What is the Resolution?

On the 15th December 2021, the office for the High Commissioner of Human Rights presented the ‘Right to Privacy in the Digital Age’ report to the 48th session of the Human Rights Council. This followed a first attempt to protect the right to privacy online that was made in July 2012 and affirmed by the Human Rights Council. This 2021 resolution follows on with the sentiments from 2012 to include digital advances.

How is the Universal Declaration of Human rights linked to the report?

This 2021 resolution sparked public debates on the interrelations between the right to privacy and the need for national security. Article 12 Universal Declaration of Human Rights (UDHR) shows the delicate balance between these two crucial interests:

‘No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.’

Point 8 of the 2021 Resolution reiterated this balancing approach. It states that the state may interfere with the right to privacy only under a lawful basis. Thereby, it shall be ensured that the interference cannot be arbitrary or unlawful.

Accordingly, the Human Rights Council focused on the “critical question [of] how to strike an appropriate balance between legitimate national security concerns and individual liberties.”

Point 17 of the Human Rights Council’s report focuses on how all the rights interlink. If one right is violated, this can affect other rights:

‘Many inferences and predictions deeply affect the enjoyment of the right to privacy, including people’s autonomy and their right to establish details of their identity. They also raise many questions concerning other rights, such as the rights to freedom of thought and of opinion, the right to freedom of expression, and the right to a fair trial and related rights.’

The report is moving with the advancements of the time. The UDHR is not stagnant. Instead, it is kept up to date through resolutions and other conventions. The report reflects that the world’s evolution can, and will, affect individual rights.

How does the UN approach affect you and your business?

Point 11 of the report states:

‘Business enterprises have a responsibility to respect all internationally recognized human rights. This means that they should avoid infringing on the human rights of others and address adverse human rights impacts with which they are involved. Pillar II of the Guiding Principles on Business and Human Rights provides an authoritative blueprint for all enterprises regarding how to meet this responsibility. The responsibility to respect applies throughout an enterprise’s activities and business relationships.

This outlines the responsibility of a business regarding the right to privacy. The Guiding Principles on business and human rights are a good starting point for businesses. A strong Environmental, Social and Governance (ESG) programme in a business can help ensuring accountability of all business stakeholders.

Point 14 of the report details how the exposure of data can affect a data subject:

‘Apart from exposing people’s private lives to companies and States, these data sets make individuals vulnerable in a number of other ways. Data breaches have repeatedly exposed sensitive information of millions of people. Large data sets enable countless forms of analysis and sharing of data with third parties, often amounting to further privacy intrusions and incurring other adverse human rights impacts…’

This clarifies possible consequences for a business that does not implement a strong privacy framework to protect data subjects’ right to privacy. The report continues to explain possible impacts of breaches. The strong link between privacy and human rights. A business that protects its customers’, employees’, and affiliates’ right to privacy ultimately contributes to the protection of human rights.

How can HewardMills support you?

HewardMills is a DPO service that also champions data dignity. HewardMills goes above and beyond to ensure that privacy interests of data subjects are upheld. We advise and guide our clients accordingly. Data protection is not just a regulatory formality, but it is a fundamental human right. Businesses that process large amounts of data are required to uphold these values. Vulnerable groups need effective protection against arbitrary invasions of privacy. HewardMills as a DPO service helps you and your business develop a robust data protection programme.

If you would like to discuss this topic or anything else data protection and privacy-related, please contact us at dpo@hewardmills.com.