[IRP] Charter section on privacy

shaila mistry shailam
Thu Nov 12 21:15:18 EET 2009

I just made some edits on Privacy.
I am also trying to work on 3 and 4 but have difficulty with it .?Only because I am trying to take into account the many well considered? and thoughtful comments that everone has made .?I will continue on it .


From: Max Senges <maxsenges at gmail.com>
To: privacy-coalition <privacy-coalition at lists.apc.org>; irp <Irp at lists.internetrightsandprinciples.org>; Internet Rights Discussion Group <rights at lists.apc.org>
Cc: Jan Schallab?ck <jan.schallaboeck at gmail.com>; Katitza Rodr?guez <katitza at epic.org>
Sent: Thu, November 12, 2009 10:44:09 AM
Subject: [IRP] Charter section on privacy

Hi privacy folks

I have just consolidated the section of the charter on human rights and principles on the internet that deals with privacy.

I copy it below, but I would urge you to edit the g-doc directly

Article 12 - Privacy 
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. 

Personal data must be protected. Private or public organisations or companies, civil society organisations as well as governmental bodies must comply to requirements regarding privacy practices and governance structures and international privacy standards when processing personal data on their networks. 

Collection, use, disclosure and retention of this information must comply with a transparent privacy policy. People should hence be able to access and retrieve their collected personal data. People must be free and able to exercise control and informed decision-making over the personal data and information collected about them and their usage. 

Data collected must be protected from unauthorised disclosure and security errors should be rectified without delay. 

Except agreed otherwise data should be deleted when it is no longer necessary for the purposes for which it was collected, or for legal reasons. 

The public must be warned about the potential for misuse of data supplied. Organisations have a responsibilityto notify people when the information has been abused, lost, or stolen. 

People must be free to communicate without arbitrary surveillance or interception, or the threat of surveillance or interception. This includes the use of technologies such as deep packet inspection and the exercise of control over individuals such as in instances of domestic violence and cyberstalking.

Public or private organisations or companies, including social networks and service providers, which require personal information from individuals should raise awareness andrequest the consent of the individual regarding the content, purposes, storage location, duration and mechanisms for access, retrieval and correction of their personal data. 

Service providers have a responsibility to make clear in which legal jurisdiction(s) the user's data is being hosted, so that the user can make informed decisions. 

Service providers should communicate clearly with users the circumstances under which personal data will be shared with governments and/or with other private entities. 

An individual should have the possibility: a) to obtain from a behavioral tracker, or otherwise, confirmation of whether or not the behavioral tracker has data relating to him; b) to have communicated to him data relating to him within a reasonable time; at a charge, if any, that is not excessive; in a reasonable manner; and in a form that is readily intelligible to him; c) to be given reasons if a request made under subparagraphs (a) and (b) is denied, and to be able to challenge such denial; and d) to challenge data relating to him and, if the challenge is successful, to have the data erased, rectified, completed or amended [Legislative Primer September 2009] 

People must be free to communicate anonymously on the internet, such as through the use of encryption. People communicating on the internet must have the right to use tools which encode messages to ensure secure, private and anonymous communication, in so far as it does not violate the right to privacy of other individuals. 

There must be adequate protection of the law against violation of the right to privacy on the internet, whether perpetrated by an individual, communities or social networks, companies, international organizations or the State. 
?? ??? ??? ?In the information society the right to privacy has to be supported by a guarantee (or principle) of confidentiality ?? ??? ??? ??? ???and integrity of IT-Systems, providing the protection against others accessing IT-Systems without consent. 

Background Information on Article 12 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.internetrightsandprinciples.org/pipermail/irp-internetrightsandprinciples.org/attachments/20091112/03ee766f/attachment.htm>

More information about the IRP mailing list