The Global Governance of Privacy Actors Mechanisms and
The Global Governance of Privacy Actors, Mechanisms, and Perspectives Ralf Bendrath University of Bremen European Digital Rights (EDRI) WSIS Privacy & Security Working Group
European Digital Rights
Global Governance of Privacy l What is “global governance”? l “governance without government” l regulation without enforcement? l legitimacy / democracy?
Global actors: more than ever l international organizations l l supranational organizations l l l users and developers of ICTs CSR / Global Compact transnational NGOs l l EU global corporations l l Co. E, OECD, APEC, … EDRI, TACD, BBA, … technical bodies l IETF, IEEE, ICANN, …
What is ”enforcement”? Ideal types of political regulation: Hierarchical (State) l Decentralized (Market) l Horizontal (Committee) l hybrid forms emerging
Hierarchical Enforcement state l central control (one sovereign, one DPA) l sanctions l l l oversight, registration, notification blocking orders fines, criminal charges seizure of equipment based on public law l judicial review, democratic decisions national level l globalization as major challenge l
Decentralized Enforcement l l market no sovereign (invisible hand) l l l no coordinated sanctions based on private law l l l l WTO? exception for privacy different types of contracts sanctions difficult global law firms as arbitrators still “in the shadow of the law” global monopolies and market failure as challenge consumer influence?
Horizontal Coordination l committee l l l no sovereign, but visible hands enforcement through l l l diverse forms of public-private weight judicial review? often seen as non-political l public opinion standards: technical, contracts, management, … network effects sanctions through market global (regional global) public-private l l l ISO, ITU, OECD, Art. 29 WP, IETF, IEEE, … “just technical”? “just legal”? Inclusiveness as challenge
Hybrid Forms I public certification of private mechanisms l Audits, Binding Corporate Rules l Model contracts l Standards (Canada) l Web Seals? l Safe Harbor l under law even without DP laws l “unfair and deceptive trade practives”
Hybrid Forms II Private enforcement of public laws l regulation through code not as “user empowerment” l mainstreaming privacy into infrastructure design l l global l corporations BCR / Codes of Conduct also apply where there is no law
Hybrid Forms III “Competition” among states l benchmarking (OECD/PISA) l Open Method of Coordination (EU) l efficiency of DPAs
Problems of Global Governance l Transparency? l Accountability? l Expert domain global privacy jet-set l DPAs, CPOs, few NGOs l companies: “elephants and mice” l
Perspectives for Global Governance l more transparency l more inclusiveness l cf. UN Reform / Kofi Annan l “real” l expert deliberations “non-coercive power of the better argument” l Accountability? Who is sovereign? l The people! l
We, the People? l responsive to citizens l cooperation with user organizations l consumer organizations l public interest organizations l l community l Wikipedia for Privacy? l the l / social software public sphere conflicts are needed and important
A conflict perspective on privacy is no big issue of international conflict anymore l global attention cycles for privacy l 1960 s-1970 s: national laws l 1970 s-1980 s: OECD / Co. E l 1990 s: EU Directive l 2000: fundamental ceasefire with Safe Harbor l l no harmonization, but interface solution
A New Grand Debate? l Global WSIS: Internet Governance & Privacy l APEC vs. EU? l l Transatlantic l PNR / Safe Harbor? l Europe l Data Retention
New “Rainbow Coalitions” l l l NGOs in international politics l EDRI, EPIC, PI, NCC, TACD, … European Parliament (and others? ) DP authorities, of course some companies friendly journalists different roles, but same goal l information, cooperation and strategizing l
- Slides: 17