Open Government Partnership

Guest blog: Protecting and promoting information rights: a fine balance

July 12, 2019 by No Comments | Category Uncategorized

Why 2018 was the year of awakening, why the Cambridge Analytica story really matters and why we should care that Google controls our history: a guest blog from Suzanne Legault, LLB, BCL, Former Information Commissioner of Canada (2009-2018).

We heard Suzanne speaking and thought she posed significant questions and challenges to the open government community, and the issues for the future that we need to grapple with. We wanted to share this with you all, so many thanks to Suzanne for kindly sharing a copy of her speech with us for publication.

The following is a copy of the speech we heard at the Open Government Global Summit in Ottawa, Canada at the Academy, Carleton University, 27 May 2019.

Protecting and Promoting Information Rights: A Fine Balance

Last Spring, shortly after leaving my position as Information Commissioner, I travelled to Manchester in the UK to meet with the Office of the Information Commissioner to start working on a new project. They were working then on the Cambridge Analytica investigation. Although they could not share any information about the investigation, enough was in the public domain already to know the widespread impact of this case. This case was going to change the information rights landscape. It was the turning point we were all waiting for. The time when everyone – not just the regulators or the experts – but as we say in French – “Monsieur et Madame tout le monde”, the every day Joe and Josephine next door, would realize the significance of the digital revolution and its profound transformational reality for everyone. It would bring information rights issues into the mainstream. And when it did, politicians and industry woke up!

2018 was the Year of the Awakening.

I don’t know if you are familiar with the book by the famous Dr. Oliver Sacks entitled “Awakenings”. It depicts the true story of a group of patients who contracted sleeping-sickness during the great epidemic just after World War 1. These patients were frozen in a decades-long sleep and they were given up as hopeless until 1969, when Dr. Sacks gave them the then new drug L-Dopa, which had an explosive, awakening effect.

Cambridge Analytica was the L-DOPA the world needed to wake up. Impending elections in various countries, including Canada, and the recent tragic events in New Zealand have cemented the notion that the digital world needs to be reigned in.

Cambridge Analytica was the L-DOPA the world needed to wake up. Impending elections in various countries, including Canada, and the recent tragic events in New Zealand have cemented the notion that the digital world needs to be reigned in.

The question is how?

The recently published Christchurch Call is a good example of recent reactions and commitments made by both Governments and Big Tech companies.

This past week the Canadian Federal Government also published its Digital Charter.

Tomorrow the Standing Committee on Access to Information, Privacy and Ethics is holding the second part of hearings studying the breach of personal information involving Cambridge Analytica and Facebook. It has indeed summoned Facebook’s CEO to appear. We shall see if he does.
Meanwhile, Facebook announced in January the launch of a process to create an independent oversight board to review some of the company’s decisions about what user speech to leave up or remove according to the terms of service rules, the so-called “content moderation” rules.

Apple CEO Tim Cook was the first tech CEO to serve as keynote at the last international meeting of Privacy and Data Commissioners. In that speech he acknowledged that “our own information, from the everyday to the deeply personal, is being weaponized against us with military efficiency.” “These scraps of data …each one harmless enough on its own …are carefully assembled, synthesized, traded and sold. …We shouldn’t sugar coat the consequences. This is surveillance. And these stockpiles of personal data serve only to enrich the companies that collect them.”

Pretty strong words.

Tim Berners Lee, the inventor of the web, is developing a contract for the web in an effort to save his invention.

The Federal Trade Commission in the US is looking at anti-trust rules to possibly dismantle data-opolies. And of course, the European General Data Protection Regulation is quickly imposing its framework worldwide, including the Right to Be Forgotten rules.

In Montreal, where I live, the Artificial Intelligence Leader Yoshua Bengio has led the initiative for The Montreal Declaration to ensure that AI is developed in accordance with a set of ethical guidelines.
There are even more initiatives being developed worldwide. It is hard to keep track of all of them. These various instruments contain some very positive initiatives, some strong commitments and some very useful recommendations.

For example: There are recommendations to increase the powers of data protection authorities, to promote algorithmic transparency, to add auditing powers for algorythms and to increase digital literacy.

All of these recommendations are positive and I am glad to see that politicians, Big Tech and regulators are taking this challenge on.

So why, may you wonder, am I discussing these privacy and data protection issues in the context of Open Government and the OGP? Why would I be concerned about all this seemingly positive activity to reign in the data surveillance economy?

I am in fact, deeply concerned, and for various reasons.

  • First and foremost, I am concerned about many initiatives’ potential negative impact on freedom of expression, freedom of the press, freedom of information, and what I call the “Right to Remember”.
    Google alone has deindexed hundreds of thousands of links to information. This is akin to throwing away your library indexing cards and asking people to find the information on their own in the entire library.
  • Second, I am concerned about the fact that these decisions on deindexing are being made by private companies. They are the decision makers on weighing the privacy interest against the public interest.
  • Third, I am concerned that many of the recommendations continue to emphasize mostly self governance on the part of the Big Tech companies.
  • Fourth, I am concerned that the recommendations are developed mostly in the Global North and may be European centric rather than representing a truly Global perspective. They are also mostly developed without proper insights from civil society which may help give a voice to the marginalized groups. The groups that still remain mostly outside of the digitally connected world.
  • And Fifth, I am concerned that these recommendations may be based in a consent framework that may no longer be realistic.

In short, I share the view of Michelle Bachelet, the United Nations High Commissioner for Human Rights, that there seems to be a knee jerk reaction without a comprehensive approach to the issues we are facing. This may have negative consequences for our fundamental information rights, for innovation and for realising the true potential of digital technology.

So what should be done?

From my perspective, it seems that we need something like a comprehensive Rule of Law framework but adapted to the digital economy.

This Rule of Law for the Digital Economy would encompass the following elements:

  1. The recognition of the protection of personal information and of freedom of information as fundamental human rights. Although these rights are recognized as such in many countries, they are not in many others.
  2. A full spectrum regulatory framework including compliance and education, monitoring, enforcement and adequate penalties. This would include funds for digital literacy, increasing accessibility to the internet, adequate powers for the regulators, adequate and commensurate penalties (both criminal and civil), and the ability to enforce rules across jurisdictions. This last point may require international bodies to be created or the mandate of existing ones to be expanded. Recognizing criminal behaviour when it occurs and treating it as such.
  3. Recognizing that the time for self regulation is over.
  4. Developing a sound and enforceable ethical framework based on human rights principles.
  5. Revisiting the consent framework. Currently the emphasis has been on simplifying the consent mechanisms, but given the concentration of power in a few players and the ubiquity of use of the various platforms, we are not entering into consensual contract but something more akin to an unconscionable contract.

As Tim Cook stated in his keynote speech: “Technology is capable of doing great things. But it does not want to do great things. It doesn’t want anything. That part takes all of us…We must act to ensure that technology is designed and developed to serve human kind, and not the other way around.”

The time is ripe for this conversation to occur at all levels of governments with all stakeholders. In this respect, academics will continue to play a tremendously important role in ensuring that we get the balance right to protect both our rights to privacy and our right to information.

With thanks again to Suzanne Legault, LLB, BCL, Former Information Commissioner of Canada (2009-2018) for sharing her speech and allowing us to publish it. We hope you found this interesting to read, and to think about what role the open government community could play in tackling these challenges for our future.

You can read more about the Open government global summit here in our short ’10 things we learnt’ blog 


Leave a comment

By submitting a comment, you understand it may be published on this public website. Please read our privacy policy to see how the Scottish Government handles your information.

Your email address will not be published. Required fields are marked *