector cannot be provided with a free pass to ignore fundamental rights."

Mr Hustnix analysis provides an insight into how such net neutrality provisions could also provide support for the protections of Article 8. He concludes:

"85. ISPs' increasing reliance on monitoring and inspection techniques impinges upon
the neutrality of the Internet and the confidentiality of communications. This raises
serious issues relating to the protection of users’ privacy and personal data.

86. While the Commission’s Communication on the open internet and net neutrality in
Europe briefly touches on these issues, the EDPS feels that more should be done
in order to come to a satisfactory policy on the way forward...

89. ...additional legislative measures may be necessary. In
such a case, the Commission should put forward policy measures aiming at
strengthening the legal framework and ensuring legal certainty. New measures
should clarify the practical consequences of the net neutrality principle, as this has
already been done in some Member States, and ensure that users can exercise a real
choice, notably by forcing ISPs to offer non-monitored connections."

Whilst he refers in his conclusion to legislative rather than constitutional measures, he makes the point in the body of the report that article 8 privacy principles are sacrosanct and technology neutral; and government, corporate or incidental/inbuilt technological feature bypassing of those principles is unacceptable.
Just a reminder that the Commission's discussion paper is the first step in their programme of public consultation. You can respond via or to their address. The deadline for responses is 11 November 2011.

Wednesday, October 12, 2011

TSA gone wild

Nice graphic from Jason Powers on airport security.

TSA Gone Wild
Via: forkparty.

Update: Edited links for accurate attribution.