[Air-L] Data privacy via the WTO?
Livingstone,S
S.Livingstone at lse.ac.uk
Sat Aug 25 12:02:07 PDT 2018
Thanks for this discussion
This is interesting:
Article 8 – Additional safeguards for the data subject
Any person shall be enabled:
ato establish the existence of an automated personal data file, its main purposes, as well as the identity and habitual residence or principal place of business of the controller of the file;
How do we imagine users can figure out which data brokers and harvesters have their personal data and will the data protection authority really help them if they don’t know where to start looking?
Best, Sonia
From: "air-l-bounces at listserv.aoir.org<mailto:air-l-bounces at listserv.aoir.org>" <air-l-bounces at listserv.aoir.org<mailto:air-l-bounces at listserv.aoir.org>> on behalf of Ansgar Koene <Ansgar.Koene at nottingham.ac.uk<mailto:Ansgar.Koene at nottingham.ac.uk>>
Date: Saturday, 25 August 2018 at 13:43
To: Aram Sinnreich <aram at american.edu<mailto:aram at american.edu>>, "air-l at listserv.aoir.org<mailto:air-l at listserv.aoir.org>" <air-l at listserv.aoir.org<mailto:air-l at listserv.aoir.org>>
Subject: Re: [Air-L] Data privacy via the WTO?
Dear Aram,
I read your policy brief with interest and I think most people will be able to agree with your analysis that an international approach to data privacy is necessary. I do however have my concerns regarding the WTO as appropriate body for administering this.
As its name suggests, the WTO is tasked with dealing with questions regarding trade. Assigning data privacy as being mandated by WTO pre-supposes a trade based interpretation of data privacy akin to discussions around ownership of personal data or "data as the new oil" etc. When contrasting the US and EU approaches to data privacy, personal data as a trade good is considered as a US perspective. The EU approach at the basis of the GDPR is to consider data privacy from a human rights perspective. This distinction has a lot of consequences, one of which would be a discomfort with having the WTO as administrating organization for international privacy regulation.
Connected to this are concerns that trade negotiations, including those at the WTO, are considered to be lacking in transparency.
When considering international efforts to establish common minimum requirements around data privacy it would be important to also consider the efforts of the Council of Europe, which recently updated Convention 108 (Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/108).
Karolina Mojzesowicz from the European Commission stated that “Convention [108] was the source, the mother of the European EU data protection rules” and that it “was and will remain the key compass in the European and global privacy legal landscape”
Out of the 110 countries in the world with data protection laws (in June 2016) nearly half are already members of Convention 108.
Note that the Council of Europe [https://www.coe.int/en/web/portal/home/] has 47 member states, including the 28 EU states bus also Russian Federation, Turkey and others.
As of October 1st 2018 Convention 108 will be in force not only in the 47 countries of the Council of Europe but also in Cabo Verde, Mauritius, Mexico, Senegal, Tunisia and Uruguay.
Best wishes,
Ansgar
Dr. Ansgar Koene
Senior Research Fellow: UnBias, CaSMa & Horizon Policy Impact
Horizon Digital Economy Research Institute
University of Nottingham
Working group chair for IEEE Standard on Algorithm Bias Considerations
http://unbias.wp.horizon.ac.uk/
http://casma.wp.horizon.ac.uk/
http://www.horizon.ac.uk/
https://standards.ieee.org/develop/project/7003.html
https://sites.google.com/site/arkoene/
________________________________
From: Air-L <air-l-bounces at listserv.aoir.org<mailto:air-l-bounces at listserv.aoir.org>> on behalf of Aram Sinnreich <aram at american.edu<mailto:aram at american.edu>>
Sent: Friday, August 24, 2018 8:39:15 PM
To: air-l at listserv.aoir.org<mailto:air-l at listserv.aoir.org>
Subject: [Air-L] Data privacy via the WTO?
Fellow AoIRers,
Last week, I published this short policy brief arguing that post-GDPR, data privacy should be administered via an international treaty organization, specifically the WTO.
This is a very preliminary sketch, but I’d be curious to hear feedback from other people interested in data privacy regulation before I build on it. Let me know your thoughts!
http://cmsimpact.org/data-security/policy-briefing-note-an-international-approach-to-data-privacy/
Thanks!
—
Aram Sinnreich (http://aram.sinnreich.com)
Associate Professor
Chair, Communication Studies
American University (http://www.american.edu/soc/)
School of Communication (http://www.american.edu/soc/)
Author (http://j.mp/sinnreich) | Musician (https://dubistry.bandcamp.com/)
_______________________________________________
The Air-L at listserv.aoir.org<mailto:Air-L at listserv.aoir.org> mailing list
is provided by the Association of Internet Researchers http://aoir.org
Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers:
http://www.aoir.org/
This message and any attachment are intended solely for the addressee
and may contain confidential information. If you have received this
message in error, please contact the sender and delete the email and
attachment.
Any views or opinions expressed by the author of this email do not
necessarily reflect the views of the University of Nottingham. Email
communications with the University of Nottingham may be monitored
where permitted by law.
_______________________________________________
The Air-L at listserv.aoir.org<mailto:Air-L at listserv.aoir.org> mailing list
is provided by the Association of Internet Researchers http://aoir.org
Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers:
http://www.aoir.org/
More information about the Air-L
mailing list