Global Privacy Ethics Subject to Cultural Differences

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jeremy Hainsworth

April 1 — Varying cultural attitudes toward privacy protections could hamper the development of a single, unified code of privacy ethics, international analysts say.

The cultural differences can be seen in the different outlooks on privacy between nations. For example, in Europe “the right to be forgotten” has been a focal point of regulations and court battles, Hiroshi Miyashita, associate professor of the Faculty of Policy Studies at Tokyo's Chuo University and the first privacy officer for international relations in the Cabinet Office of Japan, told Bloomberg BNA. However, in the U.S., the right of privacy can be eroded simply because you are a public figure, he said. In Asia, the right of privacy takes a back seat to strengthening community through trust and accountability, he added.

The result is a dichotomy between nations, he said. Europe and North America prefer hard law sanctions through regulation and Asia prefer to approach privacy and data security through soft laws where transgressors make public apologies for breaches in order to regain public trust, Miyashita said.

“Yes, we can create an ethical framework,” he said, “but it is difficult to create a hard power framework.” Simply put, Asians prefer the carrot while Europeans and North Americans prefer the stick, Miyashita said.

“Their approach is always reactive not proactive,” he said.

It's a perplexing issue in the age of big data and omnipresent social media where the right to privacy is impacted by how information is collected and processed.

It's not just a definition of privacy that is needed but rather an ethical code around which privacy rights can be secured, international analysts said. However, it's a complex area that's not been well explored, they said.

The issue goes beyond just privacy and delves into the heart of human rights in an expanding era of digital information, the Internet of things and big data, analysts told Bloomberg BNA .

Privacy commissioners, the United Nations, global privacy regulators and the European Union have acknowledged differing cultural attitudes. However, these differences will definitely play a role in how a set of standards.

“Mostly, it's a barrier between the U.S. and the rest of the world because the concept of free expression is so pervasive,” Information Accountability Foundation Executive Director Martin Abrams said.

EU Ethics Advisory Group

“We really want to open a new chapter on data protection where we focus more on requirements and less on safeguards,” European Data Protection Supervisor Giovanni Buttarelli told Bloomberg BNA.

“Human dignity is inviolable. It must be respected and protected,” he said.

An Ethics Advisory Group had been implemented to “enable the realization of the benefits of technology for society and the economy in ways that reinforce the rights and freedoms of individuals,” Buttarelli said in a recent statement.

That group wrapped up its first meeting March 21, Buttarelli said, and cultural differences were part of the issues discussed.

Under EU law , personal data are defined as any information relating to an identified or identifiable natural person—including culture.

And, it's where data is used to be predictive of behavior that the waters become murky.

“Profiles used to predict people's behavior risk stigmatization, reinforcing existing stereotypes, social and cultural segregation and exclusion, with such ‘collective intelligence’ subverting individual choice and equal opportunities. Such ‘filter bubbles' or ‘personal echo-chambers' could end up stifling the very creativity, innovation and freedoms of expression and association which have enabled digital technologies to flourish,” the opinion said.

Buttarelli told Bloomberg BNA that, in arriving at ethical principles coupled with cultural concerns, it's not just lawyers who should be involved. Society as a whole needs to be engaged, perhaps anthropologists, he said. But that approach can be a double-edged sword, he said.

“We don't want to discriminate against people or slow down information,” Buttarelli said.

And, for that to happen ethically, he said, it's important to realize that what may be appropriate in Europe may not be so elsewhere.

“We should collect the best of everyone's experiences and try and see how this can be workable for others as well,” Buttarelli said. “For sure, I think the globalization is not only on technology but also on values,” he said.

Asian Culture

Miyashita said in Asia-Pacific Economic Cooperation privacy is debated in the context of e-commerce.

“Dignity is their value which is very unfamiliar for us Japanese,” Miyashita said. “Public trust, cultural values, social values are more important.”

But, there has been little progress on finding common ground, he said. “I think this is because cultural differences matter,” he said.

It's here that the Trans Pacific Partnership hits the cultural wall, Miyashita said. Article 14 specifies actions related to data transfer and processing that the parties may not take.

He said Asian nations want far greater control over globally transmitted data that the U.S. does. “Most of these Asian countries hate” Article 14, he said. “They want information to be protected adequately.”

Japan uses the trustmark system, a self-regulating framework whereby companies processing data are certified, Miyashita said. The Asian approach to privacy is about accountability and transparency, not regulation, he added.

Abrams said the community approach to privacy goes even further in Chinese culture. “The interest of the state almost always trumps the interests of the individual,” he said.

North American Views

World Privacy Forum Executive Director Pam Dixon said cultural differences cannot be undermined and said work needs to be done to find ethical principles that transcend cultural values.

“I don't think it would be impossible to come up with a global set of ethical principles,” she said. “I think the time is now.”

British Columbia privacy commissioner Elizabeth Denham, soon to be the U.K. privacy commissioner pending parliamentary approval , told Bloomberg BNA that cultural issues extend to a country's legal cultures.

Comparing and contrasting differing sovereign's legal frameworks can be a positive approach when finding an ethical privacy standard.

International Venue

Like other analysts, Buttarelli agrees the United Nations should be looked at as a venue to develop a global ethical framework.

He noted the significance of the July 2015 appointment by the U.N. Human Rights Council of Prof. Joseph Cannataci of Malta as the first-ever Special Rapporteur on the right to privacy.

The special rapporteur is mandated by Human Rights Council Resolution 28/16 among other things, to:

  • gather relevant information on trans-national frameworks and national practices and experience;
  • study trends and challenges regarding the right to privacy and to make recommendations to ensure its promotion and protection;
  • seek, receive and respond to information, while avoiding duplication, from states, the U.N. and its agencies, programmes and funds, regional human rights mechanisms, national human rights institutions, civil society organizations and the private sector; and
  • identify possible obstacles to the promotion and protection of the right to privacy, to identify, exchange and promote principles and best practices at the national, regional and international levels, and to submit proposals and recommendations to the Human Rights Council.
  •  

    Miyashita said the U.N. had done little on data protection until the Edward Snowden revelations about the scope of the U.S. National Security Agency's surveillance program .

    The issue is currently being actively pursued at meetings of global privacy commissioners, with this year's being held in Morocco in October, he said.

    “This is a great chance to raise all the specifics of cultural gaps,” Miyashita said.

    Global Standard

    In November 2009, International data protection authorities in Madrid released non-binding global privacy standards known as the Madrid Resolution .

    The 36-page global standards—non-binding and without established enforcement deadlines—were divided into 25 sections aimed at defining principles and rights guaranteeing the uniform international protection of personal data privacy and facilitating international flows of data.

    The “basic principles” listed and explained in Part II of the approved document include lawfulness and fairness, specification, proportionality, data quality, openness and accountability. Likewise, the document recognizes basic user rights to access, rectify, delete, and object to their data.

    Miyashita said nothing has happened on the issue since.

    To contact the reporter on this story: Jeremy Hainsworth in Vancouver at correspondents@bna.com

    To contact the editor responsible for this story: Daniel R. Stoller at dstoller@bna.com