Examination of Witnesses (Questions 74-79)
Professor Graham Greenleaf
28 NOVEMBER 2007
Q74 Chairman: Professor Greenleaf,
good morning and thank you very much indeed for being with us.
Professor Greenleaf: Thank you very much
for the invitation to appear before the Committee.
Q75 Lord Morris of Aberavon: I would
like some comparison of surveillance in different countries. You
have experience in your native Australia and other countries as
well. How does the degree and nature of surveillance in our country
compare with that of other countries? Are we much more restrictive
than others or does it vary?
Professor Greenleaf: It varies. I cannot
purport to be an expert on the details of surveillance in this
country; I have picked up what information I can for comparative
purposes and I will try to make some comments in comparison with,
say, Australia and with Hong Kong which are perhaps the two places
with which I am most familiar. In relation to Australia, I have,
with the assistance of my colleagues, anticipating that the Committee
would like some information about this, prepared some background
information about the nitty-gritty of surveillance practices in
Australia. I would like to hand that to the Committee. I would
like to comment in summary. Australia and the UK could both be
put at the more advanced end on the spectrum of surveillance orientated
societies, but there are a number of differences between the two
and overall I would say that the United Kingdom is probably further
down the track of more intensive surveillance than Australia or
at least going in that direction. I would like to pick up a couple
of different indicia. There seems to be much more CCTV surveillance
in the UK than in Australia. Whether the estimates of 4.2 million
cameras are correct or just in the right ball park I do not know,
but the Australian figures in the documents I have suggest numbers
more in the tens of thousands for the largest capital cities.
So, at most, you are going to be looking at only a fraction of
the UK numbers and they are mainly, from my knowledge, orientated
to transport systems and large crowd locations with some private
sector use in large supermarkets and the like. In relation to
the ID card system that has been proposed or is in the process
of being implemented in the UK, from what I know of it, this vast
aggregation of data with very wide and uncertain purposes in both
the public sector and the private sector goes far beyond any other
systems with which I am familiar and seems to almost constitute
the surveillance society in itself. You may be aware that the
Australian Government were proposing to introduce what they call
an access card for health and welfare benefits of which I have
been a critic for some time. That is now not going to happen due
to the change of Government in Australia in November 2007. So,
on these particular indicia, Australia is going to be in the future
a far less intensive surveillance society than the UK. Other factors
such as the children's database, the NHS patient database with
its very wide accesses and the DNA database, from what I know
of them, the cumulative effect of these is far, far greater in
the UK than the equivalents that do exist to some extent in Australia.
If I may turn to the private sector, I think the big difference
is that there are very few barriers in the UK to data sharing
between different sub-sectors of the private sector, say between
the credit industry, the insurance industry and the direct marketing
industry. In Australia, because of legislation introduced in the
early 1990s, information in the credit reporting sector is in
effect siloed off from the rest of the private sector and that
has made an enormous difference to developments in Australia compared,
say, to the UK or the USA. So, quite a different picture. On the
other hand, there may at the present perhaps be less government
data matching at the moment in the UK than in Australia but, from
what I have seen of recent announcements and committees looking
at this, it seems as though the UK is catching up fast. One of
the areas where there is very intensive surveillance in Australia
is anti-money laundering where vast amounts of data are being
sucked in by our money laundering agency from all sorts of cash
dealers and any organisations involved in finance in the private
sector. I suspect that there is more of that in Australia than
there is here. May I mention something about Hong Kong by way
of comparison as well?
Q76 Chairman: Yes.
Professor Greenleaf: I was a Distinguished
Visiting Professor at the University of Hong Kong for a couple
of years and that is why I have some knowledge about Hong Kong.
I think that it is an interesting comparison, it having been a
UK colony only a decade ago and now part of the People's Republic
of China. Although Hong Kong was one of the first countries to
introduce a multi-functional chip based Smart ID card, in fact
its non-immigration uses are at present quite minor. The main
criticisms that I and others have levelled at it is the potential
for function creep in the future that has been built in. However,
at present, it is not anything remotely like the UK system that
is being developed. Data matching is quite limited in Hong Kong
and must be approved by the Privacy Commissioner. I think that
there is relatively little CCTV surveillance except in a few select
areas of downtown entertainment areas of Hong Kong island, and
not a whole lot more other than that. Transport surveillance is
quite limited compared to what is being used. The Oyster Card
here I gather is quite extensively used for police surveillance
now. The Octopus Card is an anonymous smart card in Hong Kong
and has very limited possible uses for surveillance. Telecommunication
surveillance is also relatively limited. They have a new Interception
Commissioner but the numbers involved are not very large. You
can do things like get anonymous SIM cards for mobile phones by
cash payments. Anonymous mobile phones is quite surprising in
a jurisdiction which is part of the People's Republic of China.
Q77 Lord Woolf: You have already
covered some of the matters that I was going to ask you about
particularly because you have made a comparison between this country
and Australia and then Hong Kong and of course a comparison between
Australia and Hong Kong very briefly in what you have said. Having
done so, do you think that part of the problem here is that our
regulation at the present time is very piecemeal?
Professor Greenleaf: Yes, I do think
that is part of the problem and this is not a problem that is
limited to the UK by any means. Over the last 30 years, we have
had the development at an international level of information privacy
principles but there has been very little systematic development
in the rest of the package, if we can call it that, of privacy
principles, plus principles governing surveillance as such. These
would make distinctions between overt surveillance and covert
surveillance and what are the rules for each and whether there
are different rules for workplace surveillance compared to open
places and the like. Also, there are really no systematic sets
of rules for intrusions of various types. I think that that leads
to a lack of real rules in those latter areas which contributes
to the proliferation of things like CCTV. It also means that neither
Information Commissioners nor the general public nor the Parliament
are able to get an overall grasp of what is the overall surveillance
picture in our society and how these things are knitting together.
We talk about the boiling frog but we do not really have much
idea at what temperature from one year to the next the frog has
reached. Yes, there is piecemeal regulation.
Q78 Lord Woolf: What is the answer
to that? What is the solution you would like to see? Is that in
turn piecemeal or is it one overriding form of protection?
Professor Greenleaf: I do not know that
there is necessarily one answer to that. I think that you could
have a general piece of privacy legislation which contains sets
of principles for these various areas and maybe you could have
one commissioner administering that but, in this country, I understand
that you have commissioners for surveillance and commissioners
for telecommunications interception as well as the Information
Privacy Commissioner, as I will call him. That may still be a
sensible model but it would be good if they were all working to
one principle based set of privacy principles, even though they
may administer parts of them differently. Picking up on the Information
Commissioner's evidence last week, one thing that he did not say
was that it would be good to have an annual "state of surveillance"
report, that simply set out the facts on an annual basis of where
each different type of surveillance had reached over the last
12 months and how they were now interconnected. That would enable
Parliament, Government and everyone else to reach better policy
decisions.
Q79 Lord Woolf: I think that there
is the problem that can arise from what we have connected. We
have had a very recent example of the problems of Revenue and
Customs, one might almost say fiasco, with regard to the loss
of information. Do you think that there are any lessons to be
learned from that?
Professor Greenleaf: Yes, I think that
there are a number of very serious lessons, particularly because
that is what the future is going to comprise, in my view, if things
are not changed. This is not going to be a one-off event. Some
of the lessons that need to be learned are first that I think
there has to be a serious acceptance of only collecting personal
data where it really is necessary for organisations to collect
it and not collecting it on some rainy day principle that it might
come in handy some time in the future. I think that taking minimum
necessary collection seriously has to be the starting point. In
Australia, one additional principle that we have that is not found
in the Directive or elsewhere is called the anonymity principle
which says that organisations must provide services to individuals
on an anonymous basis where it is feasible and lawful to do so.
Our Law Reform Commission is currently proposing that that be
extended to include pseudonimity as well so as to provide an additional
level of protection against unwarranted disclosure of information.
One other essential starting point for this is to get the acceptance
of privacy as a value correctly included in our privacy laws.
For me, what this means is essentially that the onus of justification
of intrusion in any way into a person's privacy has to be on those
who are proposing to do it, whether it be government, private
sector or whatever. Basically, I think that is what is at the
bottom of the German Constitutional Court's "informational
self-determination" decision. They were not making privacy
any sort of absolute right but they were making it very clear
in the German context that every intrusion into privacy had to
be justified up front in terms of alternative social benefits.
Once you get that sort of starting point, I think that you can
be on the right track and I think that that is a constitutional
principle and a good reason for this Committee to be looking at
this issue. That really goes to the relationship between the individual
and the state.
|