It seems to have been a long time coming, but as predicted earlier in Getting closer to Base Camp: the sherpa's are unpacking the tents, it has arrived.
Privacy has now been placed on the agenda of the world’s leadership. It has been inching its way there for some time in forums that get very close to the leadership.
The World Economic Forum, for example, has grappled with aspects of privacy for a few years now. Most recently it has sponsored the preparation of a report on “Personal Data: The Emergence of a New Asset Class” where the importance of privacy and trust frameworks is emphasised, even if only as a facilitator of greater sharing of personal information that is also safe. The Forum in its Global Information Technology Reports, has previously the importance of good data protection if the emergence of cloud computing is to reach its full potential.
Indeed, there have been some notable initiatives aimed at better global cooperation in the protection of personal information when it is handled in multiple jurisdictions. APEC has led the way with its Pathfinder on Cross Border Privacy Rules with a Crossborder Privacy Enforcement Arrangement at its bedrock. The ambitious project on ensuring accountability for the management of personal information has involved privacy leaders from large corporations and privacy regulators.
But as data processing becomes increasingly borderless through such developments as cloud computing and global counter-terrorism programs, and public awareness of their impact on the safety of personal information grows, there is a growing recognition of the limitations of current privacy initiatives.
There is also a growing recognition of the subtlety and cultural nuance of the issues involved, captured brilliantly by Omer Tene in “Privacy in Europe and the United States I Know It When I See It”, an opinion piece for the Center for Democracy and Technology on 27 June 2011.
So, eventually it had to happen. One of the G-8 leaders placed privacy on their agenda. Not surprisingly, as a first look at the issue, it proved to be controversial, with commercial interests especially making stout claims about their own trustworthiness and about the deadening effect of further regulation.
Hence the ensuing Communiqué addressed the issue, but did not actually commit to concrete action. Titled “Renewed Commitment for Freedom & Democracy” and issued by leaders after their meeting in Deauville France on 26-27 May 2011, the relevant paragraph states that:
“16. The effective protection of personal data and individual privacy on the Internet is essential to earn users' trust. It is a matter for all stakeholders: the users who need to be better aware of their responsibility when placing personal data on the Internet, the service providers who store and process this data, and governments and regulators who must ensure the effectiveness of this protection. We encourage the development of common approaches taking into account national legal frameworks, based on fundamental rights and that protect personal data, whilst allowing the legal transfer of data.”
But that won’t be the end of it. Domestically, the pressures for action grow, especially in the United States as described very succinctly by Peter Swire in “Why privacy legislation is hot now” in The Hill, on 23 June 2011.
Even in Australia, as the reform of privacy law here seems to get ever slower, a surprising number of parliamentary committees call for change, including the recent report by the parliamentary Joint Select Committee on Cyber-Safety as neatly captured in “Small business privacy laws in parliamentary crosshairs”, iTnews on 21 June 2011 and the Senate Standing Committee on Environment and Communications report on The adequacy of protections for the privacy of Australians online that was tabled on 7 April 2011.
As the further globalisation of the handling of personal information continues, these issues will return to the leaders’ agenda with increasing importance and need for action.
It may take years, but substantive action at the global leadership level will happen.
Note: An earlier version of this opinion piece appeared in the iappANZ Monthly Bulletin, June 2011 edition.
Malcolm Crompton is Managing Director of Information Integrity Solutions (IIS), a globally connected company that works with public sector and private sector organisations to help them build customer trust through respect for the customer and their personal information. Malcolm is a former Australian Privacy Commissioner. He was also foundation President of the International Association of Privacy Professionals, Australia New Zealand, www.iappANZ.org.