You are here:
AustLII >>
Databases >>
University of New South Wales Law Journal >>
1998 >>
[1998] UNSWLawJl 47
Database Search
| Name Search
| Recent Articles
| Noteup
| LawCite
| Author Info
| Download
| Help
Kirby, Michael D --- "Privacy in Cyberspace" [1998] UNSWLawJl 47; (1998) 21(2) UNSW Law Journal 323
Privacy in Cyberspace
[*]
THE HON JUSTICE MICHAEL KIRBY AC
CMG[**]
I. A NEW DYNAMIC
Time passes. Twenty years ago in the Organisation for Economic Cooperation
and Development (OECD) work was beginning towards guidelines
on the protection
of privacy in the context of transborder data
flows.
[1] Ten years ago work towards
the later OECD guidelines on security of information systems was
commenced.
[2] I chaired the two expert
groups which prepared those successive principles. That work opened my eyes to
the enormous implications
of modern technology for the law and human rights in
every society. And to the capacity of international institutions to help
municipal
law makers respond to global problems. The work of the OECD on the
social and legal issues presented by informatics illustrates the
way in which
the international community is slowly but inexorably constructing a mutually
compatible legal order on the foundation
of “respect for human rights and
fundamental freedoms”.
[3]Ten
years ago, I suggested
[4] that what
was lacking at the international level, as in domestic jurisdiction, was a
perception of the relevance of scientific developments
for the
concept of
human rights. This was because of the fragmentation of priorities, the dominance
in the debates on human rights of lawyers (often
ignorant of science), the
limited perspective of specialised institutions and the highly controversial
nature of many of the moral
dilemmas posed. It is useful, I think, to repeat my
conclusion:
[5]
[T]here has been little endeavour to reflect the major scientific and
technological developments of the last fifty years, and their
impact on human
rights, in a conceptual way. Instead, old human rights instruments developed
for earlier times are scrutinised for
their possible utility in solving the
controversies presented by the new technology. Piece-meal legislation is
enacted. No Luther
of jurisprudence has emerged to pull together the
implications of nuclear physics, informatics and biotechnology for twenty first
century man and woman.
In the decade since those words were written, the
fundamental problem remains unresolved. The urgency of finding solutions has
increased.
In informatics, there has been a rapid convergence of technologies.
Telecommunications have merged with computerisation linked with
other systems of
communication.
[6] Connections have
been forged between nuclear physics, informatics and biotechnology. The
Star
Wars system proposed by President Ronald Reagan had a worrying potential to
link nuclear weaponry and informatics. The Human Genome Project
would not be
possible but for the linkages of information technology and biological
research.
[7] It is important to
realise the interconnections of scientific advances and to study their impact on
human rights. For example, the
privacy of genetic information is as much an
issue for human rights in the context of informatics as it is in the context of
biotechnology.
Principled responses, defensive of the rule of law, human rights
and fundamental freedoms, will necessarily have common themes.
In the twenty
years since the OECD Guidelines on Privacy were formulated, the Internet has
been launched. It expands at an astonishing
rate with world wide users doubling
every twelve months.
[8] William
Gibson’s vision of
cyberspace
[9] is fast becoming a
reality. Starting with 8.5 million users in 1995, the Internet is expected to
reach over 142 million users by
the year
2000.
[10] For a pertinent analogy,
it is necessary to go back to Gutenberg’s printing
press.
[11]Look ahead. Imagine
the way in which, in the future, the lives of human beings will be altered as
the global network of interconnected
users of information technology becomes
bigger and even more powerful. Already, informed writers are offering their
predictions.
Edward Cornish, for
example,
[12] has sketched
ninety two ways in which, he claims, the lives of ordinary people will
change over the next thirty years as a result
of the Internet. Global culture,
education, employment, production and even crime will be affected. Local
cultures and languages
may decline. Increased drug use and the risks of cyber
crime and terrorism will be larger problems. Privacy, it is argued, will be
harder to maintain. Not unconnected with this, interpersonal relationships of
human beings will be increasingly unstable. Cornish’s
conclusion is that
the unprecedented power to choose will often result in less sensible action and
greater conflict. Governments
will have limited control over cyberspace and over
the pace at which globalisation of the interconnected human consciousness is
occurring.
II. ENDANGERED PRIVACY
Many of the problems for privacy which were identified in the 1980s are now
enlarged, or altered, by the development of the Internet.
The speed, power,
accessibility and storage capacity for personal information identifying an
individual are now greatly
increased.
[13] Some of the chief
protections for privacy in the past arose from the sheer costs of retrieving
personal information; the impermanency
of the forms in which that information
was stored; and the inconvenience experienced in procuring access (assuming that
its existence
was known). Other protections for privacy arose from the
incompatibility of collections with available indexes and the effective
undiscoverability of most personal data. These practical safeguards for privacy
largely disappear in the digital
age.
[14] A vast amount of data,
identified to a particular individual, can now be collated by the determined
investigator. The individual
then assumes a virtual existence which lives in
cyberspace instead of in what is sometimes described as ‘meat
space’.
[15] The individual
takes on a digital persona made up of a collection of otherwise unconnected and
previously unconnectable data.
This quantity of personal information about
individuals is likely to increase rather than
decrease.
[16] Access to this
information is what occasions the contemporary fragility of privacy – a
human attribute that has been steadily
eroded over the past
century.
[17] To the extent that the
individual has no control over, and perhaps no knowledge about, the mass of
identifiable data which may be
accumulated concerning him or her, and to the
extent that national law-makers, despite their best endeavours, enjoy only
limited
power effectively to protect the individual in the global web, privacy
as a human right, is steadily
undermined.
[18]It is not always
appreciated by users of the web that without specific initiatives on their own
part, their visits to particular websites
can usually be resurrected:
presenting a profile of their minds. These visits may illustrate the subjects in
which they are interested:
their inclinations, political, social, sexual and
otherwise.
[19] An early indication
of the potential of this form of surveillance to pry on the individual occurred
during the confirmation hearings
in the United States Senate considering the
nomination of Judge Robert Bork to the United States Supreme Court. A reporter
retrieved
the record of Judge Bork’s video rentals as itemised by
computer.
[20] Nor is this a
theoretical danger. Senior Petty Officer Timothy McVeigh, a naval officer
stationed in Hawaii, was discharged from
the United States Navy after he came
under investigation following the search of his America On Line (AOL) profile
which included
the word “gay”. An acquaintance turned the profile
over to Mr McVeigh’s command. The latter treated it as a breach
of the
United States Government’s policy about the sexual orientation of service
personnel, described as “Don’t
ask. Don’t tell”. Mr
McVeigh did not tell: but AOL
did.
[21]One of the particular
dangers of data profiling is the human tendency to assume that because
information comes out of an automated
system it must be accurate. Data profiles
have a potential to magnify and endlessly reproduce human
error.
[22] There are many studies of
the mistakes which can occur. The brother who once paid a defaulting
sibling’s rent and found himself
black listed as an unreliable tenant. The
network user whose facilities are used by someone else to make a visit to a
child pornography
website or to download child pornography whilst the user is
away.
The damage that can be done through defamation on the Internet is
illustrated by a recent case in Western Australia. A message from
an
anthropologist appeared on the World Wide Computer Network Bulletin Board
defending a university decision not to grant academic
tenure to the plaintiff.
The message mentioned an accusation of sexual misconduct which thereupon became
available to approximately
23 000 academics and students, within the
relevant speciality, having regular access to the bulletin board. Defamation was
found
and damages awarded.
[23]It
is not accurate to say that the Internet is a law free zone. Much local law
applies to the activities occurring there. But it is
true to say that there is
no global authority which controls the Internet. There is no uniform global
regime to regulate and enforce
standards.
[24] To some extent the
absence of a controlling and enforceable law facilitates free expression, the
communication of ideas and notions
of individual liberty which are themselves
important human rights. However, such values are not the only human rights, as a
glance
at the
Universal Declaration of Human Rights and its progeny of
international law will demonstrate. There are other fundamental human rights
which sometimes compete, or conflict,
with the right of free expression. The
right to privacy and to reputation and honour, and the confidentiality of
communications must
also be
protected.
[25] In the world of the
Internet, technological capacity tends to favour the spread of information. The
protection of competing values
is decidedly weak.
With the Internet have come
additional problems. Because of the growing use of information systems by
business and government, and
because these are connected to the Internet, many
transactions by individuals in every country will now be potentially
inter-connected
and examinable. This will afford means of distributing data
about the individual to remote places and, often, to persons or organisations
with which the individual may have no other connection. The advent of search
engines, robots, wanderers and Internet indexes presents
a new dimension to the
isolation of personally identifiable data profiles. The extensive indexes of
Internet sites such as
Yahoo[26] and the launch in
December 1995 of the
Altavista search
engine
[27] (with the subsequent
proliferation of email, telephone, address and Usenet directories) change
forever the personal profile potential
of the individual. In his essay
“Private Lies”,
[28] John
Hilvert describes
Altavista in these terms:
[It] was introduced as a free service back in December [1995] to show
[Digital Equipment Corporation’s] ability to handle the
Internet, no
matter how it scaled ... [It] gobbles and disgorges in a very accessible
way the entire catalogue of some 22 million
web pages (12 billion words) and
about two months of the content of 15 000 news groups. It handles 5 million
search requests a day.
Impressed with
Altavista’s remarkable speed.
The subject tried
Altavista on the news groups and was sickened. What I
found ... using my name or email address as search parameters, was a copy of
almost every
post I’ve made to Newsnet news groups since the first week in
January ... That includes my posts to these two news groups,
and all rejoinders
from anyone here who included my name in his or her reply. Make out of that what
you wish. My reaction to it
is somewhere between disgust and fury. What I do
not expect is that the news group clubhouse is bugged and that what is said
there,
by any of us, will be recorded and made available to any person on the
Internet, for whatever reason persons might have. The irony
of this is: I came
across [this] ... using the
Altavista search engine.
Users commonly
think that, because they do not enter their names or other details to gain
access to web pages, this means that there
is a high degree of privacy in their
use of the Internet, in other words, that it is virtually anonymous. However
with most web browsing
software, such as Netscape and Microsoft Explorer, any
request to a website discloses the network identity of the machine used to
access the web, the web page immediately previously accessed, together with
related ‘cookies’, such as information stored
by the web server on
the computers of users who have accessed it, the list of previously accessed web
pages or transactional information
generated while accessing those web
pages.
[29] If this does not cause
anxiety about the potential loss of privacy of Internet users, nothing
will.
Of course, this is not a reason, Canute like, to hold up the hand
against progress. On current trends we can scarcely prevent the
rapid continuing
growth in Internet users. Nor would one wish to do so. But it does present a
challenge to those who would defend
fundamental human rights (including privacy)
and those who realise that false, distorted, damaging, hurtful and intrusive
information
that can be compiled about an individual based upon data received
from a multitude of digital sources and given an apparent authenticity
by
digital delivery. Web crawlers, spiders, robots and trawlers introduce a new
dimension to the
info-privacy debate. They also challenge the applicability,
in today’s technology, of some of the OECD Guidelines prepared in
the
context of the technology of earlier decades, when such intense dataveillance
was not foreseen.
[30]
III. CHALLENGES TO DEMOCRATIC GOVERNANCE
In addition to the foregoing concerns an even deeper malaise must be
addressed. It relates to the capacity of presently existing law
making
institutions to respond adequately to the problems which the new technology
presents. Privacy is only one attribute of the
Internet in which challenges
arise for established values. Organised crime, terrorism, infringement of
intellectual property rights,
unconsensual or under age infiltration of
pornography are some of the other problems examined in the
literature.
[31] So are the
implications of the Internet for the integrity of financial markets, for tax
avoidance and tax havens.
[32]
Equally controversial is the impact of the Internet upon cultural sovereignty
and diversity
[33] which is of such
concern to societies struggling to preserve and defend their language, religious
or spiritual values, moral norms
and distinct social diversity.
In striking
down the censorship provisions of the
Communications Decency Act of the
United States,
[34] the Supreme Court
of that country itself recognised that the practical consequence of its decision
would reach far beyond the borders
of the United States of
America:
[35]
Once the provider posted its content on the Internet it could not prevent
that content from entering any community. Thus, when the
UCR/California Museum
of Photography posts to its website nudes by Edward Weston and Robert
Mapplethorpe to announce that its new
exhibit would travel to Baltimore and New
York City those images are available not only in Los Angeles, Baltimore and New
York City
but also in Cincinnati, Mobile or Beijing – wherever Internet
users live. Similarly, the safe sex instructions that ‘Critical
Path’ posts to its website written in street language so that the teenager
receiver can understand them, are available not
just in Philadelphia, but also
in Provo and Prague.
People in every country are therefore, in a sense,
beneficiaries of decisions made upon the First Amendment to the United States
Constitution. Not all societies, and certainly not all governments, necessarily
share the social values reflected in the United States court decisions.
In a
number of countries attempts have already been made by law to control the
Internet.
[36] Thus a draft law in
Thailand purports to prohibit dissemination through the Internet of information
that is against “public
peace and order and may lead to disunity of the
nation or deterioration of international relationships”; “immoral
information”;
“information disparaging religion” or
“highly respected persons” and “inappropriate
information”
concerning the King of Thailand, the Thai Royal Family and
also “Heads of State of friendly foreign
countries”.
[37] This law was
roundly criticised when it was published in January 1998, on the ground the
last-mentioned provision would create criminal
offences for disseminating sexual
information concerning President Clinton of the United States. The subsequent
publicity given to
allegations against the President, and its dominance of much
of the global news media, demonstrated once again the difficulty (and
possibly
undesirability) of censoring the international flow of data of this
kind.
Another illustration lies in the efforts of the British Government to
prohibit publication of information and commentary which might
endanger the fair
trial of Mrs Rosemary West. She was accused of involvement in notorious serial
killings. Such efforts of control
might have been effective in the traditional
news media. But they were wholly ineffective for the
Internet.
[38] The earlier attempts
by the British Government to suppress the publication of the book
Spycatcher
by Mr Peter Wright failed in the courts of several countries outside the
United Kingdom.
[39] It was not even
attempted in the United States of America. The case illustrated the effective
powerlessness of most national courts
to enforce, in a truly effective way,
local norms and values affecting global information.
Governments and
legislatures are not wholly powerless in the face of the Internet and global
media. But the force of the technology
(and the vast audiences which it gathers
up) suggest that common global standards will tend, in time, to swamp local
susceptibilities.
At least in the case of most countries, there will be little
which they can do to influence the information flow except to enact
laws
enforceable in their courts in the comparatively rare instances in which they
can catch those who offend against such laws within
their jurisdiction.
Some
will say that this limitation on the capacity of national law makers to respond
to the challenge of the Internet is nothing but
an illustration of
globalisation, which technology more generally renders irreversible and
inevitable. The contribution of the Internet
to free expression, democratic
practice and individual liberty cannot be denied. But in the interval between
the receding power of
national law and the lack of effective international law,
lie certain dangers. As I have shown, they are dangers for those human
rights
which compete with the free flow of undigested data. They are also dangers to
stable social regulation on the part of those
who see the impact of the new
values which multimedia and the Internet bring and object to aspects of what
they see.
IV. AN AGENDA FOR ACTION
The result of this review is that the extraordinary development of
informatics continues to present puzzles and challenges both to
the
international community and to the law making institutions of the nation states
which make it up. A number of things can be done.
A. Review and Debate of Current Regulations
Every jurisdiction needs to review its applicable laws and policies to
adapt them to the new technology. In the United States a constitutional
amendment has even been proposed to update some of the present legal guarantees
and to permit courts to fashion new principles in
harmony with the new
technology and new values.
[40] In
Australia, in the space of a year or two, three discussion papers have been
produced by official bodies. There is currently a
Senate inquiry on self
regulation in the information and communications
industries.
[41] It is highly
desirable that in every jurisdiction legislators, governments, academics and the
community generally should be debating
the social implications of the new
technology, including the Internet. Such debates need to be supplemented by
international initiatives
which seek to devise principles as global as the
technology itself. Otherwise, we will persist with a legal patchwork of dubious
effectiveness
[42] and more and more
business and other communications will take place in extra- and supra-
jurisdictional space.
B. Formulation of Standards
The development of ‘cyber manners’, of Internet standards and
the initiatives of bodies such as the Global Internet Liberty
Campaign,
[43] as well as domestic
initiatives to advocate endangered values such as
privacy,
[44] deserve
support.
C. Review of OECD Privacy Principles
There is an urgent need, in the light of technological change and the
enhanced capacity of the Internet, for a review to be conducted
of the
information privacy principles developed by the OECD twenty years ago. There are
serious gaps in those principles. Informed
writers are already suggesting that
new privacy principles are needed, such as:
- a right not to be indexed – if a
‘rogue’ robot indexer ignores existing or new contemporary standards
which exclude
indexing;
- a right to encrypt personal communications
effectively;[45]
- a right to fair treatment in public key
infrastructures, so that no person is unfairly excluded in a way that would
prejudice that
person’s ability to protect their privacy;
- a right to human checking of adverse automated
decisions and a right to understand such
decisions;[46] and
- a right, going beyond the aspiration of the
OECD openness principle, of disclosure of the collections to which others will
have access
and which might affect the projection of the profile of the
individual
concerned.[47]
D. Openness and Transparency
A common theme of many of the proposed revisions of the OECD Privacy
Guidelines is the need to render “data collection practices
... fully
visible to the individual ... Any feature which results in the collection of
personally identifiable information should
be made known prior to operation and
... the individual should retain the ability to disengage the feature if he or
she so chooses”.
[48] Whilst
some observers would contest such an absolute statement of the right of
disengagement (and others might question the marginal
utility of undemanded
notification of all identifiable information about an individual without any
initiative on the part of that
individual) clearly the openness principle of the
OECD Guidelines is one of the weakest in the collection. The advent and
potential
of the Internet requires that there be new attention to
it.
[49]
E. The Role of Governments
The role of national governments as the defenders of privacy and of
fundamental rights also needs careful consideration, given the
past record of
many of such governments as intruders into such fundamental rights. This,
together with commercial concerns, provides
the explanation for the strong
resistance to the Clipper Chip proposed by the United States Government in 1993.
That proposal had
the ostensible purpose of allowing government to override
individual encryption, allegedly to protect society from “gangsters,
terrorists and drug
users”.
[50] The first two
words are loaded. The third, at least now, engenders a legitimate international
debate concerning the proper strategy
to respond effectively to the drug
epidemic. Whilst society needs to be shielded from clearly antisocial conduct,
there are strong
arguments for permitting, and protecting, the anonymity of most
website visits
[51] and providing
‘dungeons’ and ‘chat rooms’ in the web where people can
communicate without fear that their
interests, attitudes, beliefs and concerns
will be monitored either by public or the private sector
snoops.
[52]
F. Responsible Reporting
One feature of Internet reporting is the intensification of the competition
for getting the ‘news’ first. This puts great
pressure upon modern
journalistic standards. The kind of reporting which has lately affected public
personalities such as Diana,
Princess of Wales, and President Clinton, in
respect of their private lives is, in part, a product of the new technology. No
public
figure is entitled to protection in relation to aspects of private life
which may have relevance to public duties. But unless public
figures can enjoy a
private zone where their lawful family, sexual, health and other data belongs to
them and is respected by others, the result will be a serious erosion of
the quality of persons offering to serve.
V. CONCLUSION
A second generation of information privacy principles, in harmony with the
development of the Internet, should therefore be drawn
up without delay. The
Internet should develop in a way respectful to fundamental human rights and
democratic governance. Its expansion
should reflect global values and human
diversity. This is a mighty challenge. Yet the Internet itself was conceived in
the minds
of human beings. It should be possible for humanity to devise and
apply just rules for its
operation.
[53] If it cannot, that
fact has serious implications for the notion that human rights are universal. It
has profound consequences for
the future of the rule of law in
cyberspace.
[*] This is an abbreviated
and amended version of a paper to be published in International Dimensions of
Cyberspace Law by the United Nations Educational, Scientific and Cultural
Organisation (UNESCO), Paris in
1999.[**] Justice of
the High Court of Australia. Lately President of the International Commission of
Jurists. One time Chairman of the OECD
Expert Groups on Privacy (1978-80) and
Data Security
(1991-2).[1] OECD,
Guidelines on the Protection of Privacy and Transborder Flows of Personal
Data, Paris
(1980).[2] OECD,
Guidelines on Security of Information Systems, Paris
(1992).[3] Preamble to
the Charter of the United Nations. See LM Gruderidge and E Hambro, Charter of
the United Nations: Commentary and Documents (2nd ed, 1949) p
87.[4] MD Kirby,
“Human Rights and Technology: A New Dilemma” (1988) 22 University
of British Columbia Law Review 123 at
127.[5] Ibid
at 130-1. Cf AES Tay, Teaching Human Rights, Australian
National Commission for UNESCO (1981) p
2.[6] J Bond,
“Telecommunications is Dead, Long Live Networking” (1997) 3(3)
I-Ways 26.[7] R
Cook-Deegan, The Gene Wars, Norton (1994) pp 283ff; MD Kirby, “The
Human Genome Project: Promise and Problems” (1994) 11 Journal of
Contemporary Health Law and Policy 1. See now UNESCO, Universal
Declaration on the Human Genome and Human Rights (1997), especially articles
7, 8 and 9.[8] R
Miller, The Internet in Twenty Years: Cyberspace, the Next Frontier?,
OECD (1997).[9] W
Gibson, Neuromancer, cited in MS Borella, “Computer Privacy vs
First and Fourth Amendment Rights”
<http://www.eff.org/pub/Privacy/comp_privacy_4th_amend.paper>
. As Miller
notes, note 8 supra, cyberspace will eventually come to life on the
Internet infrastructure as a range of information and services spanning, at
least
for a few analysts, almost all aspects of human experience. Cf E France,
“Can Data Protection Survive in Cyberspace?”
(1997) 8(2)
Computers and Law
20.[10] R Miller,
note 8
supra.[11] Five
hundred years ago Francis Bacon, writing about Gutenberg’s printing press,
commented on how the very way humans think
would be rearranged, changed and as
he put it “the appearance and state of the world” would be altered.
Cf S Harris cited
in S Williamson, “Legal Pot-holes in the Information
Super Highway” (1995) 69 Law Institute Journal
1213.[12] E Cornish,
“The Cyber Future: 92 Ways our Lives will Change by the Year 2025”
(1996) 30(1) The Futurist 27, abstracted in OECD, note 8 supra, p
12.[13] A Cavoukian
and D Tapscott, Who Knows: Safeguarding your Privacy in a Networked World,
Vintage, (1996); SD Balz and O Hance, “Privacy and the Internet:
Intrusion, Surveillance and Personal Data” (1996) 10(2) International
Review of Law, Computers and Technology
219.[14] G
Greenleaf, “Privacy and Cyberspace: An Ambiguous Relationship”
(1996) 3(5) Privacy Law and Policy Reporter
88.[15] Ibid
at
89.[16] Ibid
at 88.[17] R
Wacks, “Privacy in Cyberspace: Personal Information, Free Speech and the
Internet” in P Birks (ed) Privacy and Loyalty, Oxford (1997) at
93.[18] R Wacks,
ibid at 110; SD Balz and O Hance, note 13 supra at
220.[19] SD Balz and
O Hance, ibid at 222. Most Internet users do not seem to appreciate that
an image of a site they may have visited many weeks earlier could be
stored in
their personal computer and easily viewed by another person having access to the
computer.[20] Ibid
at 228.[21] Human
Rights Campaign: “Human Rights Campaign Learns Pentagon Postponing
Expulsion of Sailor with ‘Gay’ in his
Profile”
<http://www.hrc.org/feature1/mcveigh.html.>
. A judge has granted temporary
relief to Mr McVeigh against
dismissal.[22] T
Miller, “Law, Privacy and Cyberspace” (1996) 1(4) Communications
Law 143 at 145; H Wright, “Law, Convergence and Communicative Values
on the Net” (1996) 7 Journal of Law and Information Science 54 at
65.[23] Rhindos v
Hardwick (unreported, Supreme Court of Western Australia, Ipp J, 31 March
1994) noted in: G Hughes, “Nowhere to Hide? Privacy and the
Internet” (1996) 29 Computers and the Law 21 at 22; B Todd,
“From Village Pump to Superhighway: Internet and the Modern Law of
Defamation” (1996) 1 Media and Arts Law Review 34; P Bartlett,
“Internet & the Legal Tangle” (1995) 1(4) Computer Law and
Practice
110.[24] T
Miller, note 8 supra, p
145.[25] Universal
Declaration of Human Rights, Article 12; International Covenant on Civil
and Political Rights, Article 17.1. See generally HH Perritt and CJ Lhulier,
“Information Access Rights Based on International Human Rights Law”
(1997) 45 Buffalo Law Review 899 at 906
ff.[26] G Greenleaf,
note 14 supra at 88. A catalogue of Internet privacy issues may be found
at
<http://www.anu.edu.au/people/Roger.Clarke/DV/Internet.html>
.[27] Altavista
home page at
<http://www.altavista.digital.com>
.[28] J
Hilvert “Private Lies” Information Age, May 1996, pp 18-23
cited in G Greenleaf, note 14 supra at
89-90.[29] G
Greenleaf, note 14 supra at 91-2. Without spiders and robots it would be
very difficult to find information on the web. These “devices”
continually
travel the millions of Internet servers on the web and index every
significant word or phrase on each one. Web “masters”
can prevent
their sites from being so indexed. The awareness of the danger and the ways of
meeting it has heightened in recent times.
In 1994, an attempt was made to draft
a Robot Exclusion Standard. See
<http://web. nexor.co.uk/mak/doc/robots/norobots.html>
.[30] R
Clarke, “Profiling and its Privacy Implications” (1994) 1(7)
Privacy Law and Policy Reporter 128 at 128-9; R
Wacks, note 17 supra at
93-7.[31] C Downey,
“The High Price of a Cashless Society: Exchanging Privacy Rights for
Digital Cash?” (1996) 14(2) John Marshall Journal of Computer and
Information Law
303.[32] R Wacks,
note 17 supra at
111.[33] S Davies,
“Strategies for Protecting Privacy in the New Information Structure”
in (1995) 2(2) Privacy Law and Policy Reporter 23; cf (1997) 3(4)
I-Ways
9.[34] Reno v
American Civil Liberties Union, 138 L Ed 2d 574 (1997), noted in (1997) 13
(5) Computer Law and Security Report
371.[35] Reno,
ibid at
372.[36] China,
Singapore and Germany have introduced laws. See R Wacks, note 17 supra at
99.[37] Internet
Promotion Bill 1998 (Thailand) (Draft 4) noted in the Bangkok Post, 12
January 1998, pp
1-2.[38] T Miller,
“Law, Privacy and Cyberspace” (1996) 1(4) Communications Law
143 at
145.[39] See for
example, Attorney General (UK) v Heinemann Publishers Australia Pty Ltd
[1988] HCA 25; (1988) 165 CLR
30.[40] See
Professor Laurence Tribe’s suggestion noted in R Wacks, note 17
supra at
99.[41] The three
initiatives of the Australian Government are explained in T Hughes,
“Regulation of the ‘Net’” in
Australian Law Reform
Commission (1997) 71 Reform 23 at 24. They concern privacy protection,
copyright reform and the regulatory framework for on-line services. Subsequently
the Australian
Government withdrew an electoral commitment to enact privacy
legislation governing the private sector. See S Davies, “Privacy
Law -
Australia” (1997) 16(6) Computer Law and Security Report 429. At
the time of writing the Australian Senate Select Committee on Information
Technology is conducting an inquiry on self regulation
in the information and
communications industries.
[42] G Greenleaf,
“Privacy Principles: Irrelevant to Cyberspace?” (1996) 3(6)
Privacy Law and Policy Reporter 114 at 118-19. The European Union has
proposed a process that could lead to an “International Communications
Charter” by
the end of 1999. See (1998) 4(1) I-Ways 1 and
<eif@bxl.dg13.cec.be>.[43] G
Greenleaf, ibid at
119.[44] The
Australian Privacy Charter Council is a non-governmental organisation
established to promote the protection of privacy. It has
issued a Privacy
Charter. See (1995) 2 Privacy Law and Policy Reporter 44. See also the
European Union’s Data Directive (Directive 95/46/EC). Cf G
Greenleaf, “European Commission tests adequacy of our privacy laws”
(1998) 4(8) Privacy Law and Policy Reporter 140; and S Lau,
“Observance of the OECD Guidelines and the EU Directive in Asia”
(1998) 4(8) Privacy Law and Policy Reporter
145.[45] See OECD,
Guidelines for Cryptography Policy, 27 March 1997 (OECD Doc:C(97)
62/FINAL) which include eight principles relevant to this discussion. Principle
2 relates to users’
rights to choose cryptographic methods. Principle 5
relates to the individual’s rights to privacy including secrecy of
communications
and protection of personal data. Cf J Adams, “Encryption:
The Next Big Thing?” (1998) 2 Computers and Law 39 at
39-40.[46] G
Greenleaf, “Privacy Principles - Irrelevant to Cyberspace?”, (1996)
3(6) Privacy Law and Policy Reporter 114 at
118.[47] R Clarke,
note 30 supra at 129. See also R Clarke, “Beyond ‘Fair
Information Practices’: A new Paradigm for 21st Century Privacy
Protection”
at
<http://www.anu.edu.au/people/Roger.Clarke/DV/BeyondFIP.html>
.[48] HH
Perritt and CJ Lhulier, note 25 supra. See also G Greenleaf, note 14
supra at 92. Cf M Rotenberg, “Privacy and Protection: A US
Perspective, Data Protection in the United States: A Rising Tide?”
(1998)
14(1) Computer Law and Security Report 38 at
38-40.[49] S Davies,
note 33 supra at 38. The Australian Privacy Commissioner has issued new
National Principles for the Fair Handling of Personal Information,
February 1998, which include an anonymity principle. See
<http://www.privacy.gov.au/news/p6_4_1.html>
.[50] R
Wacks, note 17 supra at
107.[51] Ibid
at 100.[52] Ibid
at 98.[53] B
Phillips (Canadian Federal Privacy Commissioner) cited in E France, “Can
Data Protection Survive in Cyberspace?” (1997) 8(2) Computers &
Law 20 at 24.
AustLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.austlii.edu.au/au/journals/UNSWLawJl/1998/47.html