Rapidly developing technologies are providing new and very powerful means to sort, combine and analyse data. This data exists in a networked environment, thus personal information can be collected and processed on any computer on the Net and is, at least in theory, accessible by every computer on the Net. The development of the Internet has made it possible to transfer this data "around the globe at the click of a mouse". Fresh business models such as "cloud computing", the newest "driver to illustrate the speed and breadth of the environment", allow this data to be processed across national borders on a routine basis.
Individuals and companies are "increasingly immersed in social networking, search technologies, online commerce and many other activities in which information about an individual is sent worldwide from one point to another". These activities became more and more borderless, because the Internet, as an open window to the world, blurs the lines between public and private space, firstly since globalisation and the outsourcing of economic actors entrain an ever growing exchange of personal data, additionally because of the security pressure in the name of the legitimate fight against terrorism opens the access to a significant number of data to an increasing number of public authorities and finally this is due the tools of the digital society accompany everyone at each stage of life by leaving permanently individual and borderless traces in both space and time.
Therefore, calls of both the public and private sectors for an international legal framework for privacy and data protection have become louder. Privacy Commissioners appealed to the United Nations "to prepare a binding legal instrument which clearly sets out in detail the rights to data protection and privacy as enforceable human right". This appeal was repeated in 2008 at the 30th International Conference held in Strasbourg , and at the 31th conference 2009 in Madrid through the draft of a global legal instrument on Data Protection with a view to submitting it to the United Nations. But also companies such as Google and Facebook have come under continuous pressure from governments and citizens to reform data use of data.
Could these calls possibly be best achieved by an international framework for Data Protection, rather than a collection of national or regional approaches?
Table of Contents
A. Introduction
B. The future of global privacy law
I. The scope of „privacy” and “data protection”
II. The need of global harmonisation
1. The need of free flows of data
2. Higher risks and threats
3. Territorial jurisdiction and the internet
4. Recent transatlantic data conflicts
a) Passenger name records (PNR)
b) Society for worldwide interbank financial telecommunication (SWIFT)
c) United Bank of Switzerland (UBS)
5. Conclusion of part II
III. Perspectives
1. U.S. legal framework
2. European legal framework
3. International legal framework
a) United Nations (UN)
b) Organisation for economic cooperation and development (OECD)
c) Asia-pacific economic cooperation (APEC)
4. Extraterritorial application of law
5. Conclusion of part III
IV. Prospects
1. Multilateral conventions
2. Regional conventions
3. Model laws
4. Adequacy and accountability approach
5. Technical standards
6. International guidelines
7. Non-binding policy standards
8. Private-sector instruments
9. Conclusion of part IV
C. Final conclusion
Research Objective & Key Topics
The dissertation investigates whether an international legal framework for privacy and data protection is achievable in the 21st century, or whether regional and national approaches will continue to dominate. It evaluates the obstacles to such a framework, the issues surrounding global harmonisation, and the potential effectiveness of various regulatory models, including multilateral conventions and accountability approaches.
- The divergence between U.S., European, and international approaches to data privacy.
- The impact of technological advancements and globalization on cross-border data flows.
- The challenges of territorial jurisdiction in the context of the internet and surveillance.
- Case studies on transatlantic data conflicts (PNR, SWIFT, UBS).
- Prospects for a unified or harmonized global framework for data protection.
Excerpt from the Book
B. The future of global privacy law
To those outside the DP world it must seem incredible that lawyers are still debating the central issue in DP: what are we trying to protect? In 1890, the American lawyers Samuel Warren and Louis Brandeis described the scope of "privacy" in a famous article: it is "the right to be let alone". In 1967 a new milestone was reached when Alan Westin defined privacy in terms of self determination: "Privacy, now, is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others". The strong relationship between privacy and the development of technology then made it inevitable under the circumstances an of an uprising information society to introduce the term "data protection".
In the following, companies, nongovernmental or governmental organizations and academics tended to mix the two terms "data protection" and "privacy". The "Global Privacy Standard" for example refers as well to "privacy", as to "consent, purpose limitation, and access rights" in their elaborated principles themselves. The latter have traditionally been thought to be key concepts of DP law. Neither the calls for an international framework could avoid mixing both terms: The resolution approved at the 30th International Conference in Strasbourg still refers to "the rights to data protection and privacy".
Summary of Chapters
A. Introduction: Outlines the rapid development of technologies, the borderless nature of digital data, and the growing calls from public and private sectors for an international legal framework.
B. The future of global privacy law: Examines the scope of privacy and data protection, the necessity of global harmonisation due to risks and transatlantic data conflicts, and concludes with the challenges of the current regulatory environment.
III. Perspectives: Analyzes diverse legal frameworks including U.S., European, and international models, and discusses extraterritorial application of law and the limits of current approaches.
IV. Prospects: Explores potential paths for harmonization, evaluating multilateral and regional conventions, model laws, accountability approaches, technical standards, and international guidelines.
C. Final conclusion: Synthesizes the findings, arguing that while a global treaty is difficult to achieve, progress can be made through a mix of steps, including utilizing the Council of Europe Convention 108 and bridging gaps via accountability measures.
Keywords
Data Protection, Privacy, Privacy Law, Global Harmonisation, EU Data Protection Directive, Transatlantic Data Conflicts, PNR, SWIFT, International Legal Framework, Data Flows, Accountability, Adequacy Principle, OECD Privacy Guidelines, APEC Privacy Framework, Human Rights
Frequently Asked Questions
What is the core focus of this dissertation?
The work examines whether global data protection regulation is trending towards an American, European, or truly international model, considering the existing obstacles and potential for legal harmonization.
What are the primary thematic fields addressed?
It covers data protection, privacy rights, legal comparative analysis, international trade, cybersecurity, and the influence of technology on law.
What is the ultimate research question?
The core question is: "Will Privacy Law in the 21st Century be American, European or International?"
Which scientific methodology is employed?
The author conducts a comparative legal analysis, evaluating different regional and international legal frameworks (U.S., EU, OECD, APEC) and assessing their strengths, weaknesses, and potential as global standards.
What topics are discussed in the main body?
The main body details the evolution of data protection definitions, investigates transatlantic data conflicts such as PNR, SWIFT, and UBS, and evaluates various prospects like multilateral conventions and technical standards.
Which keywords best characterize the work?
Key terms include Data Protection, Privacy, International Legal Framework, Harmonisation, Transatlantic Conflicts, and Accountability.
How does the author characterize the US approach to data protection?
The U.S. approach is described as a "patchwork of rules" or "piecemeal model" that relies on sector-specific legislation, market self-regulation, and a distrust of centralized government oversight.
What is the European approach to data protection?
In contrast to the U.S., the European approach treats data protection as a fundamental human right, characterized by comprehensive regulatory frameworks and oversight by data protection authorities.
Why is the "accountability" approach considered significant?
The accountability principle is proposed as a potential solution to the limitations of the "adequacy" system, placing the burden of responsibility on the data exporter and ensuring protection regardless of the destination's legal regime.
What role does the CoE Convention 108 play in the author's outlook?
The author sees the globalization of the Council of Europe Convention 108 as a promising pragmatic path toward establishing a baseline international privacy standard, bypassing the complexity of negotiating a entirely new global treaty.
- Arbeit zitieren
- Philipp E. Fischer (Autor:in), 2010, Will Privacy Law in the 21st Century be American, European or International?, München, GRIN Verlag, https://www.grin.com/document/187981
