8 Recommendations In 4 Countries: Not A Bad Score For The Right To Privacy At The 24th Universal Periodic Review
The reports of Universal Periodic Review (UPR) Working Group for the States under Review at the 24th session in January 2016 were adopted during the last Regular Session of the Human Rights Council, which took place from 13 June to 1 July 2016.
The growing number of recommendations being submitted on the right to privacy and communications surveillance, demonstrate Member States’ level of concern of policies and practices which unlawfully, unnecessarily, and disproportionally interfere with the right to privacy. The recommendations called for Members States to review these policies and practices to ensure they comply with international human rights law and standards.
Privacy International particularly welcomed the recommendations put forward on Denmark, Paraguay, Belgium, and Estonia. However, given the poor responses to those from the respective States, it remains essential to keep monitoring the situation and demand that further steps are taken to address the areas of concern. Furthermore, we remain unsatisfied with the lack of focus on the right to privacy in Namibia and Singapore, despite the serious concerns raised in our stakeholder reports.
The government of Paraguay was recommended by Lichtenstein (102.62 and 102.63) to ensure all of its surveillance activities are conducted with respect to citizens’ rights and freedoms, and to take necessary measures to guarantee that the operations of intelligence agencies comply with international human rights law and standards, and in particular with regards to oversight. TEDIC and Privacy International who had raised these concerns in their stakeholder report welcomed these recommendations and we were glad to see the Government of Paraguay accept these. As it implements these recommendations, we strongly urge Paraguay to also reflect its commitment to respect and protect the right to privacy as it legislates new laws and undertakes various legislative reviews. In particular, we would emphasis our concerns with respect to law No. 1881, which amended the law No. 1340 of 22 November 1988 and suppressed illicit narcotics trafficking and related crimes, the reform of the Telecommunication Act, and the development of a cybersecurity plan.
During the review of Denmark, Member States expressed concerns and questioned if the Danish counter-terrorism legislative framework was compliance with Denmark’s human rights obligations. These issues were presented by IT-Political Association of Denmark (IT-Pol) and Privacy International in their joint submission, and we were glad to see two recommendations being put forward by Hungary (Recommendation 120.40) and the Netherlands (Recommendation 120.197). The former recommended the Government of Denmark to review its counter-terrorism law to ensure that it is fully compliant with human rights obligations, and the latter called on Denmark to undertake an evidence-based evaluation of the counter-terrorism law. The Government of Denmark accepted the recommendations to undertake a review of its counter-terrorism measure but it noted that no review had yet been planned and it said that an evaluation of these would only take place once the effects of the new counter-terrorism deployed in 2015 were known.
Echoing the concerns raised by the Liga voor Menserechten, the Ligue des droits de l'Homme and Privacy International, various Members States called upon the Government of Belgium to continue to apply and respect human rights, in particular the right to privacy, in the implementation of its counter terrorism measures. Belgium left unaddressed the recommendations on respecting human rights in the implementation of these measures (138.71 Republic of Korea) and those aimed at fighting extremism (138.72 Thailand). In response to Mexico’s recommendation (141.14) to repeal any provisions within counter-terrorism measures which contravened international law and in particular in areas such as due process and imprisonment, Belgium noted that in matters of terrorism, no specific policy related to due process, imprisonment, and common law applied. On the point of profiling it merely noted that the law prevents discrimination, and would sanction any policy officer in contravention.
In light of the review of Estonia, Privacy International raisedconcerns on the country’s continued 1-year data retention policy, the lack judicial authorities of surveillance not undertaken within criminal investigations, the poor enforcement Parliamentary oversight of intelligence agencies, and the lack of security of government IT systems and infrastructure, which has left vulnerable the data of citizens. These issues were largely unaddressed in the review. However, Privacy International welcomed the recommendation of Brazil, which reiterated a concern raised in our stakeholder report, and called on the Government of Estonia to ‘Undertake a review of the communications surveillance laws, policies and practices with a view to upholding the right to privacy in line with international human rights law’ (123.45), which Estonia has agreed to address in the near future.
Singapore and Namibia
Whilst the right to privacy failed to be a point of discussion during the review of Singapore, and Namibia, Privacy International will continue to monitor the situation moving forward. Singapore has not ratified the International Covenant on Civil and Political Rights (ICCPR), which upholds the right to privacy under Article 17, and we welcome the recommendations made by various Members States for it to do so. However that is not enough, given Singapore is a well-known and established surveillance state, the poor legal framework that regulates the country’s privacy and communications surveillance, and the lack of transparency of its agencies when conducting surveillance, the situation remains highly alarming. Similarly in Namibia, the current legal frameworks regulating communication surveillance fall short of international human rights law and standards with no judicial authorization, blanket data retention, and plans for further expansion of these powers under Electronic Transactions and Cyber Crime Bill. Such practices merit further analysis and discussion.