Scribd Logo
Upload

Welcome to Scribd!

  • Presentation at Law Society Human Rights Conference 10 October 2015

    Uploaded by

    TJ McIntyre
    10K views29 pages
    These are the slides from a presentation by me at the Law Society Annual Human Rights Conference 2015. More details: http://www.tjmcintyre.com/2015/10/law-society-annual-human-rights.html

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    These are the slides from a presentation by me at the Law Society Annual Human Rights Conference 2015. More details: http://www.tjmcintyre.com/2015/10/law-society-annual-human-rights.html

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10K views29 pages

    Presentation at Law Society Human Rights Conference 10 October 2015

    Uploaded by

    TJ McIntyre
    These are the slides from a presentation by me at the Law Society Annual Human Rights Conference 2015. More details: http://www.tjmcintyre.com/2015/10/law-society-annual-human-rights.html

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 29

    Privacy online: current

    developments
    Dr TJ McIntyre, Digital Rights Ireland and
    UCD Sutherland School of Law

    Ireland has given


    rise to some
    important European
    cases

    Data
    Retention
    Challenge
    Digital Rights Ireland v.
    Minister for
    Communication and ors.

    (c) David Rooney

    Data
    Retention
    Challenge
    Digital Rights Ireland v.
    Minister for
    Communication and ors.

    (c) David Rooney

    Internet Map, 2005. CC BY 2.5 Opte Project

    Safe
    Harbor
    Challenge
    Schrems v. Data
    Protection Commissioner

    CC BY-NC-SA 2.0 Network Cultures

    With some interesting


    domestic law along the way
    Digital Rights Ireland Ltd v. Minister for Communication & ors
    [2010] IEHC 221
    Permitting the action to proceed as an actio popularis
    Refusing security for costs

    Schrems v. Data Protection Commissioner (unreported, 16


    July 2014)
    Granting Irelands first protective costs order limiting exposure
    to 10,000

    Amici curiae appointed in both cases

    And wide international


    impact

    But what other lessons can


    we draw from these cases?

    Some aspects are parochial

    Privacy is
    vital for
    Irish tech
    industry
    Ireland has become a
    battleground for access
    to user data

    But will
    Irish
    surveillance
    law stand up
    to scrutiny?

    No judicial approval
    for access to internet
    communications
    No stored
    communications law
    Misc. bodies have
    power to demand
    communications
    records without
    external approval
    Inadequate judicial
    oversight

    Compare the Report of the


    Designated Judge (March 2014)

    with the Data Protection Commissioner


    audit of AGS (March 2014)
    The Team referred to an audit it conducted of a technology
    company and how it had viewed a request from AGS to that
    company which cited the 2011 Communications (Retention
    of Data) Act as the legal basis to seek the data. The Team
    explained to AGS that the ODPC had advised the company
    that it was not covered under the 2011 Act.
    The situation where a request is made without the Chief
    Superintendents knowledge and signed/authorised
    retrospectively by the Chief Superintendent did notfollow
    the requirements specified in the 2011 Act. The Team
    advised AGS that all requests for call and internet traffic
    data should be authorised by the Chief Superintendent on a
    case by case basis rather than on an aggregate basis at the
    end of a particular time period.

    Some aspects are


    Europe-wide
    We now have two European human rights
    jurisdictions: What is the relationship between
    them?

    CC BY-SA 3.0 CherryX

    CC BY-NC-SA 2.0 Gwenael Piaser

    Article 52(3) Charter of


    Fundamental Rights
    In so far as this Charter contains rights
    which correspond to rights guaranteed by
    the Convention for the Protection of
    Human Rights and Fundamental
    Freedoms, the meaning and scope of
    those rights shall be the same as those laid
    down by the said Convention. This
    provision shall not prevent Union law
    providing more extensive protection.

    Review of surveillance measures


    ECtHR v. CJEU
    1.

    Privacy the main right

    1.

    Art. 8 ECHR

    Art. 8 CFR

    But also Art. 10

    2.

    Political authorisation of
    surveillance is acceptable

    2.

    Strategic monitoring acceptable


    subject to adequate safeguards
    against abuse

    Access to metadata must be


    approved by a judge or equivalent
    Digital Rights Ireland

    Kennedy v. UK

    3.

    Data protection als0 a


    fundamental right

    3.

    Access on a generalised basis to


    content compromises the
    essence of the right to privacy
    Schrems

    Weber & Saravia v. Germany

    4.

    Applies margin of appreciation

    4.

    5.

    Can review national security


    measures

    5.

    6.

    A court with teeth: supremacy and


    direct effect of EU law, guarantee
    of adequate and effective
    remedies, etc.

    6.

    A court of moral victories?

    Will surveillance by EU
    states be held to the
    same norms?

    US critics accuse the EU of


    hypocrisy
    The US official refused to
    address claims that there
    had been hypocrisy in
    Europe. But he stressed
    that the EU ruling would
    not address the concerns
    of European citizens
    worried about the
    surveillance by their own
    governments, since the
    ruling only covered
    transfers of data across
    the Atlantic.

    A US tech executive said


    the decision would be
    highly disruptive to the
    industry in the US and
    Europe. A lot of these
    issues of America using
    surveillance also apply in
    Europe, said the
    executive. So its
    ridiculous to see this as a
    one-way street.

    US tech companies overhaul operations after EU data ruling, Financial Times 6 Oct. 2015

    Winston Maxwell, Hogan Lovells Chronicle of Data Protection, 6 Aug. 2015

    Some
    aspects
    are
    worldwide
    Digital Rights Ireland and
    Schrems contribute to
    pressures for internet
    fragmentation
    Data localisation,
    blocking, geo-located
    censorship more
    common

    (c) Kaspersky, Kaspersky Security Bulletin, 2013

    Some
    aspects
    are
    structural
    Outsourcing surveillance
    reduces costs &
    encourages
    disproportionate use
    Giant private databases
    are a rich target for
    states and hackers alike
    Law is only a partial
    remedy
    Time for a move towards
    a decentralised internet?

    Thank you
    Questions or comments?
    DigitalRights.ie | TJMcIntyre.com | @TJMcIntyre

    You might also like