1 cost of privacy prof. lucas bergkamp center for information policy leadership@ hunton &...
TRANSCRIPT
1 www.hunton.com
Cost of PrivacyProf. Lucas Bergkamp
Center for Information Policy Leadership@Hunton & Williams
Erasmus University Rotterdam
ERIM/PRIME Privacy for Business WorkshopThe Airlines Sector
Rotterdam, 17 December 2004
2 www.hunton.com
Roadmap • Regulatory Models for Privacy (data protection)
• Key Elements and Foundations of EU Data Protection Law
• Adverse Effects, Paradoxes, Costs
• Data and Security (Passenger Data)
3 www.hunton.com
Part I
Regulatory Models
for Privacy
4 www.hunton.com
Public and Private Privacy Law
Public Law• tends to be ex ante• government-citizen• no or limited individual
tailoring; "goverment knows best"
• enforceable irrespective of individual interest or harm
• criminal or administrative sanctions
Private Law• chiefly ex post• citizen-citizen• individual tailoring
possible; "individual knows best"
• enforceable if individual interest is affected
• injunction (in some instances) or damages
Why is data protection law public law, rather than private law?
If harm to privacy is subjective, private law would be preferable
5 www.hunton.com
Privacy Regulatory Models
• Government control over data flows and uses– current EU model– rules can always be enforced– high level of protection, inflexible, expensive
• Property right in personal data– enforcement only at request of affected
individual– transfer by consent, and under agreed
conditions (e.g. as to use)– medium level of protection, flexible,
expensive (due to consents)
6 www.hunton.com
Privacy Regulatory Models
• No personal property right in data– anyone may collect and use data for any
purpose– individual may refuse or provide data under
conditions– low level of protection, flexible, inexpensive
• What is the right mix of regulatory models?– expensive government control model only if
justified by high objective risk– property right model only where no-property
right is inappropriate– no personal property right is default
model
7 www.hunton.com
Privacy from Economic Perspective
• Production model is capatalist system• Regulated market economy• Regulation, i.e. government intervention, is
justified in two situations:– to impose external cost on responsible
person– to provide "public goods" (non-rivalry, non-
excludability)• Lack of of data protection does not result in
external cost• Is privacy a public good?
– there is both rivalry and excludability How can privacy regulation be justified?
8 www.hunton.com
Privacy Demand and Need for Protection in Information Society
0€
1
3
2
90
80
70
60
50
40
30
20
10
P
Demand for privacy as function of wealthNeed for protection as function of wealthLevel of privacy imposed by law
Three observations:
Privacy law delivers where there is no privacy demand (1)
Privacy law delivers where there is no need for protection (2)
Privacy law delivers where there is neither (3)
10 20 30 40 50 60 70 80 90
9 www.hunton.com
Part II
Key Elements and
Foundations of EU
Data Protection
Law
10 www.hunton.com
EU Data Protection Law
• Directive 95/46 on the protection of individuals with regard to processing of personal data
• Directive [___] concerning the processing of personal data and the protection of privacy in the electronic communications sector
• E-Commerce Directive
– refers to Data Protection Directive
• Miscellaneous other instruments
11 www.hunton.com
Key Provisions of EU Data Protection Law
• General prohibition on collection and processing of personal data
– subject to limited exceptions– burden of proof is on data
controller• Where permitted, data processing is
restricted (necessary, fair, purpose limitation, etc.)
• Special regime for sensitive data• Transfers to non-EU jurisdictions are
subject to specific transfer regimes
12 www.hunton.com
Key Provisions of EU Data Protection Law
• Rights of data subjects and corresponding obligations of data controllers (notice, choice, access, rectification, etc.)
• Procedural obligations (notification to government agencies)
• Covers all sectors of industry and commerce
• Applies to personal data broadly defined to include customer and employee data including coded data
13 www.hunton.com
Trends in EU Privacy Law
• Technology convergence forces change of law
– broader, comprehensive regimes
– technology-neutral law• Harmonization of law
– move towards « opt-in only » approach
14 www.hunton.com
EU Data Protection Policy’s Human Right Foundations
• Privacy is fundamental right• 1950 European Convention of Human Rights,
Article 8: right to respect for family life, home, correspondence, and private life
• European Court of Human Rights (ECHR) interpreted right to private life extensively
• Right to private life has been accorded « Drittwirkung » or horizontal effect
15 www.hunton.com
EU Data Protection Policy’s Human Right Foundations
• In Niemitz v. Germany, the ECHR held that right to private life applies also to professional and business life
• Right to private life imposes both negative (e.g. not to collect « unnecessary » data) and positive obligations (e.g. to provide resources for exercise of right)
• Employee right to privacy implies right to reasonable use of employer’s resources for personal purposes
16 www.hunton.com
Implications of Human Right Foundations
• Privacy is priceless– cost of privacy is irrelevant
• Privacy is inalienable– customers and employees have unequal
bargaining position – need to be protected against potential
abuse and may not waive rights
17 www.hunton.com
EU Data Protection Policy’s Human Right Foundations
• Governmental discretion– social justice in privacy administration
requires government interpretation in many cases
– ad-hoc decision-making: « government knows privacy violation when it sees one »
– social justice over legal certainty
18 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
• Information use– business wants data to increase profits– poses risk to consumer
• Nature of Business– profit-motive will cause corporations to
disregard privacy– consumers are victims of business
practices
19 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
• Data protection offers “high level of protection” against « risks » and « harms »
– but what are the risks and harms?– EU did not identify any risks or harms– Known harms have been caused by
state (e.g. Stasi-files)– Citizens Against Government Waste
found that private sector does better job than public sector in protecting data
20 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
• Typical examples of harms caused by companies involve
– trivial harms (e.g. receiving a brochure against one’s wish) or
– hypothetical harms (e.g. supermarket sends data about someone’s food purchases to health insurer so that premium can be adjusted in function of health risk)
• Different in government context
21 www.hunton.com
Eu Data Protection Policy’s Underlying Assumptions
Data Protection Promotes Autonomy• Right to define oneself (German Supreme
Court’s concept of informational self-determination)
• « Face we want to present to the world »– but this right limits other person’s
ability to learn about individual’s less attractive side
22 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
Data Protection Promotes Autonomy• Autonomy requires opt-in• EU does not take seriously risk that people
misrepresent facts and defraud others (« identity theft »)
• Nikon France v. Onos: employer may not search employee’s « personal » files
23 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
Government Abuse of Private Sector Data• because government tends to abuse private sector
data, there should be no data anywhere• does government’s malice justify imposing
restrictions on private sector?• if potential for abuse leads to eliminating valuable
assets (e.g. biotechnology, guns, etc.), society will suffer
• does government failure justify further government intervention?
• is it effective, would privacy law have prevented the Holocaust?
24 www.hunton.com
EU Data Protection Policy’s Underlying Assumptions
Government Abuse of Private Sector Data• ironically, data protection laws provide liberal
exceptions for government use• « war against terrorism » may require more
private sector data
25 www.hunton.com
Part III
Adverse Effects,
Paradoxes, Costs
26 www.hunton.com
Interim Conclusions
• Data Protection Directive was not conceived with e-commerce in mind, and raises numerous problems and legal uncertainty
• Government control and discretionary authority are inconsisent with innovative information society and consumer choice
• Data protection applies even if consumer does not want it, resulting in paternalism
• Privacy protection increases risk of fraud• EC exports its consumer and data protection
regime to the rest of the world, thus reducing availability of e-commerce services and making them more expensive
How could this happen?
27 www.hunton.com
How does Information Society Differ from Old Economy?
• Global market place• Services economy• Reduces transaction cost
– lower information and search cost– lower contracting cost
• Empowers consumers– more offers– quicker– easy comparison– no "undue influence"
• E-traders offer a wide variety of privacy policies
• Technology permits consumer to impose his privacy preferences
28 www.hunton.com
EU Data Protection Policy’s Foundations
• Privacy is fundamental right– privacy is "priceless;" it is about values– privacy is uniform and non-waivable
• Governmental discretion– vague principles require government
interpretation in many cases – ad-hoc decision-making: “government knows
privacy violation when it sees one”– social justice over legal certainty
• Consumer protection– consumer is deemed to have unequal
bargaining position, and to need protection against potential abuse
– paternalism over freedom
29 www.hunton.com
Paradoxes of EU Privacy Policy in Information Society
• Consumer protection (EU) v. consumer empowerment (information society)
• Restricting competition choice (EU) v. enhancing competition (information society)
• Disincentives for innovation (EU) v. incentives for innovation (information society)
• Restricting consumer choice (EU) v. enhancing consumer choice (information society)
• Privacy over-regulation causes de facto “under-regulation” because excessive legal requirements are not enforced
How can we begin to resolve these problems?
30 www.hunton.com
Privacy as a Fundamental Right
• Data protection is deemed justified as fundamental right
– democratic society requires individual right to communicate and participate
– unrestricted data processing undermines communication and participation
– information society and commercialization of personal data increases risk to individuals
• But shouldn't we identify and differentiate between various possible risks?
– what risks does privacy law reduce?• Aren't there better ways to ensure individual right to
communicate and participate?• What about the trader's right to communicate?
31 www.hunton.com
Fundamental Issues
• Market or government?– which meets consumer privacy demands best?
• what does consumer really want?– why is privacy protection not an appropriate
element of competition?• private privacy protection initiatives
• What core of privacy (if any) should be non-waivable?
– public law, government control• What default privacy protection regime do we
need?– private law, variable by contract– if it meets needs of parties, it may be efficient– if it is overly protective, it will increase transaction
cost
32 www.hunton.com
Cost of Privacy
• Direct compliance cost• Indirect cost
– Loss of opportunity– Loss of benefits of free flow
33 www.hunton.com
Conclusions • Opportunity cost of data protection has increased dramatically in information society, while need for protection has decreased
• Government control model and public law result in inflexible and expensive regime with unfavorable cost-benefit ratio
• Rethink government's role– free data flows do not result in external cost, no
market failure– privacy is subjective and should be regulated
primarily by private law– targeted, public law approaches to preventing
significant objective harm– redesign system and recalibrate balance between
pubic and private law
34 www.hunton.com
Part IV
Data and Security
35 www.hunton.com
Data and Security
• Data are likely relevant to security
– what data?– pertaining to whom?– how much?– right data timely provided may
enhance security• Alternatives to data collection?
36 www.hunton.com
Data and Security
• Government v. private sector– no self-limiting mechanism in
government• Government has monopoly over
force– security is dominated by
government– but government needs help
from private sector
37 www.hunton.com
Data and Security
• Conditions for data to be helpful to advancing security
– relevancy and volume of data– government’s ability to “digest”
and act on data• Balance between too much and too
little data• “Shotgun” or targeted collection
38 www.hunton.com
Data and Security
• Targeted collection from groups posing high security risks may make process more efficient and effective
– enhances relevancy– but can high risk individuals avoid
meeting profile?• Targeted collection raises ethical issues
– is it fine to subject a person to this process based on his meeting “profile”?
– what guarantees are there for preventing misuse for other purposes?
39 www.hunton.com
Data and Security
• Fundamental questions– will data collection by
government work?– is targeted collection based
on profiles more effective or efficient and ethical?
• Passenger data– what are guarantees against
government misuse?
40 www.hunton.com
Data and Security
• Cost of Privacy– who would want to maintain
privacy for all if this results in higher security risks?
– too much privacy will be costly
41 www.hunton.com
Data and Security
• Cost of Privacy– how to measure cost of
privacy?• no market value
– how to weigh costs and benefits of privacy against costs and benefits of security?• problem of incommensurability
– surveys• how reliable are they?
42 www.hunton.com
Conclusions • There is cost to privacy protection
• In market setting, cost is self-limiting• Government’s monopoly over
force and absence of self-limiting mechanism are differences that should have consequences
• Privacy versus security debate highlights problems of quantifying cost of privacy