Committee of experts on protection of journalism and safety of journalists (MSI-JO)

Activities
STANDARD-SETTING
  Steering Committee (CDMSI)
  Bureau of the Committee (CDMSI-BU)
  Former Steering Committee (CDMC)
  Former Bureau of the Committee (CDMC-BU)
  Committee of Experts on Protection of Journalism and Safety of Journalists (MSI-JO)
  Committee of Experts on cross-border flow of Internet traffic and Internet freedom (MSI-INT)  
CONVENTIONS
  Transfrontier Television
  Conditional Access
COOPERATION
  Legal and Human Rights Capacity Building
FORMER GROUPS OF SPECIALISTS
  Rights of Internet Users
  Information Society
  New Media
  Public Service Media Governance
  Cross-border Internet
  Protection Neighbouring Rights of Broadcasting Organisations
  Media Diversity
  Public service Media
 
Events
  Conference Freedom of Expression and Democracy in the Digital Age - Opportunities, Rights, Responsibilities, Belgrade, 7-8/11/2013
  Conference "The Hate factor in political speech - Where do responsibilities lie?", Warsaw18-19 September 2013
  Conference of Ministers, Reykjavik - Iceland, 28-29 May 2009
  European Dialogue on Internet Governance (EuroDIG)
 
Documentation
  Conventions
  Committee of Ministers texts
  Parliamentary Assembly texts
  Ministerial Conferences
  Publications
  Translations
 
Useful links

Description: NB_CE
Steering Committee on

Media and Information Society
(CDMSI)

CDMSI(2012)002Rev51

20/09/2012

Draft Committee of Ministers declaration on risks
to fundamental rights stemming from
digital tracking and other surveillance technologies

1. The propensity to interfere with the right to private life has significantly increased as a result of rapid technological development and legal frameworks which are slow to adapt.

2. Data processing in the information society which is carried out without the necessary safeguards and security can raise major human rights concerns. Legislation allowing broad surveillance of citizens can be found contrary to the right to respect of private life2. These capabilities and practices can have a chilling effect on citizen participation in social, cultural and political life and, in the longer term, could have damaging effects on democracy. They can also undermine the confidentiality rights associated to certain professions, such as the protection of journalists’ sources3, or even threaten the safety of the persons concerned. More generally, they can endanger the exercise of freedom of expression and the right to receive and impart information protected under Article 10 of the European Convention on Human Rights.

3. In this connection, it is recalled that, in accordance with Article 8 of the European Convention on Human Rights, Council of Europe member states have undertaken to secure to everyone within their jurisdiction the right to respect of private and family life, home and correspondence. Restrictions to this right can only be justified when it is necessary in a democratic society, in accordance with the law and for one of the limited purposes set out in Article 8, paragraph 2, of the Convention.

4. As a corollary to the Convention and relevant case law of the European Court of Human Rights, member states have negative obligations, that is, to refrain from interference with fundamental rights, and positive obligations, that is to actively protect these rights. This includes the protection of individuals from action by non-state actors4.

5. People nowadays rely on a growing range of both fixed-location and mobile electronic devices which enhance their possibilities to communicate, participate and manage their everyday lives. Reportedly, in many of these devices, manufacturers, application designers and state agencies or officials, have installed surveillance and tracking software capable of collecting and storing data, including personal data (e.g. keystrokes that reveal passwords) and private information such as user generated content, websites visited, and geographical locations. This data can reveal delicate and/or sensitive personal information (e.g. financial, health, political, religious preferences, sexual habits) about people which can be aggregated to provide detailed and intimate portrayals of them.
6. Tracking and surveillance technologies can be used in the pursuit of legitimate interests, for example to develop new services, improve user experience or facilitate network management, as well as law enforcement. On the other hand, they may also be used for unlawful purposes that lead to illegal access, data interception or interference, system surveillance, and misuse of devices or other forms of malpractice; for example, geo-location tracking could be used to stalk women and make them more vulnerable to gender-related abuse and violence.

7. In all cases, the modalities for processing personal data should comply with relevant Council of Europe standards. This includes ensuring that law enforcement’s own tracking and surveillance measures respect the human rights safeguards referred to in Article 15 of the Budapest Convention on Cybercrime (CETS No. 185). It also concerns strict respect for the limits, requirements and safeguards set out in the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (CETS No. 108) as well as regard for other instruments such as Recommendation CM/Rec(2010)13 on the protection of personal data in the context of profiling.

8. Against this background, the Committee of Ministers:

0alerts member states to the risks of digital tracking and other surveillance technologies for human rights, democracy and the rule of law and recalls the need to guarantee their legitimate use which benefits individuals, the economy, society at large, and the needs of law enforcement;

1encourages member states to bear these risks in mind in their bilateral discussions with third countries, and, where necessary, consider the introduction of suitable export controls to prevent the misuse of technology to undermine those standards;

2welcomes steps taken by data protection authorities in some member states to raise awareness of the implications of tracking and surveillance technologies and to investigate these practices to ensure compliance with the provisions of Convention 108 and their national legislations;

3draws attention to the criminal law implications of unlawful surveillance and tracking activities in cyberspace and the relevance of the Budapest Convention in combating cybercrime;

4welcomes measures taken by both state and non-state actors to raise awareness among users and, a fortiori, within the private sector and among technology developers about the potential impact of the use of such technologies on human rights and the steps which can be taken at the design stage to minimise the risks of interferences with these rights and freedoms (e.g. ‘privacy by design’ and ‘privacy by default’);

f. recalls the Council of Europe Internet Governance Strategy 2012-2015 which includes a number of action lines relevant to the challenges identified in this Declaration5 and looks forward to concrete outcomes stemming from the work of the competent Council of Europe bodies.


1 Revised in light of comments submitted by the Consultative Committees set up under Convention 108 (T-PD) and the Budapest Convention Committee on Cybercrime (T-CY), as well as the CDCJ (Poland), and CDMSI members (Bulgaria, France, Lichtenstein) and observers (ENPA, OSCE).

2 Klass and Others v. Germany; Malone v. the UK; Weber and Saravia v. Germany; Halford v. the UK; the Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria, etc. Footnote for CDMSI information, to be deleted after consideration and possible approval.


3 Recommendation CM R(2000)7 on the right of journalists not to disclose their sources of information.

4 X and Y v. the Netherlands; Young, James and Webster v. the UK; Plattform Äsrte für das Leben v. Austria; Powell and Rayner v.the UK; Costello–Roberts v. the UK; Lopez Ostra v. Spain; August v. the UK; A. v. the UK; Z and Others v. the UK; Calvelli and Ciglio v. Italy; Osman v. the UK; Marcks v. Belgium; Airey v. Ireland; Gaskin v. the UK; Gül v. Switzerland; Ahmut v. the Netherlands; D. v. the UK; Guerra v. Italy; Botta v. Italy; L.C.B v. the UK; Z and others v. the U; S. and Marper v. the UK. Footnote for CDMSI information, to be deleted after consideration and possible approval.


5 The Council of Europe Internet Governance Strategy for 2012-2015 was adopted by the Committee of Ministers on 14 March 2012. It encompasses action to promote Council of Europe standards globally, including vis-à-vis private sector actors (e.g. paragraphs 8.d., 9.b. and 9.f.), drawing up a compendium of human rights for Internet users and raising awareness among them (paragraph 9.a. and g.), enhancing the protection of privacy (e.g. paragraph 10.f. and g.), enhancing the rule of law and cooperation against cybercrime (e.g. paragraph 12.a. et seq. in particular 12.i.), etc.