Monitoring of the internet: between the need of security, the interests of the economy and...

Monitoring of the internet: between the need of security, the interests of the

economy and protection of the private life

Hugo LançaHugo LançaBeja - PortugalBeja - Portugal

Monitoring of the internetMonitoring of the internet

I – Introduction I – Introduction

II – The problem II – The problem

III – Right to Privacy and Personal Data III – Right to Privacy and Personal Data

IV – The Monitoring in the Internet IV – The Monitoring in the Internet

V – Law Analyses V – Law Analyses

VI – Conclusion VI – Conclusion

Right to Privacy and Personal DataRight to Privacy and Personal Data

Personal Data” shall mean any information of any type, irrespective of the type of medium involved, including sound and image, relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an indication number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;


Law AnalysesLaw Analyses

Constitution of the Portuguese RepublicConstitution of the Portuguese Republic

Universal Declaration of Human RightsUniversal Declaration of Human Rights

Article 12 Article 12

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

Act 67/98Act 67/98 of 26 Octoberof 26 October ( (Personal Data)Personal Data)

Act on the Protection of Personal Data (transposing into the Portuguese legal system Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data).

Article 2 General principleArticle 2 General principle The processing of personal data shall be carried out

transparently and in strict respect for privacy and for other fundamental rights, freedoms and guarantees.

Act 67/98Act 67/98 of 26 Octoberof 26 October

Article 3 Article 3 Definitions Definitions For the purposes of this Act: (a) “personal data” shall mean any information of any type, irrespective of the type of medium

involved, including sound and image, relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an indication number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;

(b) “processing of personal data” (“processing”) shall mean any operation or set of operations which is performed upon personal data, whether wholly or partly by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction;

(c) “personal data filing system” (“filing system”) shall mean any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis;

…(h) “the data subject’s consent” shall mean any freely given specific and informed indication of his

wishes by which the data subject signifies his agreement to personal data relating to him being processed;

Act 67/98Act 67/98 of 26 Octoberof 26 October

Article 5 Data qualityArticle 5 Data quality 1 – Personal data must be: (a) processed lawfully and with respect for the principle of good faith; (b) collected for specified, explicit and legitimate purposes and not further processed in

a way incompatible with those purposes; (c) adequate, relevant and not excessive in relation to the purposes for which they are

collected and/or further processed; (d) accurate and, where necessary, kept up to date; adequate measures must be taken

to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified;

(e) kept in a form which permits identification of their subjects for no longer than is necessary for the purposes for which they were collected or for which they are further processed.

Act 67/98Act 67/98 of 26 Octoberof 26 October ( (Personal Data)Personal Data)

Article 6Article 6 Criteria for making data processing legitimateCriteria for making data processing legitimate Personal data may be processed only if the data subject has

unambiguously given his consent or if processing is necessary:

Article 7Article 7 The processing of sensitive dataThe processing of sensitive data 1 – The processing of personal data revealing philosophical or political

beliefs, political party or trade union membership, religion, privacy and racial or ethnic origin, and the processing of data concerning health or sex life, including genetic data, shall be prohibited.

Act 67/98Act 67/98 of 26 Octoberof 26 OctoberRights of the data subject Rights of the data subject

Article 10 Right to informationArticle 10 Right to information 1 – The controller or his representative shall provide a data subject from whom data relating

to himself are collected with the following information, except where he already has it:

Article 11 Right of accessArticle 11 Right of access 1 – The data subject has the right to obtain from the controller without constraint at

reasonable intervals and without excessive delay or expense:

Article 12 Data subject’s right to objectArticle 12 Data subject’s right to object The data subject has the right: (a) save where otherwise provided by law, and at least in the cases referred to in Article 6

(d) and (e), to object at any time on compelling legitimate grounds relating to his particular situation to the processing of data relating to him, and where there is a justified objection the processing instigated by the controller may no longer involve those data;

Directive on privacy and electronic Directive on privacy and electronic communicationscommunications

This Directive harmonises the provisions of the Member States required to ensure an equivalent level of protection of fundamental rights and freedoms, and in particular the right to privacy, with respect to the processing of personal data in the electronic communication sector and to ensure the free movement of such data and of electronic communication equipment and services in the Community.


Article 4 SecurityArticle 4 Security 1. The provider of a publicly available electronic

communications service must take appropriate technical and organisational measures to safeguard security of its services, if necessary in conjunction with the provider of the public communications network with respect to network security. Having regard to the state of the art and the cost of their implementation, these measures shall ensure a level of security appropriate to the risk presented..


Article 5 Confidentiality of the communicationsArticle 5 Confidentiality of the communications1. Member States shall ensure the confidentiality of communications and

the related traffic data by means of a public communications network and publicly available electronic communications services, through national legislation. In particular, they shall prohibit listening, tapping, storage or other kinds of interception or surveillance of communications and the related traffic data by persons other than users, without the consent of the users concerned, except when legally authorised to do so in accordance with Article 15(1). This paragraph shall not prevent technical storage which is necessary for the conveyance of a communication without prejudice to the principle of confidentiality.


Article 6 Traffic dataArticle 6 Traffic data

1. Traffic data relating to subscribers and users processed and stored by the provider of a public communications network or publicly available electronic communications service must be erased or made anonymous when it is no longer needed for the purpose of the transmission of a communication without prejudice to paragraphs 2, 3 and 5 of this Article and Article 15(1).


ConclusionConclusion


The right of privacy, the right of be alone, being The right of privacy, the right of be alone, being stated in the most important international and stated in the most important international and national laws, in spite of a desirable rule to national laws, in spite of a desirable rule to apply of being a desirable rule, has become apply of being a desirable rule, has become inoperative, just a programmatic but empty rule, inoperative, just a programmatic but empty rule, homage to the pasthomage to the past..


Technologies currently “sweat” us with free Technologies currently “sweat” us with free advantages, allow the privilege of follow and register advantages, allow the privilege of follow and register each one of our actions, each one of our movements, each one of our actions, each one of our movements, in a blind guess of trying to find all our thoughts. in a blind guess of trying to find all our thoughts. Without a doubt, we live in a era where the government Without a doubt, we live in a era where the government and companies voyeurism is absolutely intolerable. and companies voyeurism is absolutely intolerable.

When I use the Internet, all the information that I leave When I use the Internet, all the information that I leave in the net, are private and they cannot be used by in the net, are private and they cannot be used by anyone without my assent.anyone without my assent.


The defence of the right to be alone is not incompatible The defence of the right to be alone is not incompatible

with the correct application of The Law in the Internet: with the correct application of The Law in the Internet: what concerns to this problematic between privacy and what concerns to this problematic between privacy and anonymity, our opinion is clear: we only recognize to anonymity, our opinion is clear: we only recognize to judicial body the authority to break that intricate judicial body the authority to break that intricate barrier.barrier.


A lot of what was written is not quite new, in computers era A lot of what was written is not quite new, in computers era simply increased the capacity of store data already available; simply increased the capacity of store data already available; this argument is extensive as the human kind history. The this argument is extensive as the human kind history. The question to make is: How many princesses, artists or sportsmen question to make is: How many princesses, artists or sportsmen exposed their intimate life, sharing personal details, filling exposed their intimate life, sharing personal details, filling magazines with their intimacy to benefit of fame, and in a magazines with their intimacy to benefit of fame, and in a moment in time, with regrets of that way? moment in time, with regrets of that way?

It is essential never forget that when the information is used It is essential never forget that when the information is used correctly is something wonderful; Information when used correctly is something wonderful; Information when used wrongly is a dangerous and destructive weapon.wrongly is a dangerous and destructive weapon.

Monitoring of the internet: between the need of security, the interests of the economy and...

Documents

Transcript of Monitoring of the internet: between the need of security, the interests of the economy and...