Measures to limit government surveillance over citizens online

Measures to limit government surveillance over citizens online
Marina L

In a progressively digital era, the lack of online data privacy has extensive political, legal, and social implications. Globally, almost all of the population has a digital footprint and can be identified in a data ecosystem, where citizens’ online data can be stored and analyzed, by intelligence agencies and law enforcement, for many purposes (“The Global”). Government surveillance of this data enables countries to trace cybersecurity threats, advertising companies to personalize their products through micro-targeting their audience, and innovative approaches to personal data that could allow for a more efficient society. However, the collection and access to private citizen data by governments can lead to breaches in democracy and violation of rights to privacy.  

The Cambridge Analytica and Facebook 2016 election scandal shed light on the issue of data privacy. British firm Cambridge Analytica used Facebook user data without consent to establish a target audience for political advertising profiles prior to the presidential elections. Similar concerns later occurred in Brazil’s 2018 presidential elections, both situations undergoing public scrutiny. Due to the substantial threat to democracy this imposed, it is a major global issue addressed by the United Nations (UN). The UN has determined that any government surveillance and cybersecurity policy must be user-centered, in alliance with human rights, and “necessary and proportionate” (Ben-Hassine).  

Many States have developed laws regarding cyber security that violate civil liberties and criminalize activities without basis in fundamental rights. Some include nationwide censorship, blocked online platforms, and law enforcement surveillance of user data, including private messages, calls or browsing history. These unrestricted legislations violate Article 12 and Article 19 of the Universal Declaration of Human Rights, prohibiting interference in one’s privacy and freedom of speech ("Universal Declaration"). Additionally, Article 19 of the International Covenant on Civil and Political Rights is also violated, which assures freedom of expression for all ("International Covenant"). A legal blueprint must be agreed upon, establishing basic requirements for surveillance laws to avoid government censorship and consequential self-censorship, as fear of punishment leads to less transparency and freedom online, fostering fear of self-expression. 

A common strategy in data storage is data localization within data residency law. This means user data created within a country’s premises is stored in that country. Due to government encryption and protection, this could be beneficial for cybersecurity. However, data localization can facilitate hackers’ access to a private data network, preventing it from being backed up globally and lessening internet flexibility and access. Although States, organizations, and citizens take different perspectives on the issue, data protection laws effectuated without citizen input are considerably anti-democratic, often aimed at national security and disregarding civil liberties. 

In some countries, severe measures of government surveillance have been taken. Some use artificial intelligence for mass surveillance, finding links between users, understanding the meaning behind posts and messages, even inferring location outside of the present time, and profiling based on data. The FATA Cyber Police in Iran has thousands of volunteers surveilling online speech and behavior. In China, citizen data is monitored and reported by recruited workers. In the United States (US), the State Department has been criticized for requiring social media information in visa applications (Shahbaz and Funk). In situations of social polarities, such as the Black Lives Matter movement and anti-Trump protesters, and even on the daily for lawyers, journalists, and activists, personal data is surveyed and monitored without consent or even awareness (Patel et al.). 

The innovative nature of data usage has expanded even more through the new concept of national digital identity programs. As has been proposed in some countries, these programs generally entail a biometric identification bill that uses citizen data to create a digital “ID”. To be put into effect, this would require extensive storage of personal data and biometric identifiers used for facial recognition, along with potentially utilizing geo-location technology. The presumptive benefit of this program would be an efficient identification process that could help streamline service and product processes for industries such as insurance, baking, and travel. It could also help resolve other global issues, such as the refugee crisis, by providing easy identification and enabling financial security, settlement, and job opportunities. Additionally, this concept could revolutionize economies through a greater rate of e-commerce, aiding in achieving the UN’s Sustainable Development Goals. 

Privacy International leader argues digital identity exceeds SDG scope on ID16.9 podcast

Image of biometric data used for national digital identities, as evaluated by Privacy International Senior Researcher Tom Fisher in Biometric Update.com (2022). 

However, in a 2016 North Africa proposal, a Member State failed to specify the extent of data collected, and who would be granted access to this personal data and suggested using artificial intelligence (AI) to complement digital identification. This hasty biometric identification bill posed threats of discrimination through AI and threatened the anonymity and security of data due to profiling fully based on user data. This proposal had many shortcomings, with considerable potential privacy and cybersecurity risks (Ben-Hassine). 

The United Nations Conference on Trade and Development produced a document outlining the requirements for digital identity legislation. Policies should prevent user profiling while allowing users to rectify and opt out of the data collected. Additionally, it encourages data minimization and non-centralized data storage, in combination with separate identification and authentication, to avoid facilitated transaction logs, lessening invasion of privacy and susceptibility to hackers (Ben-Hassine). Data protection should be the main priority by encrypting all data and limiting any monitoring or interception by the government without consent, along with a mandatory secure technology infrastructure. In a less tangible aspect, the policy must have transparent stakeholder relationships, with government accountability for any data breaches or vulnerability and user consent, ensuring a human rights foundation (Solomon). 

The Freedom of the Net organization provides analytical, global reports on online freedom and has recorded that 40 out of the 65 included countries have established social media surveillance programs (Shahbaz and Funk). In a perpetually modernizing world, the development of data technology can be revolutionary or oppressive. The UN and Member States’ focus is the development of an international consensus, determining mandatory guidelines for data privacy and government surveillance laws. These policies are necessary but only effective if limited to the boundaries of fundamental human rights and freedoms.  

 

 

Works Cited 

Ben-Hassine, Wafa. Digital Identity: Prioritizing Human Rights Presentation. UNCTAD, unctad.org/system/files/non-official-document/dtl_eWeek2018p15_WafaBen-Hassine_en.pdf. Accessed 9 Oct. 2022. 

---. "Government Policy for the Internet Must Be Rights-Based and User-Centred." UN Chronicle, United Nations, www.un.org/en/chronicle/article/government-policy-internet-must-be-rights-based-and-user-centred. Accessed 10 Oct. 2022. 

Burt, Chris. "Privacy International Leader Argues Digital Identity Exceeds SDG Scope on ID16.9 Podcast." Biometric Update.com, Biometrics Research Group, 9 Nov. 2022, www.biometricupdate.com/202211/privacy-international-leader-argues-digital-identity-exceeds-sdg-scope-on-id16-9-podcast. Accessed 9 Nov. 2022. 

"Digital Identity in a New Era of Data Protection." UNCTAD, 16 Apr. 2018, unctad.org/meeting/digital-identity-new-era-data-protection. Accessed 10 Oct. 2022. 

"The Global Debate around Social Media Surveillance." The Laotian Times, 12 Nov. 2021, laotiantimes.com/2021/11/12/the-global-debate-around-social-media-surveillance/. Accessed 7 Oct. 2022. 

"International Covenant on Civil and Political Rights." OHCRH, UN, www.ohchr.org/sites/default/files/ccpr.pdf. Accessed 7 Oct. 2022. 

McKenzie, Baker. "Data Security and Privacy Laws Develop across Africa." Zawya, Refinitiv, 28 Apr. 2022, www.zawya.com/en/press-release/companies-news/data-security-and-privacy-laws-develop-across-africa-jfnuw910. Accessed 11 Oct. 2022. 

Patel, Faiza, et al. "Government: Social Media Surveillance." Brennan Center for Justice, 11 Mar. 2020, www.brennancenter.org/issues/protect-liberty-security/social-media/government-social-media-surveillance. Accessed 10 Oct. 2022. 

Shahbaz, Adrian, and Allie Funk. "Social Media Surveillance." Freedom House, freedomhouse.org/report/freedom-on-the-net/2019/the-crisis-of-social-media/social-media-surveillance. Accessed 7 Oct. 2022. 

Solomon, Brett. "Digital IDs Are More Dangerous than You Think." Wired, Condé Nast, 28 Sept. 2018, www.wired.com/story/digital-ids-are-more-dangerous-than-you-think/. Accessed 7 Oct. 2022. 

"Universal Declaration of Human Rights." United Nations, UN, 10 Dec. 1948, www.un.org/en/about-us/universal-declaration-of-human-rights. Accessed 9 Oct. 2022.