ENDitorial: Montreal Privacy Week: Terra Incognita or Deja Vu?

By EDRi · October 10, 2007

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

More than 600 persons from 50 countries gathered in Montreal to
participate to the 29th International Conference of Data Protection
and Privacy Commissioners, on 25-28 September 2007, making this year
venue attended by a record number of interested parties. The theme of
the conference, ‘Privacy Horizons: Terra Incognita’, certainly played
a role in this attraction. The audience has not been disappointed by
presentations and panels indeed exploring currently challenging
issues in the field of privacy and data protection, such as
nanotechnology, ubiquitous computing, the body as data…, not to
mention already well known, but continuously concerning issues like
globalization, public safety and the interpenetration between law an

The host of the Conference, Canadian Federal Privacy Commissioner
Jennifer Stoddart and her team invited US Department of Homeland
Security Secretary Michael Chertoff as keynote speaker of the opening
ceremony. The Big Neighbour representative’s speech was not
disappointing either, or rather not surprising, as even those who haven’t
listened may infer from his own blog report.

Far more worth attending were most of the other sessions and panels.
In particular, I went back home with confirmation and further food
for thought on three main ideas. First, the well renowned security
expert Bruce Schneier (BT Counterpane, USA) insisted on the fact that
the world has changed without us having changed accordingly the
framing of the debate, and that the dichotomy is not anymore between
privacy and security but rather between freedom and control. Second,
Law professor Joel Reidenberg (Fordham University School of Law, USA)
advocated the need for a ‘design liability’ when privacy and data
protection principles breaches are implemented by design in a given
architecture. Although Reidenberg generally advocates too much in
favour of so-called “co-regulation” and “codes of conducts” for my
taste, this ‘design liability’ concept should certainly be developed
and implemented, as a mean to work towards more privacy-friendly
services, tools and standards. Third, Canada Research Chair in
Ethics, Law & Technology holder Ian Kerr (University of Ottawa,
Canada) gave a very interesting panorama of the privacy issues with
ubiquitous computing, highlighting how the current hierarchy between
the personal (body data), the territorial (property and good data) and the
informational (basic biographical data) spheres, as considered e.g.
by the Canadian Supreme Court, may be questioned in the near future
with new services and technologies making these spheres merge.

“Here be dragons”, then. The whole idea of the Terra Incognita/Dragon
for this conference came, as we learnt through Jennifer Stoddart
acknowledgements from Stephanie Perrin (Director of Integrity Policy,
Integrity and Risk Management, Service Canada), who chaired this year
edition of the Computers, Freedom and Privacy Conference, also held in
Montreal in May 2007.

It is then no surprise that Stephanie shared with the audience of the
Civil Society Privacy Workshop, held the day before and in liaison
with the DPA Conference, her impression of ‘deja vu’! As a matter of
fact, this civil society event, under the global theme of ‘Privacy
Rights in a World Under Surveillance’ was the confirmation of Bruce
Schneier’s intuition that the whole debate should be reframed
according to new world paradigm. If civil society groups do not seriously
work on this, they risk to go on meeting each year simply to
acknowledge that the situation is worse than the previous year!
Trying to open up civil society discussions on privacy to new actors,
from both other regions and cultures than simply north-western, anglo-
saxon countries and other backgrounds than privacy stricto sensu,
would certainly help.

This would at least help understand issues as framed during another
event I attended in Montreal this same week, which was the inaugural
conference of Data Protection Commissioners from La Francophonie,
where I was invited by the ‘Commission d’accès à l’information du
Québec (Quebec DPA, probably the only DPA authority also acting as
the access to information authority) to give a talk on ‘Protecting
Personal Data in a Virtual World: French and European Perspectives’.
La Francophonie is a political space comprising 53 member 13 observer
States and governments from the 5 continents (many of which no one
would have thought they have any link with French language and
culture, but anyhow…). By attending this conference, one may
realize – if not already aware – how much the privacy and personal
data protection debate needs to find viable arguments to answer basic
problems of democracy: how to ensure transparent elections, how to
guarantee a working civil status registry, to name a few, in
countries where life is a daily struggle. This is not to say that
privacy, personal data protection, and other related issues are a
luxury, but to help realize that different arguments should be worked
out when privacy is not anymore opposed to security, but rather to
corruption, illiteracy, etc. At the end of this event attended by
representatives from 27 countries from La Francophonie, 14 of them
having a DPA, the new international association of DPA from La
Francophonie was created, with its bureau composed by Quebec DPA
(presidency), French DPA (general secretariat), Burkina Faso DPA and
Swiss DPA (vice-presidencies). The association will have its seat in

29th International Conference of Data Protection and Privacy
Commissioners: ‘Privacy Horizons: Terra Incognita’ (English and
French, 25-28.09.2007)

Michael Chertoff’s blog on his speech in Montreal (28.09.2007)

Civil Society Privacy Workshop: ‘Privacy Rights in a World Under
Surveillance’ (25.09.2007)

Data Protection Commissioners’ Francophonie conference: ‘The
protection of personal data, an absolute necessity to democracy and
development’ (in French only, 24.09.2007)

Meryem Marzouki’s talk at DP Commissioner’s Francophonie conference:
‘Protecting Personal Data in a Virtual World: French and European
Perspectives’ (French and English, 24.09.2007)

(Contribution by Meryem Marzouki, EDRI member IRIS – France)