Phil Lee, Managing Director of Digiphile writes:
“A bit of history today: what are the origins of the privacy principles by which we live today? You might point back to the UN Universal Declaration of Human Rights (1948) or the Council of Europe Convention of Human Rights (1950), but while these articulated the basic *right* to privacy, they didn’t set out the privacy *principles* by which we now live.
Instead – and it may surprise some of you to learn this – the basic fair information privacy principles originated from a combination of the British Report of the Younger Committee on Privacy (1972) and the United States (yes, Europeans, you read this correctly 😉 ) Department of Health, Education and Welfare Advisory Committee Report on “Records, Computers and the Rights of Citizens” (1973) – both of which sought to address the risks to privacy caused by the growing use of computers and automated data systems. While the principles they proposed have evolved with time, notably both of these reports were prepared several years before, and no doubt influenced, the later OECD principles, CoE Convention 108 and, of course, the EU’s 1995 Data Protection Directive.
The Younger Report doesn’t seem to be available online, but the HEW Report is available online here: https://lnkd.in/epiCftnM. How familiar does this excerpt sound:
“Safeguards for personal privacy based on our concept of mutuality in record-keeping would require adherence by record-keeping organizations to certain fundamental principles of fair information practice.
➡ There must be no personal-data record-keeping systems whose very existence is secret.
➡ There must be a way for an individual, to find out what information about him is in a record and how it is used.
➡ There must be a way for an individual to prevent information about him obtained for one purpose from being used or made available for other purposes without his consent.
➡ There must be a way for an individual to correct or amend a record of identifiable information about him.
➡ Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take reasonable precautions to prevent misuse of the data.”
For anyone interested in reading further, I commend to you Robert Gellman’s “Fair Information Practices: A Basic History”: https://lnkd.in/etvgQ6Em
Lisa N – https://www.linkedin.com/in/lisanee720/ also contributed the following:
Records, Computers and the Rights of Citizens – June 30, 1973
https://aspe.hhs.gov/reports/records-computers-rights-citizens
Is the EDPB’s ‘targeted update’ to data breach reporting guidance a ‘mini-budget’ moment for GDPR regulation?
You would have had to be living under a rock to have missed all the political turmoil in t…
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
