Surveillance: Citizens and the State - Constitution Committee Contents

Examination of Witnesses (Questions 733-739)

Professor Dawn Oliver and Professor Jörg Fedtke

4 JUNE 2008

  Q733 Chairman: Can I welcome you both to the Committee and thank you very much for coming. We are being recorded but not televised so could I ask you, for the record, to identify yourselves. If you would like to make a short opening statement, please do so; if not, we will go straight to discussion.

Professor Oliver: I am Professor Dawn Oliver. I am Emeritus Professor at the University College London and my speciality is constitutional law. I do not have an opening statement.

  Professor Fedtke: I am Jörg Fedtke. I am Professor of Law at University College London. My speciality is constitutional law in comparative perspectives.

  Q734  Chairman: Perhaps I could start by asking if you think there are any existing constitutional conventions or principles that are threatened by the spread of surveillance and data collection and if you think any limits should be imposed on the state's powers in those sort of areas?

  Professor Oliver: I think it is very difficult to identify existing constitutional conventions or principles. Of course we have the Human Rights Act and we have the Data Protection Act, both of which, I would say, express constitutional principles to do with protection of dignity, autonomy, privacy and so on. It is very difficult to be precise about what limits there should be on the use of data protection in the possession of government. I myself am very concerned about data sharing and the extent to which different government departments or state bodies are entitled to share or transfer information they have in one capacity to another part of government. I also feel there need to be statutory provisions about the extent to which government bodies are entitled to retain and use information that might have been obtained not under statutory powers but just accidentally or because information is around. The basic legal position normally is that the Crown and other non-statutory bodies have the same freedoms as ordinary individuals. That came out of the Malone case which you probably know about. My concern would be that there need to be statutory provisions indicating what can be done with information that has been acquired in those ways.

  Professor Fedtke: Professor Oliver quite rightly emphasised the importance of the Human Rights Act and the right to private and family life. I would perhaps add a comparative slant and say that the right to control your own personal data is, in some countries, regarded as a human right in its own right beyond the general right to privacy. The right to know who knows what about you at a particular point in time is, for instance, identified as a constitutional right by interpretation of the German Constitutional Court in that country. Much of this is actually, as Professor Oliver emphasised, encapsulated in the Data Protection Act and its principles, but that is on a lower level and is an ordinary act rather than a constitutional principle. I would argue that the right to control one's own data in this day and age comes close to a human right. I would also add, as far as constitutional principles are concerned, the right to judicial review. If you look at some statutes dealing with surveillance or data protection, the question arises what is the role of the courts. Personally I would rank that as a constitutional right, a right to have access to a judicial forum to review whatever measures were taken by the executive and that triggers one or two questions. If you look at UK legislation, is the individual who is affected by surveillance informed after the end of a particular measure which in turn allows him possibly to access the courts to raise a case? In many of the statutes in this country that right is not given but in other countries that right is prescribed on each and every occasion. The right of individuals to actually be informed of particular measures is very important. The involvement of the courts in the authorisation of surveillance, in my view, comes close to a constitutional right and has to do with the division of powers between the legislature and the judiciary. I think that other countries may have gone down different avenues, for whatever reasons, in that they require judges to authorise particular instances of surveillance and I would add that to the more general right of privacy and family life which we find in the Human Rights Act. In terms of limitations, and I will try to cut myself short here, again I would stress the importance of very detailed authorisations in statutes. Is there a proper authorisation that sets out in great detail what public authorities may do when it comes to surveillance and data protection? Are there internal safeguards against abuse? I think that is an important element as well. Are there Chinese walls between different government authorities when it comes to the sharing of data? All of these questions relate to the limits of what the state may do in this area. Finally, is there an absolute core of privacy which is absolutely protected from any intrusion or any surveillance? Other systems do recognise that there may be such a core, although again I would stress here that it is very difficult probably to define what that core, in essence, is. These are the limits to what the state should be doing in this area.

  Q735  Lord Lyell of Markyate: That is an extremely interesting list. The distinction between overt and covert seems to me to be very important. There are complaints, for example, that local authorities are using covert powers where really the justification should be overt. A very simple example is dog fouling. I think it is a good thing to stop dog fouling but they should know if there are cameras being used and there should be signs saying so, which would probably be rather effective anyway. That is not constitutionally protected, is it, and would require statute?

  Professor Fedtke: It would require statute. I agree entirely with your observation that the principle of trying to obtain data with the person who is actually affected, perhaps the dog owner or the parents of children who send their children possibly to school in the wrong catchment area, the principle that public authorities should first and foremost act openly and first and foremost address or approach the person they are dealing with or the person who is in the focus of their activities, is a thing which should be put down in the statutes. If you look at the German Data Protection Act that is one of the first things you find. Public authorities should target the individual who is involved in the proceedings and do so openly and try to obtain as much information as possible on that basis and only then can other measures perhaps be contemplated if the public authorities need further information.

  Q736  Lord Peston: My question somewhat anticipates what I meant to ask you but this is an ideal place to put it. You referred to a protected area at the end of your first statement. Certainly when we were students we were taught about John Stuart Mill on this, and if I may quote his exact words: "There is a circle around every individual human being which no government, be it that of one of a few or of the many, ought to be permitted to overstep." He says the point to be determined is where the limits should be placed but he had no doubt whatsoever that there should be such a limit. We did have here a judge last week who was meant to be supervising exactly this kind of surveillance and when I put that question to him he pretty well said, which worried me enormously, that the philosophy of John Stuart Mill is now dead. Some of us do not think it is dead; quite the contrary it is what we believe in more than almost anything. I would like to know your view on the matter.

  Professor Fedtke: I indicated that I do believe there could be such a core which should be absolutely protected. We may come back to that later on when it comes to specific statutes and the way the state goes about regulating surveillance and data protection. That is just a footnote at this point and I might be able to elaborate later on. I very much believe in detailed specific statutes rather than general provisions which cover ever so many public authorities but that is a different question. In Germany the highest level of possible intrusion, surveillance, wire tapping and so on, actually excludes judges from authorising measures and gives this authority to parliament. In that statute, which in Germany is the highest level of possible intrusion and which contains the highest level of safeguards as a counterbalance, you will find provision which says under no circumstances may the core of private life, if surveillance focuses solely on that, be infringed. Not even on that very high level is there absolute access. There is a core which is difficult to define and that is the main problem here.

  Q737  Baroness Quin: I am interested in what you were saying about the position in Germany. Have there been changes in Germany as a result of the worry about terrorism which has somehow gone against the general trend in that country?

  Professor Fedtke: Perhaps one introductory remark. I am German so my legal education and my PhD thesis were in that jurisdiction which is why I am particularly interested here in that country. There is a second reason why Germany might be a good system to look at. Germany enacted worldwide the first Data Protection Act in 1970 even before the United States. It is a system which has grappled, for a fair amount of time and to the present day, with these constitutional court decisions in that particular area. It is a long story. To come back to your question concerning changes in the approach and the impact of terrorism, Germany is interesting because in the late 1970s it experienced a serious threat of terrorism. You may recall the hijacking of a Lufthansa aircraft to Mogadishu and the killing of the pilot and then the intervention of German security forces. In that context you have appearing a number of quite severe statutes which enabled the state to react to such pressures. Yet, at the same time, I do sense that there has been a balance. To the present day measures which have increased the ability of public authorities and security services to monitor particular activities have been counter-balanced with procedural safeguards, in particular the involvement of the courts with information even on that high level of individuals affected by surveillance once the measure has been completed, which again triggers the ability to access the courts and to apply for judicial review. I think that Germany has a very, very early system when it comes to data protection. It has experienced quite a severe terrorist threat. It has not immediately succumbed to changing the legislation and allowing security forces inappropriately high access or rights or powers because there was a fair amount of counter-balance. We might want to look at those elements later on in the discussion. It is a continuous battle and even to the present day the Ministry of the Interior is trying, at every corner, to increase the powers especially of security forces. Basically it is a struggle between those in favour of liberty, of freedom of data protection, and those who argue very strongly in favour of the state, public interest and security and safety.

  Q738  Lord Morris of Aberavon: On the principle of overt as opposed to covert, particularly on the instance given as an example by Lord Lyell, are there not limitations on that which undermine the efficiency and the need to observe? A policeman does not give away the point that he is observing a drug pusher from across the road. The defence may demand it and the judge then has to reach a decision. If he is adverse to the Crown then the Crown frequently withdraw the case. We enjoy the sign that there are cameras for road speeding but we do not have cameras for going into a bus lane. Are there not limitations on that or does it not depend on the personality of the observer? Are the police in a special position as opposed to the Council looking at dog fouling or children going to school in the wrong areas?

  Professor Fedtke: I agree data protection, if taken seriously, is one of the greatest challenges of public administration simply because it is very difficult to develop a workable balance between the data protection, on the one hand, and a very onerous system of checks and balances, of internal Chinese walls and limitations. It is very difficult to balance these two. I would agree that it is a question of the case at hand. The policeman watching someone from across the street would be able to do so in Germany without much limitation despite the existence of a fairly elaborate data protection regime. If the policeman was to use some form of device which enables him to listen in across the street then the whole scenario changes and you would have a special statute which would authorise that or set limits on it. The distinction between overt and covert surveillance is a difficult one to draw on itself, which again begs the question how do public authorities deal with that. It is an investment of time and energy to have people who actually take that decision and say this is on this side of the line and that crosses the border.

  Q739  Lord Rowlands: Do I infer correctly from what you have been telling us that you do not find it attractive the way we have gone down the route of these commissioners, the information commissioner and the surveillance commissioner, and that is a less effective route than the one followed in Germany? Are you making a direct comparison between the two and are you critical of the commissioner route as it were?

  Professor Fedtke: The commissioner route is the right one; there is no doubt about that. Germany has a data protection commissioner on a federal level and on the state level. There is a team of 17 commissioners who have been very influential in securing data protection on a very day-to-day basis. If you look at the development of data protection, in particular in Germany, combined with surveillance, you will see that the impetus for legislative performance frequently comes from commissioners who have been working in this area and who compile and watch developments very closely. I am all for commissioners but the question is what are the powers of these commissioners. Are they used to authorise certain measures or are they only used to supervise certain areas ex post facto when things have already happened? What is their ability to investigate particular instances of surveillance or the use of data? I am all for commissioners but the question is what powers are attached to them.

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2009