Privacy, Technology Law and Religions across Cultures1
Prof. Joseph A. Cannataci
Director of the Centre for Law, Information & Converging Technologies
University of Central Lancshire
This is a refereed article published on 28 May 2009
Citation: Cannataci, JA., ‘Privacy, Technology Law and religions across cultures’, 2009(1) Journal of Information, Law & Technology (JILT), <http://go.warwick.ac.uk/jilt/2009_1/cannataci>
Abstract The freedom to receive and impart information, privacy and the freedom from discrimination on grounds of religious belief are universally recognised as fundamental human rights and, as such, also form part of the basic values of democratic societies. These rights have, in the main, only been adequately articulated and increasingly protected at the international level after the Second World War, relatively very late in more than seven thousand years of civilization In contrast, the values promoted by religions have often been recognised as such for millennia. Where do the values of privacy law and religions conflict and where do they converge, especially in a world where information technology is ubiquitous? The paper examines the debate over privacy from various perspectives, identifying those areas where religions appear to have confronted issues of human rights and where lawyers have been joined in the debate by philosophers within the rapidly developing field of information ethics. It concludes by listing a minimum ten areas where religions may possibly contribute to the intercultural debate on privacy in the Information Society.
Keywords Privacy and Information Society, Information ethics, Information Technology and Theology, Information Technology and Culture, Information Technology and religious belief, Information Technology and Human Rights.
‘Information law, including the law of privacy and of intellectual property,
is especially likely to benefit from a coherent and comprehensive theory of information ethics…’
Dan L. Burk ‘We are at the beginning of what I call intercultural information ethics, whose aim is not just to compare similar or dissimilar concepts by juxtaposing them, or to look for a conceptual or even moral consensus – but to become aware of our mutual biases on the basis of a nuanced understanding of similarities and dissimilarities beyond the simple dichotomy between ‘‘East’’ and ‘‘West.’’’
'Any tendency to treat religion as a private matter must be resisted. . . . To the extent that religion becomes a purely private affair, it loses its very soul.' Pope Benedict XVI
The debate on ‘Privacy and Information Technology’ has been predominantly carried out from a ‘Western’ perspective for over forty years. It is only relatively recently that an interest has arisen in examining where other cultures, such as those which characterise China and Muslim societies, may stand on similar issues. In an effort at contextualising the debate, this paper will set out to map where we are in the complex landscape that is the intercultural debate on privacy, occasionally pausing to get a glimpse on how we possibly got here, focusing on who the actors are almost as much as on what they have to say about the matter. In this sense it is more of an overview than an in-depth review of any one particular aspect of the privacy debate: expect an aerial view of the terrain which attempts to outline the bigger picture before enticing the reader to later plunge deeper into the undergrowth.
The terrain in this case is one marked by at least five major religions which had already started to ‘go global’ a thousand years and more before the Internet and commerce made globalization a popular term. Christianity, Islam, Hinduism, (Confucian-based) Chinese traditional religion and Buddhism together account for well over 5 billion adherents out of the world’s 6.3 billion population2. While at first this may give rise to the hope that an examination of privacy across religions need only start off by seeking harmony and consensus across these five major religious systems, it will be seen that religion is but one element in a complex multi-cultural and intercultural scenario.
This paper may incidentally also provide a tiny contribution to the growing debate about the complex links between religion, law and information technology. Since its very beginnings, the relatively young discipline of Information & Technology Law has concerned itself with the flow of information within society and the resultant impact on the distribution of power within society. That particular focus has manifested itself in various ways and particularly in the long-running debates on data protection law and freedom of information legislation. The introduction of data protection law provoked a new interest in privacy as a fundamental human right and has led to a string of related legislative and judicial developments especially in countries like Germany. These developments have been variously chronicled elsewhere but have led to the inception of new rights like ‘informational self-determination’ and even ‘on-line privacy’. 3 While some leading European jurisdictions come up with such developments, others outside Europe are considering the wisdom of signing up to the Council of Europe’s 1981 Data Protection Convention4 while some inside Europe5 are calling for a wholesale review of the EU’s Directive 46 of 1995 which is largely based on the COE’s 1981 convention. These varied and sometimes apparently conflicting developments in that part of ICT law we today bundle under the umbrella of ‘Privacy & Data Protection’ compel us to think more deeply about the values underlying privacy, where they come from, how they have developed and where they may or should be going.
When delving deeper into underlying values, it is inevitable that one encounters religions and other cultural sources of value systems. As one asks the questions ‘What is privacy? When and where did it begin? How is it enhanced or threatened by technology? What rules should one adapt or adopt?’ one discovers a number of things that the debate about religion, information flows and information technology may have in common with themes that have now traditionally been explored in the field of Information & Technology Law. Thus, in the same way as we are in IT Law concerned with the distribution of power in society, we discover interest in exploring religious texts such as the Christian Bible ‘in a one to one relation with political power’ where ‘the text is generated by the shifts of power that need to be given religious legitimacy’.6 Indeed, from a certain viewpoint, several, if not all, religions may be studied in terms of ‘information flows’ and ‘information technology’. The field of study of information technology and religion is vast and fascinating: it may range from how early information technology like the printing press was key in altering political power in Europe especially because of the role of printed matter in the Reformation, through how religions took to modern media for ‘tele-evangelisation’, to how Digital Islam has now grown to be a regular stream <http://www.digitalislam.eu/article.do?articleId=1817> in one of Europe’s largest IT Law conferences.7 It is beyond the scope of this paper to attempt to chart all the intersections of ICT Law with religion and information technology but instead the objective is far more modest if nonetheless complex. This paper will restrict itself to one value or set of values from the perspective of the intersection between law, information technology, values and religions. The case study chosen for this paper is privacy which is undeniably a universal value albeit finding different forms of expression in different cultures. Laws consist of rules which exist inter alia to protect and promote values. The main thrust of the debate launched in this paper is whether we can get religions to contribute to the formulation of legal concepts and possibly to agree about or at least not hinder the development of certain values such as privacy in a society where information technology is ubiquitous. Key ICT Law texts such as the 1981 COE Data Protection Convention cite implementation of Art. 8 of the European Convention of Human Rights as one of their primary concerns and thus the discussion will commence with an evaluation of privacy from the point of view of fundamental human rights.
A lawyer’s dilemma?
When people sit down and sign a contract it is normally hoped that some agreement has been reached on something specific and that the signatories are clear as to what they have agreed to. This is at least as important in international law as in national law: an international contract such as a bi-lateral treaty or a multi-lateral convention can have consequences for individuals far beyond national jurisdictions and is often in effect for decades. What is one to make, therefore of the following principle 12 from the most-translated document in history, the UN’s Universal Declaration of Human Rights?
‘No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.’
So, if all the countries of the world signed up to this, what exactly have they agreed? The main problem is of course that nowhere else in this milestone document do we read ‘For the purposes of this declaration “privacy” means “XYZ”’. Sixty years after the UN’s Human Rights declaration was launched in December 1948, many scholars within different jurisdictions have engaged in a continuing debate about the definition of privacy but while this debate has yielded many valuable insights we are nowhere closer to having a universally agreed definition for a universal value such as privacy.
To complicate matters further, while the Universal Declaration contained no definition of privacy, religious differences eventually came to the fore: the UN 1948 declaration was later labelled ‘a secular understanding of the Judeo-Christian tradition’, which could not be implemented by Muslims without trespassing the Islamic law.8 In the 1990 Cairo Declaration on Human Rights in Islam, a quarter of the world’s countries signed up to a new document which contains a number of nuances to the 1948 UN document and attempts to interpret all fundamental rights in accordance with Shari’ah Law. In Article 18, the 1990 CDHRI tends to give the impression of having developed a more detailed concept of what is understood to fall within the definition of privacy:
‘(b) Everyone shall have the right to privacy in the conduct of his private affairs, in his home, among his family, with regard to his property and his relationships. It is not permitted to spy on him, to place him under surveillance or to besmirch his good name. The State shall protect him from arbitrary interference.
(c) A private residence is inviolable in all cases. It will not be entered without permission from its inhabitants or in any unlawful manner, nor shall it be demolished or confiscated and its dwellers evicted.’
This was far more detailed and arguably more restrictive than section XXII of the Universal Islamic Declaration on Human Rights of December 1981 which had read simply: ‘Every person is entitled to the protection of his privacy.’ Indeed, it may possibly be inferred from the later 1990 declaration that the right to privacy is largely restricted to ‘conduct of private affairs in his home and among his family’. What happens outside home and familial spaces (e.g., a hotel room or the Internet) may possibly not qualify for protection under the right to privacy in terms of Art. 18 CDHRI. If in nothing else, the Muslim states are clearly in agreement with Pope Benedict XVI when he holds that religion is not simply a matter for private life. The Islamic view is that ALL of life’s fundamental principles must be in accordance with religious law (Shari’ah)9 and indeed Muslim scholars are at pains to trace the roots of most Islamic fundamental rights principles to the Quran10. Interestingly enough, although predominantly Muslim, the Arab states did not opt for this wording in their 1994 Arab Charter on Human Rights, the revised version of which (May 22, 2004), entered into forceMarch 15, 200811. The latter document in Art 21 maintains a verbatim copy of Principle 12 of the 1948 UN Universal Declaration. At least, in terms of strict legal wording, in the case of privacy the drafters of the Arab Convention avoided the criticism levelled at the CDHRI and especially that it ‘gravely threatens the inter-cultural consensus, on which the international human rights instruments are based’.12
The controversy on the approach of religions as to which set of international human rights many countries actually adhere to has not abated. On Human Rights Day, 10 December 2007, the Pakistani Ambassador to the UN Human Rights Council claimed that the Cairo Declaration of Human Rights in Islam, adopted in 1990 by the 56 member states of the Organisation of the Islamic Conference ‘is not an alternative’ to the Universal Declaration but ‘complementary’. The IHEU13 was quick off the mark to comment ‘Complementary? Yet the Cairo Declaration makes no mention of the Universal Declaration and clearly states that: “All the rights and freedoms stipulated in this Declaration are subject to the Islamic Shari'ah” and “The Islamic Shari'ah is the only source of reference for the explanation or clarification to any of the articles of this Declaration...”’ <http://www.iheu.org/node/2949>.In its strongly worded statement of the 24 February 2008, the IHEU concluded that
‘21. The vast majority of the Member States of the OIC are signatories to the UDHR and the International Covenants, the ICCPR and ICESCR. By adopting the 1990 Cairo Declaration those States are in effect reneging on the obligations they freely entered into in signing the UDHR and the two covenants.
22. The Cairo Declaration of Human Rights in Islam is clearly an attempt to limit the rights enshrined in the UDHR and the International Covenants. It can in no sense be seen as complementary to the Universal Declaration’ (Ibid).
While the debate rages on as to whether the CDHRI is actually a major, religion-induced schism in the international, intercultural consensus on human rights, it does not appear that current and past commentators within religious circles have contributed much to a better understanding of what is actually meant by the term privacy. Perhaps this is because, as Abraham Marcus (1986) aptly remarks:
‘As a historical theme privacy poses some particular difficulties. The phenomenon itself is of unusual conceptual complexity, as the growing literature on the subject illustrates. Its pursuit …encounters problems of inadequate evidence, impenetrable intimate worlds of thought and behaviour, questionable assumptions about Islam and Middle Eastern society, and intricate causal relationships between culture and social conditions.
The larger context must be invoked constantly to render observations more intelligible; privacy is the story not of one idea, institution, or social group but of a phenomenon inseparable from the cultural vision and social processes of the community at large.’
The above statement was made in relation to life in 18 Century Aleppo, Syria, where a Muslim majority co-existed with significant minorities of Christians and Jews but it could apply equally accurately to the situation in many countries in the 21thst Century. Privacy has, if anything, become much more complex a phenomenon than it was three centuries ago, largely as a result of societal changes influenced by information technologies but, the question must be asked, does religion (or do religions) have a contribution to make to the debate about the interplay between privacy and technology?
Firstly, in many countries, societies are today at least as complex as life in a large city in 18th Century Syria. Most societies are not homogeneous: they are increasingly a complicated mixture of groups or individuals of different ethnic origins with different community cultures and different personal and religious beliefs. One major difference is that in a majority of states, religion is no longer an over-arching source of either unity or rule-making. Whereas, especially in the West, organized religion had a huge influence on the nature of rules made by secular society, this influence has waned steadily since the 18th Century. Indeed, religious apathy is now so far advanced in many European states, that the population there would be unable to properly appreciate the extent to which policy-makers in, e.g., the United States, have to adjust what they say and do, in order to maintain support (or, at minimum, not alienate) the more religious segments of US citizens.
This difference in religiosity between, say the EU and the US, is also one which reminds us of the fact that there exist considerable differences in approaches to privacy between these two leading gigantic blocs of civilization as well as internal differences within the two blocs. A good way to illustrate this is to start by briefly considering the debate about the definition of privacy that has raged in the United States for decades.
It would take a fair-sized book to do justice to the US debate on the definition of privacy as it has evolved in the last hundred years. For reasons of space and focus I will not attempt to summarize this when it has been so ably done already by a number of people. I will simply rely on one of the best recent US attempts to categorize conceptualization of privacy (Solove, 2002):
‘Despite what appears to be a welter of different conceptions of privacy, I argue that they
can be dealt with under six general headings, which capture the recurrent ideas in the discourse. These headings include: (1) the right to be let alone—Samuel Warren and Louis Brandeis’s famous formulation for the right to privacy; (2) limited access to the self—the ability to shield oneself from unwanted access by others; (3) secrecy—the concealment of certain matters from others; (4) control over personal information—the ability to exercise control over information about oneself; (5) personhood—the protection of one’s personality, individuality, and dignity; and (6) intimacy—control over, or limited access to, one’s intimate relationships or aspects of life’ (Ibid, p.1092).
In his extremely interesting analysis, Daniel Solove concludes that, after a hundred and ten years of American lawyers wrangling over the definition of privacy,
‘with a few exceptions, the discourse seeks to conceptualize privacy in terms of necessary and sufficient conditions. In other words, most theorists attempt to conceptualize privacy by isolating one or more common “essential” or “core” characteristics of privacy. In contrast, I argue that privacy is better understood by drawing from Ludwig Wittgenstein’s notion of “family resemblances.” As Wittgenstein suggests, certain concepts might not have a single common characteristic; rather they draw from a common pool of similar elements’ (Ibid, p.1091).
Solove is a Law Professor and a relatively recent (1997) graduate from Yale, building on a US tradition where lawyers have had a head start in dissecting privacy for over a century. Yet he succeeds in writing an otherwise extremely profound 67-page article which does not pause once to look at recent European tradition in development of privacy law. Perhaps this is symptomatic of an unhealthy insularity which is not altogether unusual in American legal writing but it is an interesting reminder of how diverse these two main branches of Western legal thinking have become. Solove loses out on the opportunity to note how, for over 25 years the European approach has been to side-step the quagmire that is the debate as to whether privacy is a property right but rather rely on the fact that it is a fundamental human right in terms of Art 8 of the European Convention on Human Rights (ECHR) of 1950 which states,
‘1. Everyone has the right to respect for his private and family life, his home and his correspondence.
2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.’
The ECHR has probably been much more successful (in terms of application on the ground) than the UN Declaration of 1948 because of the key institution set up by the ECHR itself: the European Court of Human Rights in Strasbourg has successfully overseen the application of the ECHR in the unprecedented position where individuals could take their national governments to a supra-national court over human rights matters. This has led to a case law on privacy which is in some instances comparable to that of the US Supreme Court but which has also inspired (and at times contributed directly to) important developments in the law regulating information technology. The Council of Europe’s 1981 Data Protection Convention (COE 108), which in some places drew on the debate leading up to the 1974 US Privacy Act14, explicitly builds on the concept of privacy as expressed in Art 8 ECHR to emerge with a number of data protection principles which have since become incorporated into the laws of more than 30 European states. These principles create a protection regime for all forms of personal data. This treaty spawned the first EU Directive inspired by Human Rights, EU 46/95, which essentially takes the same data protection principles of COE 108 and makes them compulsory across the 27 member-states of the European Union.
It is somewhat ironic that the European tradition in data protection law was sparked off by the US mid-‘sixties debate on the potential menace for privacy as posed by new computer technology. For while the US has continued to witness a fragmented approach to privacy and data protection that distinguishes between personal data held in the public sector and that held in the private sector, Europe has not shirked from adopting an omnibus approach whereby personal data is clearly defined as ‘any data relating to an identified or identifiable individual’15 and which is protected regardless of whether it is collected and processed by the public or private sectors. Now while this may be a pragmatic if imperfect approach to tackling personal data in an age where information technology is ubiquitous, it does not solve the problem that Solove sets out to tackle i.e. actually come up with a working definition of privacy that is conceptually robust. For the US and European debate on what constitutes ‘privacy’ and ‘private life’ are considerably wider than the narrower discussion afforded by ‘personal data’.
Which is why Solove would have probably done well to pay closer attention to the development of personality law in Europe. It would appear that while ‘personhood—the protection of one’s personality, individuality, and dignity;’ is one of the six categories that Solove actively considers within US law, he has missed out on the opportunity to compare this to how a Lex Personalitatis has developed in many European states since 1949. Now this is surprising, since in his analysis Solove observes: ‘In Planned Parenthood v. Casey the Supreme Court provided its most elaborate explanation of what the ‘privacy’ protected by the constitutional right to privacy encompasses:
‘These matters, involving the most intimate and personal choices a person may make in a lifetime, choices central to personal dignity and autonomy, are central to the liberty protected by the Fourteenth Amendment. At the heart of liberty is the right to define one’s own concept of existence, of meaning, of the universe, and of the mystery of human life. Beliefs about these matters could not define the attributes of personhood were they formed under compulsion of the State’ (Solove, op.cit., p.1117).
Solove sums this up thus ‘In other words, the Court has conceptualized the protection of privacy as the state’s noninterference in certain decisions that are essential to defining personhood.’ One of the great differences that Solove misses to point out is that the parallel development of Lex Personalitatis in, say, German Law has been hierarchical in nature. Rather than putting ‘personality’ or ‘personhood’ at par with five other elements of the US privacy debate, the German approach (as the Hungarian, Slovenian and Romanian) has been to declare an over-arching constitutional right to ‘dignity and free development of personality’ and effectively treat privacy as an ‘enabling right’, one which exists (together with other enabling rights such as freedom of expression and access to information held by public bodies) principally as an instrument to give effect to the supreme value of unhindered development of personality.16