Declaration on Global Privacy Standards

By EDRi · November 5, 2009

This article is also available in:
Deutsch: [Deklaration über globale Datenschutzstandards |]

The public voice coalition, where EDRi is also a member, gathered almost two
hundred privacy experts, advocates, and governments officials from around
the world for a civil society event in Madrid with the title “Global privacy
standards for a Global world”.

Held in conjunction with the annual meeting of the Privacy and Data
Protection Commissioners, the event was cybercasted, live blogged and tweted
in order to be available to any Internet user interested in the privacy

The conference had 5 different sessions, with two keynote speakers – Mr.
Stavros Lambrinidis, Vice President, European Parliament and Mr. Peter
Hustinx, European Data Protection Supervisor (Netherlands).

The first session Privacy and Human Rights: The Year in Review presented
several privacy issues from 2009 from different parts of the globe. The
European status was presented by Meryem Merzouki from EDRi-member IRIS,
France that highlighted the new threats brought by the Stockholm programme
or the different police databases with high-level privacy intrusion. There
was a specific interest from the audience on the status of EDVIGE 2.0.
Meryem confirmed that the civil society will react to the new police file,
while Peter Schaar has underlined that “Edvige is a horror database for us,
because it includes many persons that did not breach any laws – they are
just ‘risky persons’.”

The latest Privacy and Human Rights Report that covers 80 states was
launched with this occasion by Ms. Katitza Rodriguez, Electronic Privacy
Information Center.

The second session – Privacy Activism: Major Campaigns was kicked off by a
lively presentation by EDRi-member Mr. Ralf Bendrath who explained what is
Privacy Activism 2.0. Mixing open structures, viral marketing, pop culture,
privacy issues with a healthy dose of fun was the perfect recipe for the
biggest campaigns – biggest demonstration ever against surveillance in
Germany known in the entire world as Freedom not Fear. Ms. Willemiem Bax
from Consumer Organization BEUC highlighted the consumers actions for the
protection of their digital rights, while David Rodríguez presented a
creative local campaign against CCTVs in the neighbourhood of Lavapies,

“Your Data in the Cloud: What if it Rains? ” was the inspired title of the
third session. EDRi’s President Andreas Krisch pointed out with an image
from the computers in the 60s and 70s that the new technological
developments do not change that much and we should address more seriously
the security aspects of cloud computing. He suggested as ideas to be
included in global privacy standards in cloud computing: data breach
notification, data minimisation as well as responsibility for IT
infrastructures introduce in the market (see RFID).

Moving even more in depth on the global privacy issues, there were
discussions on the transborder data flows. Eddan Katz from EFF showed the
real problems of the Safer Harbour privacy agreement between US and EU,
including the fact that it doesn’t cover non-profits, because FTC oversight
on US side is only for companies. Gus Hossein from Privacy International
bluntly declared that we should stop using transborder data flows as a
Trojan horse for asking for data protection legislation in developing
countries. He insisted that just having a data protection act is not enough
and we should focus on capacity building for this countries.

The last session presented the Civil society declaration: Global Privacy
Standards for a Global World, with the other representatives at the final
panel (Ms. Jennifer Stoddart, Privacy Commissioner, Canada, Mr. Jacob
Kohnstamm, EU Article 29 Group Vice-Chairman and Mr. Rafael García Gozalo
from the Spanish DPA) openly supporting the Declaration.

Live blogging from the event

Madrid anti-CCTV campaign (only on Spanish)

Global Privacy Standards for a Global World -The Civil Society Madrid
Declaration (3.11.2009)

Event’s programme (3.11.2009)

Tweeting on the event

Stavros Lambrinidis speech – video (3.11.2009)

Andreas Krisch – Data protection in the cloud (3.11.2009)

Meryem Merzouki – Privacy issues with EU Law Enforcement Cooperation