Since the summer, Americans have learned that the National Security Agency has routinely violated their right to privacy for more than a decade. The world, however, learned they had no such right, whatsoever—at least in so far as the U.S. is concerned—as more and more of the NSA’s worldwide surveillance apparatus was revealed. Months later, the global uproar over NSA surveillance, fueled by stories of the NSA tapping German Chancellor Angela Merkel’s personal cell phone, led President Barack Obama to concede that everyone should be afforded some level of privacy from U.S. spying.
“[U.S.] intelligence activities must take into account that all persons should be treated with dignity and respect, regardless of their nationality or wherever they might reside,” the president said in January, “and that all persons have legitimate privacy interests in the handling of their personal information.”
President Obama’s recognition of privacy as a human right, however deficient, isn’t new. It’s actually the law. In 1992, the U.S. ratified the United Nations’ International Covenant on Civil and Political Rights, a human rights treaty that guarantees privacy rights. More specifically, Article 17 protects everyone from arbitrary or unlawful interferences with their “privacy, family, home or correspondence.”
What these protections mean today in our digital age of mass surveillance by the NSA and other intelligence agencies has been one of the many issues considered in Geneva this week, as the U.N. Human Rights Committee –a group of independent human rights experts tasked with overseeing compliance with the International Covenant on Civil and Political Rights—reviews the U.S.’s human rights record, both at home and overseas. Indeed, the right to privacy, according to the U.N. High Commissioner for Human Rights, is one of the most pressing issues facing the committee during its 110th session.
To assist the review of the U.S.’s compliance with the human right to privacy, the ACLU released today a report that provides a framework for the proper interpretation of Article 17’s privacy protections in the digital age. Although today’s powerful and sophisticated technologies can allow us greater enjoyment of our human rights, they are dual-use. When placed in the wrong hands, these technologies undermine the human right to privacy as well as threaten other rights, such as freedom of speech, assembly, and association.
As President Obama’s Review Group on Intelligence and Communications Technologies has acknowledged, “[i]f people are fearful that their conversations are being monitored, expressions of doubt about or opposition to current policies and leaders may be chilled, and the democratic process itself may be compromised.”
Democracy building through promotion of Internet freedom is a stated aim of U.S foreign policy, however hypocritical that seems when the NSA’s mission is to defeat the very concept of privacy outside of U.S. borders. Inadequate privacy protections seriously undermine this goal.
This is just one of the reasons why Article 17, particularly as it relates to our online lives and the digital data we produce each day, should encompass broad privacy protections and very limited restrictions. For example, protections for the “home” should extend not only to the physical spaces we inhabit but also those virtual spaces, such as Facebook and the cloud, where our time is increasingly spent. Our “home” should also include the personal devices such as computers and smart-phones that we use to access these virtual spaces.
Article 17 should also take a common sense approach to metadata, such as what numbers people call, the websites they visit and the location data their devices generate. While our government has argued in U.S. courts that metadata has few constitutional protections, the information couldn’t be more revealing, especially when aggregated over time. Since metadata can reveal the most intimate details of our daily lives and routines, privacy rights protected by Article 17 recognize it as a form of communication that should be shielded from the prying eyes of governments. When interpreted correctly, the human right to privacy should draw no artificial or spurious distinctions between metadata and the contents of our communications.
Privacy rights, however, are not absolute. Governments can legitimately interfere with a person’s privacy under narrow circumstances, such as during emergencies or threats to national security. These circumstances, however, do not provide the government with a license to run roughshod over people’s privacy rights.
Instead, governments must justify their actions and show that any interference with privacy, such as surveillance powers, is established in laws and regulations, which are clear and precise, necessary to achieve legitimate government objectives, and proportionate to achieving those limited goals. Privacy also requires an independent, impartial, and competent judicial or administrative tribunal to oversee the government’s conduct. And when abuse and mistakes occur, government officials and others responsible must be held accountable.
The NSA’s mass surveillance programs fail to meet these exacting standards. And in doing so, they violate the United States’ international human rights obligation to respect and ensure the privacy rights of U.S. and non-U.S. citizens, both inside and outside the United States, alike.
This year, President Obama singled out China and Russia as countries that fail to discuss their surveillance programs or the privacy concerns of their citizens and others. He also announced that our government should be “held to a different standard precisely because we have been at the forefront of defending personal privacy and human dignity.” Unfortunately, the United States record on privacy belies this rhetoric. To start regaining its human rights leadership role, the United States should recognize, without equivocation, that privacy is a human right.
Steven Watt is a senior staff attorney with the American Civil Liberties Union’s Human Rights Program.