Building a Global Privacy Movement
Updated on 22 July 2022
What is the problem
In the 1990s privacy was often maligned as a ‘rich Westerner’s right’. We were told often that non-Westerners didn’t need privacy and had different cultural attitudes and would greet surveillance policies and technologies — often exported from the West.
Global civil society was composed mostly of a few individuals with no resources but great passion. The larger and more established NGOs, such as consumer and human rights organisations were less interested in ‘digital’ and ‘technology’ issues.
Yet the expansion of surveillance continued exponentially outside of the ‘West’, unconstrained by domestic scrutiny.
Why it is important
Global problems require joint action as well as deep contextual knowledge.
This is why, since its inception in the '90s, PI has worked intensively with other civil society organisations, providing technical expertise on privacy and data protection and in campaigning. Organisations working on these issues were poorly resourced with most actors emerging from ‘data, digital rights, and tech’: these were small, individual-led organisations who had to come together in common cause. There were also more traditional human rights organisations turning their attention to our issues, who needed guidance on navigating them.
What we did
Our earliest work was in the Asia-Pacific region as we worked on pushing back against identity systems that were being deployed in Australia, the Philippines, and Thailand. We worked with local advocates and media to build resistance and engage policy-makers, while exposing the companies who were promoting these systems.
From the late 1990s we conducted research across the world on the state of privacy and surveillance. We conducted global surveys of encryption policy, data protection law, and communications surveillance — often in concert with the Electronic Privacy Information Center in the US.
By the early 2000s, along with Bits of Freedom in the Netherlands we decided to start a pan-European NGO, European Digital Rights, to help support the existing and emerging groups from across Europe.
From 2008 onwards we looked towards Asia again. Starting with 9 countries, we found national experts and NGOs, many of whom were only starting to be interested in privacy, and by 2010 we were able to fund and support research in the region. In 2012 we expanded our network of partner organisations, and the funding we could make available to them, to countries in Latin America and Eastern and Southern Africa. By 2014 we expanded our work supporting projects with a wide variety of focus areas: advocacy on communications surveillance, research on data-intensive systems, and cybersecurity.
As we matured and learned from this body of work with partners, we began to develop a meaningful theory of change. We progressively built relationships, which eventually evolved into a Network of partners. We learned from each other’s experiences and tactics, we shared, and when opportunities emerged, we also co-developed work. Our work with partners, which included sharing methodologies and research techniques, has been essential to produce primary research and to document the lived realities of those interacting with these technologies and systems.
What we achieved
Partner organisations from our Network are now national and global leaders as researchers and advocates.
From digital ID to migration management and social protection, our work with partners, which included sharing methodologies and research techniques, has been essential to produce primary research and to document the lived realities of those interacting with these technologies and systems. Their research is being disseminated to key stakeholders in their countries to increase awareness and inform policy-making. Their advocacy is reaching policy-makers domestically and globally to inform the direction of innovation and law. They have mobilised and brought together civil society organisations to work collectively.
PI worked and continues to work closely with partners in these legislative processes through sharing expertise and knowledge and by undertaking legal analysis of proposed bills, including in Argentina, Kenya, India, Pakistan, Uganda. In countries where laws are still in the process of development, our partners continue to be instrumental and are being called upon to give expertise and support the drafting process.
Partner organisations have also informed policy development by actively engaging with relevant advocacy and policy targets, such as ministries, governmental bodies and regulators to increase their understanding and awareness regarding key issues related to data intensive technologies and systems, and the safeguards needed to protect people and their rights.
Over the years we have seen how the work we have been doing with partners has expanded to benefit a wider net of diverse stakeholders in their respective countries, including human rights defenders, migrants, welfare recipients, communities of people living with HIV.
What we learned
Privacy has become all the more essential in the age of data exploitation. The way data and technology are now deployed means that our privacy is under increased threat and on a scale that we couldn’t have imagined 20 years ago, outside of science fiction – the ways in which we can be tracked and identified have exploded, alongside the types and scale of information available about us.
Our work with partners is strategic and interdependent. Partners are a source of independent expertise. Their leadership on many topics has informed our own.
Genuinely working with people across the planet in diverse circumstances requires intense focus on their needs and in-depth cooperation.
The risks arising from this work are immense, and the resources are far too limited. Every day our partners and PI face challenges in continuing this essential work, particularly as the stakes go up.
We encountered various risks along the way. Governments have placed immense pressure on our partners. Partner organisations have fallen short of having the right processes and policies in place. We had to learn how to identify and respond to risk. And we had to learn to let our partners identify the top issues in their countries and their risk appetites, rather than only prescribe what we were comfortable with.
To address this challenge PI developed a complex approach for risk assessment and management leading to better protection of partners organisations.
What we are going to do
Today our Network includes 28 organisations from 22 countries across Africa, Asia, Latin America and Europe.
We envision that our Network of partners could become a platform for global advocacy and campaigning as well as a way to grow together and support each other, and to build an active and sustainable global movement of Civil Society Organisations across the world capable to effectively challenge key privacy risks and involved actors.
We continue to find new organisations who wish to increase their understanding of privacy and identify opportunities for shared research and advocacy projects. And we continue to fund, support, and build the capacity of our partners. We are also looking to new regions where the stakes are higher, but so are the risks.