UN-Kommissarin für Menschenrechte: Mangel an Transparenz staatlicher Überwachung ist „beunruhigend“ (Update)

Im Dezember hat die Generalversammlung der Vereinten Nationen eine Resolution zum Schutz der Privatsphäre im digitalen Zeitalter angenommen, wenn auch auf Druck einiger Staaten recht verwässert. Teil davon war ein Auftrag an die Hohe Kommissarin der Vereinten Nationen für Menschenrechte, einen Bericht zum Thema zu erarbeiten. Heute hat Navanethem Pillay diesen 16-seitigen Bericht veröffentlicht: The right to privacy in the digital age (PDF).

In der dazugehörigen Pressemitteilung findet die Kommissarin für Menschenrechte deutliche Worte:

UN High Commissioner for Human Rights Navi Pillay warned Wednesday that studies by her office and others have revealed a “disturbing” lack of transparency about governmental surveillance policies and practices, “including de facto coercion of private sector companies to provide sweeping access to information and data relating to private individuals without the latter’s knowledge or consent.”

“This,” she said, “is severely hindering efforts to ensure accountability for any resulting human rights violations, or even to make us aware that such violations are taking place, despite a clear international legal framework laying down governments’ obligations to protect our right to privacy, and other related human rights.”

Pillay said her Office has been working for over a year on the complex web of issues relating to the right to privacy in the face of modern digital technology and surveillance measures. It has examined existing national and international legislation, a number of recent court judgments, and compiled information from a broad range of sources, including via a questionnaire sent to States, international and regional organisations, national human rights institutions, non-governmental organisations and private sector businesses.

Die Schlussfolgerungen und Empfehlungen des lesenswerten Berichts zitieren wir hier mal in Gänze (Hervorhebungen von uns):

International human rights law provides a clear and universal framework for the promotion and protection of the right to privacy, including in the context of domestic and extraterritorial surveillance, the interception of digital communications and the collection of personal data. Practices in many States have, however, revealed a lack of adequate national legislation and/or enforcement, weak procedural safeguards, and ineffective oversight, all of which have contributed to a lack of accountability for arbitrary or unlawful interference in the right to privacy.

In addressing the significant gaps in implementation of the right to privacy, two observations are warranted. The first is that information relating to domestic and extraterritorial surveillance policies and practices continues to emerge. Inquiries are ongoing with a view to gather information on electronic surveillance and the collection and storage of personal data, as well as to assess its impact on human rights. Courts at the national and regional levels are engaged in examining the legality of electronic surveillance policies and measures. Any assessment of surveillance policies and practices against international human rights law must necessarily be tempered against the evolving nature of the issue. A second and related observation concerns the disturbing lack of governmental transparency associated with surveillance policies, laws and practices, which hinders any effort to assess their coherence with international human rights law and to ensure accountability.

Effectively addressing the challenges related to the right to privacy in the context of modern communications technology will require an ongoing, concerted multi-stakeholder engagement. This process should include a dialogue involving all interested stakeholders, including Member States, civil society, scientific and technical communities, the business sector, academics and human rights experts. As communication technologies continue to evolve, leadership will be critical to ensuring that these technologies are used to deliver on their potential towards the improved enjoyment of the human rights enshrined in the international legal framework.

Bearing the above observations in mind, there is a clear and pressing need for vigilance in ensuring the compliance of any surveillance policy or practice with international human rights law, including the right to privacy, through the development of effective safeguards against abuses. As an immediate measure, States should review their own national laws, policies and practices to ensure full conformity with international human rights law. Where there are shortcomings, States should take steps to address them, including through the adoption of a clear, precise, accessible, comprehensive and non-discriminatory legislative framework. Steps should be taken to ensure that effective and independent oversight regimes and practices are in place, with attention to the right of victims to an effective remedy.

There are a number of important practical challenges to the promotion and protection of the right to privacy in the digital age. Building upon the initial exploration of some of these issues in the present report, there is a need for further discussion and in-depth study of issues relating to the effective protection of the law, procedural safeguards, effective oversight, and remedies. An in-depth analysis of these issues would help to provide further practical guidance, grounded in international human rights law, on the principles of necessity, proportionality and legitimacy in relation to surveillance practices; on measures for effective, independent and impartial oversight; and on remedial measures. Further analysis also would assist business entities in meeting their responsibility to respect human rights, including due diligence and risk management safeguards, as well as on their role in providing effective remedies.

Update: Ein besonders schönes Detail ist in Absatz 42 des Berichts:

There is strong evidence of a growing reliance by Governments on the private sector to conduct and facilitate digital surveillance. On every continent, Governments have used both formal legal mechanisms and covert methods to gain access to content, as well as to metadata. This process is increasingly formalized: as telecommunications service provision shifts from the public sector to the private sector, there has been a “delegation of law enforcement and quasi-judicial responsibilities to Internet intermediaries under the guise of ‘self-regulation’ or ‘cooperation’”.

Diesen Teil zitiert sie aus der Studie „the slide from self-regulation to corporate censorship“ von European Digital Rights (EDRi), die bereits im Januar 2011 vor dieser Gefahr warnte:

This paper looks at the growing role of delegation of law enforcement and quasi-judicial responsibilities to internet intermediaries under the guise of “self-regulation” or “cooperation”.