Tuesday, July 3, 2007

Privacy Rights and Terror Investigations

Two recent developments on the international cooperation front provide some redress to concerns about privacy and information-sharing between governments. The introduction of no-fly lists in the U.S., Canada and the E.U., as well as the increasingly globalised nature of personal information in data banks has raised questions about how this information will be shared with and used by foreign governments.

A tragic example of the failure to provide protection to citizens in these areas is the story of Maher Arar, a story familiar to most Canadians:

Maher Arar, a Syrian-born Canadian citizen was detained during a layover at John F. Kennedy International Airport in September 2002 on his way home to his family in Canada. He was held in solitary confinement in the U.S. for nearly two weeks, interrogated, and denied meaningful access to a lawyer. The Bush administration labeled him a member of Al Qaeda and rendered him, not to Canada, his home and country of citizenship, but to Syrian intelligence authorities, known by the U.S. government to practice torture.While in Syria, he was regularly tortured for almost a year before being released to Canada. Both the Canadian and Syrian governments have publicly cleared Arar of any links to terrorism. The United States government, however, refuses to clear Arar’s name and continues to have both him and his family on a watchlist.
Mr. Arar’s incarceration was the result, in part, of misleading information provided by the RCMP, which eventually led to the resignation of the RCMP commissioner. Following Mr. Arar’s return to Canada, there were several intentional disclosures to the public from his file, which appeared to be made in order to justify the actions of the security agencies involved. These disclosures were in violation of Mr. Arar’s privacy rights.

In our increasingly globalised economy, the volume of personal data crossing borders represents a growing threat to personal privacy. In an effort to counter the threat, the Organization for Economic Cooperation and Development (OECD) has issued a report proposing amendments to data privacy legislation as well as enhancements to international cooperation in the field of privacy protection:
When personal information moves across borders it may put at increased risk the
ability of individuals to exercise privacy rights to protect themselves from the
unlawful use or disclosure of that information. At the same time, the authorities charged with enforcing privacy laws may find that they are unable to pursue complaints or conduct investigations relating to the activities of organisations outside their borders. Their efforts to work together in the cross-border context may also be hampered by insufficient preventative or remedial powers, inconsistent legal regimes, and practical obstacles like resource constraints. In this context, a consensus has emerged on the need to promote closer co-operation among privacy law enforcement authorities to help them exchange information and carry out investigations with their foreign counterparts.
While most OECD member countries have enacted privacy legislation, Canada's Privacy Commissioner Jennifer Stoddard has pointed out that different rules in different countries were not only causing unease among citizens and companies, but were also leading to more red tape and higher costs.

Meanwhile, The European Union and the U.S. have reached a provisional deal on exchanging information about transatlantic air passengers. According to a TechWorld News story, the U.S. will be required to adhere to "strict data retention obligations," including retaining both used and unused data for no more than five years.
The United States and European Union share views on combating terrorism but
"these activities should be done in full respect for fundamental rights," said
Franco Frattini, the EU's justice and home affairs commissioner.
While privacy protections need to go even further than these two initiatives, it is encouraging to see some developments that attempt to preserve individual privacy rights and hopefully prevent a recurrence of the nightmare that Maher Arar experienced.

1 comment:

coupon code said...

superb blog dealing with security issues