OxPILS showcases work being conducted in the University of Oxford’s Centre for Socio-Legal Studies (CSLS) which relate to data protection, privacy and the regulation and capture of information.
This is the TEXT-ONLY (HTML) version of the OxPILS website. This version of the OxPILS website is maintained to increase accessibility for screen readers, mobile devices, and users without Flash support.
The Flash version of the OxPILS website is available at http://www.csls.ox.ac.uk/dataprotection and users who do not require to the text-only version are advised to redirect to this site.
Please contact email@example.com for any additional assistance in accessing the materials on the OxPILS website. Many thanks.
Oxford Privacy Information Law and Society (OxPILS) is a programme of research and scholarly activity within the University of Oxford’s Centre for Socio-Legal Studies (CSLS) concerned with data protection, privacy and the regulation and capture of information. It aims to act as hub for law and society work being pursued in this area within the University of Oxford and beyond. CSLS projects in this area date back at least to the early 2000s when the Centre was associated with the publication of Ruled by Recluses? Privacy, journalism and media after the Human Rights Act. In 2009 the Centre hosted a seminar series around these issues entitled Human Investigation and Privacy in a Regulatory Age. Today, a range of CSLS Research Fellows, Associates, Students and Visitors work within this field of study. The OxPILS Committee helps co-ordinate the work of the OxPILS programme. (see OxPILS: people).
The Data Protection and the Open Society (DPOS) project which is based at the Centre is led by Dr. David Erdos who is currently being funded by the Leverhulme Trust under its Early Career Fellowship scheme. The project explores, and seeks to resolve, tensions between data protection law and practice and the values of freedom of expression and information. Some parts of this website relate especially to the DPOS Project. These are:
- DP Foundations [see DPOS: DP Foundations]
- Media and internet [see DPOS: media & internet]
- Research governance [see DPOS: research governance]
- Transparency [see DPOS: transparency]
This focus is indicated by presence of the DPOS specific icon on each of these pages.
Steve McCarty-Snead’s project “Who will watch the watchers?” examines the interrelationship between rights and regulation in the area of surveillance. This work examines the Data Protection Act alongside the Regulation of Investigatory Powers Act and the Human Rights Act. It is concerned with the work of three regulatory agencies, the Information Commissioner’s Office, Office of the Surveillance Commissioner and the Human Rights and Equality Commission. For further information on this project see Surveillance [see OxPILS: surveillance].
Asma Vranaki’s project on Social Networking examines the role of the law in protecting copyright and privacy interests in Online Social Networking Sites. She also blogs regularly on these issues at CyberPanda. For further information on this project see Social Networking [see OxPILS: social networking].
OxPILS has strong linkages with other academic institutions working in these and related areas. Within the University of Oxford itself it has a particularly strong connection to the Oxford Internet Institute, the Centre for Health, Law and Emerging Technologies Centre (HELEX) and CSLS’s Programme in Comparative Media Law and Policy (PCLMP). Outside of Oxford, OxPILS has an established relationship with UCL’s Constitution Unit including, in particular, its programme on Freedom of Information and Data Protection.
Dr. David Erdos (Chair) (Socio-Legal Studies; Balliol College)
Steve McCarthy (Secretary) (Socio-Legal Studies; Wolfson College)
Asma Vranaki (Information & Outreach Officer) (Socio-Legal Studies; Wolfson College)
Richard Danbury (Law; Green Templeton College)
Andelka Phillips (Law/Public Health; St. Hilda’s)
Gerald Sowah (St. Anne’s)
Dr. David Erdos (david.erdos [at] csls.ox.ac.uk) is Katzenbach Research Fellow and Leverhulme Trust Early Career Fellow at CSLS and also Balliol College. He is principal investigator on the Data Protection and the Open Society (DPOS) project. His current work examines data protection alongside the rights to privacy, freedom of expression and freedom of information. David’s published work to date also relates to the area of human rights. Alongside his book Delegating Rights Protection published by Oxford University Press in the autumn of 2010, he has published on the topics of bill of rights legal impact, constitutional reform movements, Europeanization and sexual minority rights. David has presented his new work on data protection at a variety of fora including the 2012 Computers Privacy and Data Protection (CPDP) Conference, the 2011 Northumbria Information Rights Conference, , the Constitution Unit’s Government Policy Information Seminar Series and the Centre for Health, Law and Emerging Technology’s Connections Seminar.
Steve McCarty-Snead (steve.mccarty [at] law.ox.ac.uk) is a doctoral student at CSLS and also Wolfson College. His research (“Who will watch the watchers?”) examines the relationship between rights and regulation in the area of surveillance. Academically he has a political science, public policy and criminology background. He also has practical experience having interned as an investigative assistant for the Berkeley Police Review Commission. Steve recently completed a poster presentation of his work at the 2010 biannual Surveillance and Society/Surveillance Studies Network conference, “A Global Surveillance Society?” at City University London.
Asma Vranaki (asma.vranaki [at] wolfson.ox.ac.uk) is a doctoral student at CSLS and also Wolfson College. Her research examines the role of the law in protecting copyright and privacy interests in Online Social Networking Sites. Asma has an LLB in Law from the LSE and is a member of the Bar of England and Wales as well as the Bar of Mauritius. Prior to joining CSLS, Asma was appointed as a Bar Vocational Course Lecturer at the Inns of Court School of Law (now known as The City Law School) and lectured various subjects including Civil Procedure & Evidence, Commercial Law, and Company Law. She has also practised as a commercial barrister specialising in all aspects of Commercial Law including Intellectual Property, Information Technology, Telecommunications, Internet, and Company. Asma has presented several papers linked to her doctoral research at a variety of venues including the Oxford Internet Institute and King`s College London. She is also an assistant editor of the International Journal of Communications Law & Policy which is a peer-reviewed journal dealing with legal, policy, and technological issues arising from the Information Communication Technology sector. She blogs regularly on the legal issues arising from cyberspace at CyberPanda and tweets at Cyber_Panda_.
is an Associate Research Fellow at the CSLS. He directs deeJgee Research/Consultancy and lectures on communications/ media law at Glasgow Caledonian University and Queen Mary, University of London. David is affiliated with OxPILS as a result of his strong background in issues connected with information law. He founded the Journal of Media Law and Practice in 1979 (now Bloomsbury Professional's Communications Law) and initiated the teaching of communications law and policy at the University of Glasgow in 1983 at both undergraduate and graduate levels. From 1984 he was a Co-Convener for the Freedom of Information Campaign in Scotland and was an inaugural co-external examiner for Northumbria University's LLM in Information Rights. He sits on the UK FCO's Free Expression Panel.
Laurence Lustgarten (laurence.lustgarten [at] csls.ox.ac.uk) was formerly Professor of Law at the University of Southampton, and a Commissioner of the Independent Police Complaints Commission. He has published books on national security and parliamentary democracy; on the constitutional status and accountability of police in England and Wales; on racial discrimination law in Britain, and on the impact of libel law on the media in England. He has also been active in promoting human rights, lecturing to judges and government officials on behalf of the Council of Europe.
Cristina Pauner Chulvi joined us from University Jaume I (Castellon-Spain), where she is a Professor in Constitutional Law. Her research interests include mass media, data protection, digital journalism and the new challenges facing technologies and freedom of expression. During her stay she will undertake research for her current project, 'New frontiers of new media in the XXI century: freedom of speech and data protection.'
Cecile Perles joined us from the University of Essex, where she is a PhD student in the Department of Government. Since October 2009 she has worked as a research assistant and as a freelance researcher for the British Academy. Her PhD thesis focuses on the evolution of the British judiciary's constitutional position from the mid-twentieth century to the present day and examines the concept of juridification in its normative sense, exploring the consequences of the decline of Diceyan ideas for the Westminster model of democracy. During her stay, Cecile assisted Dr. David Erdos with his current research on Data Protection and Open Society.
Noriswadi Ismail (noriswadi.ismail [at] csls.ox.ac.uk), Malaysian, is a doctoral researcher on Radio Frequency Identification (RFID), Data Protection and Privacy based in London. He is a ‘MajlisAmanah Rakyat’ (MARA) Scholar (2009-2012) and previously a British Chevening Scholar (2006-2007) in Strathclyde Law School, Glasgow whilst reading LLM in Information Technology & Telecommunications Law. Prior to commencing his doctoral research, he was the General Counsel / Company Secretary of HeiTechPaduBerhad. In between his work, he also lectured occasionally on topical issues in Information Technology & Intellectual Property laws at his Alma Matter, Ahmad Ibrahim Kulliyyah of Laws, International Islamic University Malaysia. Throughout his Academic Visitorship in CSLS (14 February 2011 - 4 April 2011), he researched data protection in Europe and Asia (South East Asia and East Asia). He was also involved with selected research and events of Data Protection and Open Society Project under the leadership of Dr. David Erdos, Katzenbach Research Fellow (Balliol College). Noris’ thoughts on his research are retrievable at RFID Nexus.
Elizabetta Franchin was a CSLS Visitor associated with OxPILS from October through to December 2010. She joined the Centre from the University of Padua and researched the law and history of data protection and privacy law in Italy and the UK. She also contributed to the Centre’s work on Data Protection and the Open Society (DPOS).
Nabiha Syed was an MSt student at CSLS and also Balliol College. A native of Orange County, California she is the author of Replicating Dreams (Oxford University Press, 2008), a study of microfinance marketing in Pakistan and Bangladesh. As a Yale Information Society Project student fellow, she founded the Media Freedom and Information Access Practicum to support newsgatherers through litigation. Nabiha has pursued her interests in corruption, development, and accountability through the World Bank Office of Evaluation and Suspension, Oxfam America, and as an Amnesty International Patrick Stewart Scholar. She holds a B.A. in International Relations and Anthropology from Johns Hopkins (2007) and a J.D. from Yale Law School (2010).
OxPILS: news and events
OxPILS Conference “The ‘Right to be Forgotten’ and Beyond” – Transcripts and Photos now available
Transcripts from all the presentations made at recent OxPILS Conference on “The “Right to be Forgotten” and Beyond: Data Protection and Freedom of Expression in the Age of Web 2.0” are now online at http://www.csls.ox.ac.uk/conferences/oxpilsconference2012/report.php Photos from the day can also be viewed at http://www.csls.ox.ac.uk/conferences/oxpilsconference2012/photos.php
Presenters comprised Professor Artemi Lombarti from Jaume I University and formerly Director of the Spanish Data Protection Authority, Dr. David Erdos from OxPILS/Centre for Socio-Legal Studies, Professor Bill Dutton from the Oxford Internet Institute, David Smith from the UK ICO, Rosemary Jay from Hunton & Williams, Peter Hustinx the European Data Protection Supervisor, Anthony House from Google, Thomas Zerdick from the European Commission, Jörg Polakiewicz from the Council of Europe and Michael Donohue from the OCED.
A wide variety of topics were explored including:
· the meaning and modalities of the Right to be Forgotten,
· the varied nature of the exemptions from Data Protection available in EU Member States for journalism literature and the arts,
· the meaning of “journalism” and “purely domestic or household activities” in the age of Web 2.0,
· the challenges faced by DPAs in regulating the Press (an issue also discussed in the context of the Leveson Inquiry),
· whether search engines are “data controllers” as regards their public search functions (a topical issue given the pending European Court of Justice case involving Google),
· the future of shape of European Union and other transnational governance regimes in this area.
This Activity was generously carried out with funding from a Joint Programme between the European Union and the Council of Europe as well as the University of Oxford's Law Faculty Research Support Fund. (The views expressed were solely and exclusively those of the individuals speaking).
OxPILS thanks everyone who supported this Conference and looks forward to the continuing discussion on these important issues.
(posted October 2012)
UK Ministry of Justice’s Data Protection Advisory Panel gets underway – OxPILS’ David Erdos joins group
Dr. David Erdos has been invited by Rt. Hon. Lord McNally to join the Ministry of Justice’s inaugural Data Protection Advisory Panel, a new group which has been set up to discuss and advise on the proposed European Union Data Protection Regulation. The group will bring together figures with an interest in data protection from across business, consumer interest and rights groups. It aims to develop an approach which strikes a balance between not being over-burdening whilst at the same time ensuring that personal data is properly protected.
The European Commission published the draft Data Protection Regulation in early 2012. It proposes to entirely replace the current Data Protection Directive 95/46/EC with a new legal framework which involves significantly more harmonization between the Member States. The proposals are now being considered by European Council (and also the European Parliament) and it is to this process that the Panel will contribute.
A copy of the proposed Regulation is online [HYPERLINK on “online” to http://ec.europa.eu/justice/data-protection/document/review2012/com_2012_11_en.pdf] as is comprehensive information on current European Union regulation on Data Protection [HYPERLINK on “European Union regulation on Data Protection” to http://ec.europa.eu/justice/data-protection/index_en.htm].
(posted October 2012)
OxPILS “Mending the Tangled Web? Informational Privacy 3.0” Series 2011/12
This series of events, which culminated in a final conference in June 2012, was generously made possible with funding from a Joint Programme between the European Union and the Council of Europe and the Law Faculty Research Support Fund. Please note that any views expressed are only those of the speakers concerned and can in no way be taken to reflect the official opinion of the Council of Europe or the European Union.
For full information on the Conference please visit http://www.csls.ox.ac.uk/oxpilsconference
Michaelmas Term 2011:
Week 6, Thursday, 17 November, from 4:30-6:00pm at Lecture Theatre 1 of the Law Faculty, St Cross Building, Manor Road, University of Oxford
Hilary Term 2012:
Week 3, Thursday, 2 February, from 4:30-6:00pm at the Master’s Dining Room, Balliol College
Professor Charles Raab, Professor Emeritus and Honorary Professorial Fellow at the University of Edinburgh (topic: ‘Regulating Surveillance: Extending the Scope of Privacy Impact Assessment’)
Week 7, Thursday, 1 March, from 4:30-6:00pm at the Master’s Dining Room, Balliol College
Dr. David Erdos, Katzenbach Research Fellow (Balliol College) at the Centre for Socio-Legal Studies (topic: ‘Reconciling ‘Journalism’ and Data Protection – the European Framework’)
Trinity Term 2012:
Week 4, Thursday, 17 May, 4:30-6:00pm at the Massey Room, Balliol College
Professor Christopher Millard, Professor of Privacy and Information Law at Queen Mary, University of London, and Senior Research Felllow at the Oxford Internet Institute, Of Counsel to Bristows (topic: ‘Data Protection in the Age of the Cloud’)
Week 5, Thursday, 24 May, 4:30-6:00pm at the Massey Room, Balliol College
Dr. Ian Brown, Senior Research Fellow at the Oxford Internet Institute (topic: Data Protection and Social Networking)
Week 6, Thursday, 31 May, 4:30-6:00pm at the Massey Room, Balliol College
Timothy Pitt-Payne, QC, Barrister, and Visiting Professor of Information Law at Northumbria University (topic: ‘Taking Privacy Rights Seriously: Regulation, Remedies and Enforcement’)
Week 8, Tuesday 12 June, 10:30-6:00pm, Conference on “The ‘Right to be Forgotten’ and Beyond: Data Protection and Freedom of Expression in the Age of Web 2.0”
"Regulating Surveillance: Extending the Scope of Privacy Impact Assessment" with Professor Charles Rabb (University of Edinburgh), Thursday 2 February, 4:30-6:00pm in the Master`s Dining Room, Balliol College
Abstract: 'Privacy Impact Assessment (PIA) has become prominent as a way of anticipating and correcting the effects of surveillance and other technologies and information systems upon privacy. However, the scope of PIA is limited by the focus upon the impact upon the privacy of the individual, to the exclusion of possible impacts of surveillance upon non-privacy ethical and other values, not only upon individuals but upon categories and groups of people and society itself. This paper explains PIA and aims to overcome these limitations by exploring the possible development of wider variations of PIA.'
This seminar forms part of the newly launched seminar series ‘Mending the Tangled Web? Informational Privacy 3.0’. This series is being carried out with funding from a Joint Programme between the European Union and the Council of Europe. Several more seminars will take place in Hillary Term and Trinity Term 2012. (Please note that the views expressed are those of the individual speakers only.)
“Privacy 3.0” with Simon Davies, Director of Privacy International, Thursday 17 November from 4:30-6:30pm in Lecture Theatre 1 of the Law Faculty, St Cross Building, Manor Rd, University of Oxford
This reception marks the launch of Oxford Privacy, Information, Law and Society (OxPILS) – a new CSLS research programme which builds from the Data Protection Study Group (DP@CSLS) established at the Centre in 2010. The Director of Privacy International, Simon Davies, will deliver an opening lecture on privacy in the information age, which represents the first such talk in a newly launched seminar series ‘Mending the Tangled Web? Informational Privacy 3.0’. This series is being carried out with funding from a Joint Programme between the European Union and the Council of Europe. The seminar series will focus on issues of freedom of expression and privacy in the Internet Age. Subsequent seminars will take place in Hillary Term and Trinity Term 2012. All are warmly invited to attend. (Please note that the views expressed are those of the individual speakers only.)
“Mending the Tangled Web? Informational Privacy 3.0” - OxPILS Seminar Series, 2011-12
This series will consist of seminars and a conference organized throughout 2011-12. This seminar series has been generously made possible with funding from a Joint Programme between the European Union and the Council of Europe as well as funding from the Law Faculty’s Research Support Fund. . The focus of the seminars will be on the following question:
How can the values of data protection be reconciled with the free flow of information and expression on the internet in the third generation of informational privacy law?
This will be approached from the perspective of the rewriting of the European Union, Council of Europe and OECD’s privacy/data protection frameworks. (Please note that the views expressed are those of the individual speakers only.)
OxPILS Roundtable on the Future of European Data Protection, Thusday 2 December 2010
Workshop, 2.30 – 4.00pm, Seminar Room D, Manor Road Building
University of Oxford
Since its drafting in 1995, the European Union’s Data Protection Directive 95/46/EC has played a seminal role in shaping policy around data protection and privacy worldwide. Given the development of increasingly complex and invasive ways of processing personal information, the importance of this body of law is only likely to grow. At the same time, the Directive has faced many challenges which are also becoming more serious over time. The Directive’s basic framework and concepts has been described by the UK’s former Information Commissioner Richard Thomas as excessively prescriptive, bureaucratic and “no longer fit for purpose”. More specifically, the Directive has been criticized for not appropriately balancing rights and interests in data protection with other important values including freedom of expression and information. The rise of new applications such as Google Street View, Flickr, Social Networking and ratings websites has brought this issue to the fore. Sporadic enforcement and implementation of the Directive, coupled with lack of clarity around a number of its key aspects, has also led to concerns around legal clarity and the rule of law.
Framing a contribution on the Directive’s future from within the University of Oxford
The European Union is now reviewing the whole Data Protection Framework with a view to publishing a new draft law in 2011. As part of this process the European Commission has recently published a green paper on this topic, which follows on from the UK Ministry of Justice’s own recently closed consultation that led to a detailed response from ICO. The European Commission is presently inviting submissions on their green paper to be made by 15 January 2011. DP@CSLS is organizing an exchange of views on this important area of policy with a view to drafting a joint submission to this critical consultation exercise. Anybody interested in this topic is therefore invited to attend an OxPILS Roundtable to be held on Thursday 2 December 2010 in Seminar Room D of the Manor Road Building between 2.30 and 4.00pm. (posted 11.10)
DPOS findings presented at Government Policy Information Seminar Series
On 28 September 2010 CSLS Research Fellow Dr. David Erdos presented some of the initial findings of the Data Protection and the Open Society (DPOS) project to the Constitution Unit’s Government Policy Information Seminar Series. This series brings together key players in information policy from Whitehall Departments, the Information Commissioner’s Office, local government, non-departmental public bodies (NDPBs) and lawyers. David’s talk focused on ways in which the current data protection regime conflicts with freedom of expression and mechanisms via which this might be ameliorated. He examined relevant case law from the UK, France, Germany, Canada and also the ECJ. It is hoped that the evidence collected will help spark debate in relation to the rewriting of the European Data Protection Directive and the UK’s own Data Protection Act. On the 6 October, DPOS submitted evidence to the UK’s Ministry of Justice review of the data protection framework, part of which covered the same ground as that explored in the talk. DPOS’ submission will be available soon from the OxPILS Law and Policy section [see OxPILS: Law and Policy]. (Posted 10.10)
Debate on the future of European Data Protection continues to grow
General debate on the future of European and UK Data Protection continued to grow throughout the summer and into the autumn of 2010. In July 2010 the European Commission issued a reasoned opinion arguing that the UK data protection regime was an inadequate interpretation of the European Data Protection Directive 1995 in a number of respects. The Commission has now announced the start of legal proceedings in relation to the UK’s privacy laws as applied online. Also in July 2010 the UK’s Ministry of Justice started a formal consultation to gather evidence on the operation and reform of the UK and European data protection regimes. That consultation closed on the 6 October and it is now becoming clearer what the views of various important stakeholders will be. For example, the ICO submission concentrated on many themes which are being investigated within CSLS including the definition of personal data, the regulation of online data processing by individuals and necessary exemptions in order to safeguard freedom of expression. OxPILS is fully and actively involved in this debate and will seek to expand this focus throughout 2010-11. For example, DPOS made its own submission to the Ministry of Justice’s consultation which will be available soon from the OxPILS Law and Policy section [see OxPILS: Law and Policy]. (Posted 10.10)
Caught in the Thicket? CSLS Seminar on Data Protection and Freedom of Expression, 8 November 2010
David Erdos will be presenting on the tension between data protection and freedom of expression at a Centre for Socio-Legal Studies seminar on Monday 8 November 2010. His talk will particularly focus on the UK situation asking to what extent it is true that freedom of expression is stuck in what Justice Morland in the High Court described as the “thicket” of the Data Protection Act 1998. The talk will be held in Seminar Room D of the University of Oxford’s Manor Road Building between 4.30 and 6 pm. A reception including refreshments will follow in the Centre. All are welcome. For further information please contact david.erdos [at] csls.ox.ac.uk. (Posted 10.10).
The Centre for Socio-Legal Studies (CSLS) is the leading UK institute for the study of law in society and socio-legal research lies at the heart of OxPILS. This research blends theoretical and empirical elements and draws upon a range of disciplines including history, political science, philosophy, sociology and law. The research is based on a belief that it is necessary to blend analysis of the basic structure of data protection with consideration of how this connects to social actors and practices in reality. The Centre’s research in the area of data protection may be divided into a number of different research strands which are explored further below.
Data Protection and the Open Society (DPOS)
The Data Protection and the Open Society (DPOS) project is led by Dr. David Erdos who is currently being funded by the Leverhulme Trust under its Early Career Fellowship scheme. It explores the troubled relationship between data protection law and practice and freedom of expression and information. The strands of research which relate especially to the DPOS are:
- DP Foundations [see DPOS: DP Foundations]
- Media and internet [see DPOS: media & internet]
- Research governance [see DPOS: research governance]
- Transparency [see DPOS: transparency]
Part of the work within DPOS has received very welcome funding from the British Academy under its Small Research Grant scheme [see DPOS: DP Foundations]. A number of themes connected to DPOS were specifically examined back in 2009 in a special CSLS seminar series on “Human Investigation and Privacy in a Regulatory Age”. Further details and related materials on this series are available here.
Online Social Networking Sites (Asma Vranaki)
This project examines the role of the law in protecting two fundamental interests, namely, copyright and privacy in one specific aspect of cyberspace, namely Online Social Networking Sites (‘OSNS’) . One of the aims of this project is to develop a conceptual
framework, which can then be used empirically, to analyse the relationship between formal copyright/privacy law and technologies developed by OSNS to protect privacy and copyright interests. This project is explored in detail in the OxPILS research strand OSNS.
Who Will Watch the Watchers? (Steven S. McCarty-Snead)
This project examines the interrelationship between rights and regulation in the area of surveillance. It examines the Data Protection Act alongside the Regulation of Investigatory Powers Act and the Human Rights Act. It particularly explores the work of the following three regulatory agencies – the Information Commissioner’s Office, Office of Surveillance Commissioners and the Human Rights and Equality Commission. This project is explored in detail in the OxPILS research strand Surveillance [see OxPILS: surveillance].
DPOS: DP Foundations
One unifying aspect of OxPILS research which distinguishes it from other work in this area relates to its concern to combine a close analysis of data protection law itself with consideration of how in reality this interacts and effects social actors and processes. This is certainly the approach taken by the Data Protection and the Open Society (DPOS) strand, DP Foundations.
DP Foundations probes the fundamentals of data protection across a number of dimensions: time, philosophy, structure and law. It uses a mixed methodology including historical archival study, doctrinal analysis and a systematic examination of the output of regulatory agencies over three decades. It starts by posing a cluster of basic questions the answer to which are of importance to any serious study of data protection. It then seeks to link these basic questions to the more specific questions which relate to the particular focus of the DPOS project.
The following are amongst the basic cluster of questions which are being posed:
- What is the core purpose or value of DP? What is the relationship between DP and privacy traditionally conceived?
- To what extent are the central concepts of DP such as “personal data” or “processing” conceptually coherent and stable?
- Was the genesis of DP a societal response to growth of certain scientific products per se (notably, the computer) or were particular organizational configurations (such as large government and large corporations) more important?
Amongst the specific questions which the project aims to link back to the basic ones above are:
- To what extent has DP grappled historically either with the tension between its demands and the need for freedom of expression by individuals and civil society, or with the tension between DP and the need for government and organizational transparency?
- To the extent such issues have been considered, how at a structural level has a resolution been envisaged? For example, has the regime itself been designed to be flexible enough to accommodate such tensions or, to the contrary, has the need for specific exemptions from DP requirements been considered critical?
As part of this strand a a systematic survey of the law and practice of Data Protection vis-à-vis freedom of expression across the European Economic Area (EEA) is currently being carried out. This study is being funded by the British Academy under its Small Grants Scheme. Freedom of expression is conceptualized broadly in this context and involves examination not only of the exemptions for journalism, literature and art (JLA) but also for personal/domestic processing and research as well as how the more general tension with free speech is being approached. This work explores and explains both similarities and differences between different DP laws both on the books and as interpreted by national data protection authorities. It builds from a methodology which was developed to examine bill of rights outcomes across the democratic world (Erdos, 2010).
Bennett, Colin & Charles D. Raab, The governance of privacy: policy instruments in global perspective, Cambridge, Mass.; London: MIT (2006)
Erdos, David, Delegating Rights Protection, Oxford: Oxford University Press (2010)
European Commission, Data Protection Directive
UK Government, Report of the Committee on Privacy, London: HMSO (1972)
UK Government, Report of the [Lindop] Committee on Data Protection, London: HMSO (1978)
UK Parliament, Data Protection Act 1998
Surveillance takes a variety of forms and serves a multitude of functions in contemporary society, but its sine qua non certainly involves the collection and processing of personal data. Whether through such activities as direct personal observation, indirect data mining, capturing of CCTV images, or satellite reconnaissance, surveillance activities collect data to utilize for such varied purposes as business marketing, employment screening, law enforcement investigations, and crime prevention. Public and private individuals and organizations alike increasingly engage in surveillance activities with the widespread availability of electronic databases and technological advances facilitating what some refer to as a ‘surveillance society.’ As Flaherty (1989, p.11) claimed, ‘[c]oncern about surveillance societies necessitates consideration of the legislative efforts to date to regulate such novel developments from the perspective of individual rights. Since 1970, the passage of general data protection laws has been the primary response of national and state governments to the perceived demand for the protection of personal privacy.’ OxPILS: surveillance recognizes data protection as one approach among several to the regulation of surveillance and protection of privacy in contemporary society. In Britain, for example, other approaches exist within the Regulation of Investigatory Powers Act and, through the Human Rights Act, Article 8 of the European Convention on Human Rights.
Still, OxPILS: surveillance views data protection as a significant element of the regulation of surveillance. Indeed, the emergence of data protection legislation correlates with an elevated concern over the increased capacity of surveillance and the post-World War II international institutionalization of the concept of privacy rights in the middle of the twentieth century. Recognizing this correlation, this research examines the complex relationship between surveillance regulation and privacy rights. Rather than studying data protection regulations regarding surveillance apart from their manifestation in regulatory practices and philosophies, however, this research studies the regulation of surveillance in law and society. Therefore, in its work on developing a greater understanding of data protection in contemporary society, OxPILS: surveillance recognizes the intersection of data protection and privacy rights in the regulation of surveillance activities as an important area of future research.
Bennett, C., 1992. Regulating Privacy: Data Protection and Public Policy in Europe and the United States. Ithaca (NY): Cornell University Press.
Bennett, C. & Raab, C., 2006. The Governance of Privacy: Policy Instruments in Global Perspective. Cambridge (MA): Massachusetts Institute of Technology.
Data Protection Act 1998.(Ch. 29), London: HMSO. [Online] Available at: <http://www.opsi.gov.uk/acts/acts1998/plain/ukpga_19980029_en>.
Flaherty, D., 1989. Protecting Privacy in Surveillance Societies: The Federal Republic of Germany, Sweden, France, Canada, & the United States. Chapel Hill (NC): University of North Carolina Press.
House of Commons, 2008. A Surveillance Society? Home Affairs Committee, Fifth Report of Session 2007-08, HC Paper No. 58-I (Session 2007/08). Volume I. London: The Stationary Office. [Online]. Available at: <http://www.publications.parliament.uk/pa/cm200708/cmselect/cmhaff/58/58i.pdf>
House of Lords, 2009. Surveillance: Citizens and the State, House of Lords Select Committee on the Constitution, 2nd Report of Session 2008-09, HL Paper No. 18-I (Session 2008/09). Volume I. London: The Stationery Office. [Online]. Available at: <http://www.publications.parliament.uk/pa/ld200809/ldselect/ldconst/18/18.pdf>
Human Rights Act 1998. (Ch. 42). London: HMSO. [Online]. Available at: <http://www.opsi.gov.uk/acts/acts1998/plain/ukpga_19980042_en>.
Morgan, B., 2007. The Intersection of Rights and Regulation: New Directions in Socio-Legal Scholarship. In B. Morgan, ed., 2007, The Intersection of Rights and Regulation: New Directions in Socio-Legal Scholarship. Burlington (VT): Ashgate Publishing. Ch. 1.
Regulation of Investigatory Powers Act 2000.(Ch. 23), London: HMSO. [Online]. Available at: <http://www.opsi.gov.uk/Acts/acts2000/plain/ukpga_20000023_en>.
DPOS: media and internet
Examining and helping resolve the tension between freedom of expression and data protection lies at the heart of the Data Protection and the Open Society (DPOS) project. With the rise of new technologies and social media, this is a task which is becoming ever more difficult and complex. DPOS: media and internet pursues these issues from three complementary perspectives – the historical, the doctrinal and the empirical. Whichever perspective is adopted, it is apparent that there are a variety of ways in which this reconciliation has been attempted including (i) complete exclusion of certain forms of communication from DP, (ii) the crafting of special provisions for certain types of speech and (iii) flexible interpretation of the ordinary DP provisions in order to accommodate free speech interests.
The strand begins by examining this issue in its historical setting asking to what extent, and how, the original framers of data protection in the 1970s and 1980s recognized, and sought to resolve, the tension between freedom of expression and ordinary data protection rules. Given the very different social and technological environment then existing, this issue was largely conceived as one which only affected the traditional media. Analysis from this perspective will involve a systematic examination of first generation data protection laws across the Organisation for Economic Co-operation and Development (OCED) and both archival analysis and interviews with those concerned with policy formulation and implementation during this period. Deployment of the last two approaches will largely be confined to the transnational level and the UK case.
Following on from this, DPOS: media and internet examines from a doctrinal perspective the current way in which freedom of expression is regulated by current data protection law. At least within the European Union, which has attempted to harmonize DP rules through Directive 95/46/EC, a substantially common pattern has emerged. Firstly, given the breadth of the Directive, it is likely that most forms of electronic public communications will fall within the scope of the DP regime. However, secondly, under Article 9 of the Directive, it is expected that Member States will make special provision for speech which is exclusively journalistic, literary or artistic (JLA). This structure raises three pressing questions:
- The nature of the JLA exemption: What special provisions should be expected for JLA speech ?
- The scope of the JLA exemption: What sort of activities fall inside or outside of the JLA rubric?
- The general nature of DP: To what extent can the ordinary rules of DP accommodate expressive activities which may fall outside the JLA exemption?
Answers to these questions build from a systematic survey of the transposition of of Article 9 JLA provisions across the European Economic Area [see DPOS: DP Foundations], an analysis of relevant case law at both the ECJ and national level and a consideration of various specific case studies which are compared across jurisdictions.
This last issue links to the final aspect of DPOS: media and internet which is contemporary and empirical. In particular, it considers, firstly, the extent to which DP norms and practices have infiltrated the practice of different social groups concerned with freedom of expression and, secondly, how data protection authorities interpret DP in relation to the activities of these groups. Groups specifically analyzed include the traditional media (both public and private), producers of new expressive products such as Google Street View and producers of user generated content including social networking sites. A primary theoretical question is to consider to what extent any divergences located are primarily rooted in specific legal considerations (e.g. the scope of the JLA exemptions) or, in contrast, in social, cultural, political or economic differences between the groups themselves.
Aldhouse, F. G. B., “Data protection, privacy and the media”, Communications Law (Vol. 4(1), pp. 8-15)
Council of Europe, Committee of Experts on Data Protection, Data Protection and the Media, Strasbourg: Council of Europe (1990)
Erdos, David, “Confused? Analysing the Scope of Freedom of Speech Protection vis-à-vis European Data Protection” (Pre-print Manuscript) (2012) [HYPERLINK TO http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2119187]
European Commission, Article 29 Working Group, Data Protection Law and the Media, Brussels: European Commission (1997)
Rasaiah, Santha & David Newell, “Data Protection and Press Freedom” in Eric Barendt (ed.), Yearbook of Entertainment and Media Law 1997-8, Oxford: Clarendon Press (1997)
Solove, Daniel, The Future of Reputation: Gossip, Rumor and Privacy on the Internet, New Haven, Conn.: Yale University Press (2007)
Volokh, Eugene, “Freedom of Speech and Information Privacy: The Troubling Implications of a Right to Stop People Speaking About You”, Stanford Law Review(Vol. 52, pp. 1049-1124) (2000)
White, Anthony, “Data protection and the media”, European Human Rights Law Review (Vol. 25, pp. 25-36) (2003)
OxPILS: online social networking sites (OSNS)
This project examines the role of the law in protecting two fundamental interests, namely, copyright and privacy in one specific aspect of cyberspace, namely Online Social Networking Sites (‘OSNS’) . As part of the research, Asma is analysing empirically the construction of the copyright and privacy network in two OSNS, namely, YouTube and Facebook to trace the key actors, their interests, their alliances and the sources of resistance in these two networks. Additionally, she also empirically analyses the relationship between law and technology in these two networks by applying the Foucauldian-ANT perspective of power which she has developed earlier on in the course of her doctorate. The main contention of her project is that a deeper understanding of the relationship between law and technology in OSNS as well as the power effects generated from this relationship can be achieved by applying a socio-legal-technological approach. It also seeks to offer a preliminary account of how a Foucauldian-ANT perspective of power can assist in gaining a more accurate and sound understanding of the role of law in protecting fundamental interests not only in OSNS but also in cyberspace by bringing the technological and legal to the forefront of investigation.
DPOS: research governance
According to mainstream interpretations, academic investigations are generally considered to be a form of “research” processing which is subject to special regulations under data protection law. For example, such provisions are set out in section 33 of the Data Protection Act (DPA) 1998 and also Articles 11 (2), 13 (2) and 32 (3) of the European Data Protection Directive. In some countries these regulations also encompass market research, whilst in others their scope is more limited and the general rules of data protection apply in this context. Finally, even in countries like the United States which lack a comprehensive data protection framework, a cognate form of regulation (such as the US Common Rule for the Protection of Human Subjects) separately regulates academic activity. This system of regulation has the potential, both direct and indirect, to seriously effect what types of investigations get completed and, therefore, what forms of information and knowledge are produced, ultimately for society at large. DPOS: research governance analyses these pressing issues from four over-lapping and complementary perspectives: history, doctrine, structure and philosophy. Given its greater over-lap with broader themes being examined in the Data Protection and the Open Society (DPOS) project, it especially focuses on how data protection affects academic inquiries into the social (including political) realm.
Turning to the historical perspective, DPOS investigates the origins of these research regulations. It particularly considers the extent to which these regulations have developed with an awareness of of the the concerns and needs of the social sciences and humanities. It also poses the question of whether these provisions were over-effected by what has been argued to be a rather timid investigatory culture with many academic institutions (Sjoberg & Miller, 1973) or the comparatively weak political power of academics compared with other social actors (Dingwall, 2006).
Following on from this topic, DPOS analyses from a doctrinal perspective the implications of current data protection research regulations for academic activity. Concern over the direct effects of data protection has been particularly prominent within the medical research community. Indeed, one top cancer expert, Sir Richard Doll, announced in 2004 that the DPA 1998 was “utterly destructive” and he was willing to “go to jail for science” rather than comply with these and related rules. However, arguably the data protection framework sits in even more tension with academic social inquiry whose use of personal data can be directly identifiable, critical and fluid. In this regard it should be noted that Rosemary Jay, both then and now the UK’s leading data protection expert, stated in 2005 that the DPA 1998 made all forms of covert or deceptive research (a common methodology within certain types of social inquiry) “almost certainly” illegal.
The next part of this DPOS strand considers the important, albeit indirect, relationship between DP research regulations and the general structure of research governance especially in the UK. Since the enactment of second generation data protection law in the late 1990s (DPA 1998), UK academia has experienced an explosion of formalized research governance procedures which now encompass not only medical but also social research (Economic and Social Research Council, 2010). Arguably, this expansion of formalized review is not unconnected to the new legal responsibilities placed on Universities as data controllers. What is clear is that the detail of the research governance policies adopted by Universities have been heavily influenced by their interpretation of DP requirements. This aspect of the strand therefore explores (i) the precise connection between the growth of general research governance and DP, (ii) the detail of the research governance and DP policies adopted by academic institutions, and (iii) how this may be practically affecting what types of academic investigations (especially social investigations) get completed.
The final part of DPOS: Research Governance explores various philosophical puzzles raised by the regulation of academic investigation under DP. Firstly, it considers whether, given that academic investigations are almost always orientated towards the production of a literary product for public consumption, all or at least most of such investigations should actually benefit from the most more liberal regime under DP for journalism, literature and art [see DPOS: media and internet]. Secondly, it examines whether the essence of academic freedom is imperiled if, unlike many other producers of public information and analysis, academics are especially constrained in their activities through the DP research governance regime. Whilst relatively abstract it is clear that neither of these questions are other-worldly. To the contrary, if the answer to either question is yes, then this undermines the whole basis on which this area has been regulated by DP. Moreover, the answer to both these questions may well determine the types of knowledge and information which get produced in the coming decades.
Charlesworth, Andrew, Code of Practice for the Further and Higher Education Sectors on the Data Protection Act 1998 (JISC Legal) (3rd Edition) (2008)
Dingwall, Robert, “Confronting the Anti-Democrats: The Unethical Nature of Ethical Regulation in Social Science”, Medical Sociology Online (pp. 51-58) (2006)
Economic and Social Research Council, Framework for Research Ethics (2010)
Erdos, David “Freedom of Expression Turned On Its Head? Academic Social Research and Journalism in the European Union’s Privacy Framework” (forthcoming in Public Law January 2013) [INSERT HYPERLINK TO http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1928177]
Erdos, David, “Constructing the Labyrinth: The impact of data protection on the development of ‘ethical’ regulation in social science”, Information Communication and Society (Vol. 15 (1), pp. 104-123) (2012)
Erdos, David, “Systematically Handicapped? Social Research in the Data Protection Framework”, Information and Communications Technology Law (Vol. 20 (2), pp. 83-101) (2011)
Erdos, David, “Stuck in the Thicket? Social Research under the First Data Protection Principle”, International Journal of Law and Information Technology (Vol. 19 (2), pp. 133-152) (2011)
Lancaster University, Data Protection Project, Research (2003)
Peto, Julian, Olivia Fletcher & Clare Gilham, “Data protection, informed consent, and research”, British Medical Journal (Vol. 328, pp. 1029-30) (2004)
Respect Project, Data Protection Aspects Within the Framework of Socio-Economic Research, Brighton: Institute of Employment Studies (2003)
Social Research Association & Market Research Society, Data Protection Act 1998: Guidelines for social research (2005)
Sjoberg, Gideon & Paul Jean Miller, “Social Research on Bureaucracy: Limitations and Opportunities”, Social Problems (Vol. 21 (1), pp. 129-43) (1973)
The relationship between Data Protection and organizational transparency initiatives raises tensions in relation to the free flow of information which in many respects overlap with the concerns pursued in DPOS: Media and Internet [see DPOS: media and internet] and DPOS: Research Governance [see DPOS: research governance]. They are nevertheless conceptually and practically distinct and are therefore separately analyzed in the strand DPOS: Transparency. This issue is usually conceived as a question relating to interaction between data protection and Freedom of Information (FOI) legislation. Whilst this is also the focus of this Data Protection and the Open Society (DPOS) inquiry, the project places this issue within a broad context which also may implicate disclosure initiatives pursued by business and other non-governmental organizations, the voluntary disclosure of information by government and specific disclosure policies and regulations such as that relating to campaign finance.
The degree of confusion in this area may be highlighted by consideration of the markedly different outcomes of legal cases decided within what is meant to be a harmonized EU regime. Thus, in Corporate Officer of the House of Commons (2008) the England and Wales High Court backed the forced and fully identifiable disclosure of wide-ranging information relating to the expenses claims of Members of the British Parliament. In contrast, in the same year the UK House of Lords in Common Services Agency (2008) apparently blocked even the anonymized disclosure of health-related data holding that this remained not only “personal” but also “sensitive personal” data. Finally, in the recent Bavarian Lager case of 2010, the ECJ blocked the disclosure under the EU’s Access to Document Regulations of the names of business and governmental representatives who attended, solely in their official capacity, a Commission meeting concerned with the implementation of EU competition law. This was despite a finding that the disclosure in question would not have a significant impact on the private life of the individuals concerned.
DPOS approaches these issues from a historical, comparative, doctrinal and empirical perspective:
- Historically the project is concerned to examine to what extent such tensions were considered at the time of the original genesis of data protection law. So far, the project has found only limited evidence of such an awareness (SSRC Data Archive, 1978).
- Comparatively, the project will systematically examine the manner in which OECD countries seek to manage the DP-FOI interface. This will involve both an analysis of formal legislative provisions as well as interviews with regulatory officials concerning how such laws should, and are, interpreted.
- Doctrinally, the project will gather instances of how the tension between DP and FOI has been resolved in concrete cases. It will use this both to build up an understanding of different patterns of outcomes and to attempt to chart a more coherent mechanism for resolving the various tensions.
- Empirically, the project will seek to explore evidence of the extent DP concerns are systematically taken into the formulation of transparency initiatives such as, for example, the disclosure of salary information. It is expected that this part of the project will primarily involve interviews with relevant policy formulators as well as analysis of any material which can be publicly released.
Birkinshaw, Patrick, Freedom of Information: The Law, the Practice and the Ideal (pp. 271-316), Cambridge: Cambridge University Press (2010)
C-28/08 Commission v. Bavarian Lager (2010)
Corporate Officer of the House of Commons v. Information Commissioner and others  EWHC 1084 (Admin.)
Common Services Agency v. Scottish Information Commissioner  UKHL 47
SSRC Data Archive, “Foreign Archives and Data Institutions”, SSRC Survey Archive (No. 11, pp. 6-7) (1978)
UK, Information Commissioner’s Office, The Exemption for Personal Information (2008)
OxPILS: law and policy
In their empirical investigations into data protection and the regulation and capture of information, OxPILS researchers inevitably uncover potential defects in law and policy. From a theoretical perspective, they also construct alternative ways in which the various values at take in DP may be reconciled. OxPILS is strongly committed to ensuring that its academic research has a positive impact in relation to public policy, legal, social, cultural and economic outcomes. Making such an impact has never been more important given that:
- The debate within the European Union on the proposed Data Protection Regulation (COM (2012) 11 final) is now underway,
- The Council of Europe’s Data Protection Convention and the OECD’s Privacy Guidelines are also under review, and
- A growing number of countries, for example Ghana, either have adopted or are considering adopting DP law for the first time.
This page will be regularly updated with information produced by OxPILS researchers which aim to contribute to the betterment of law and policy in this area.
Submissions by OxPILS and Associates
- In October 2011 David Erdos provided a submission to the call for evidence for the UK inquiry into privacy by the newly formed Joint Committee on Privacy and Injunctions.
- In March 2011 DP@CSLS (now OxPILS) approved a submission to the Council of Europe regarding the ‘Modernisation of Council of Europe Convention 108.’ You can read the submission here.
- In January 2011 DP@CSLS approved a submissionto the European Commission regarding ‘A Comprehensive Approach on Personal Data in the European Union.’ You can read the submission here.
- In October 2010 David Erdos submitted to evidence as part of the UK Ministry of Justice’s review of the Data Protection Act 1998 and the European Data Protection Directive. The evidence submitted will be available here shortly.
- In April 2010 David Erdos presented evidence as part of the New Zealand Law Commission’s review of the New Zealand Privacy Act 1993. You can read the submitted evidence here [see document below].
Data Protection and the Open Society (DPOS) Principal Investigator: Dr David Erdos (Balliol College)
Katzenbach Research Fellow, Centre for Socio-Legal Studies Manor Road, Oxford OX1 3UQ firstname.lastname@example.org; (01865) (2)84245
29 April 2010
Dear Mr. Lincoln,
Submission to the Review of the New Zealand Privacy Act 1993
I am a legal researcher based at the Centre for Socio-Legal Studies, Faculty of Law, University of Oxford. I work within the area of data protection/privacy examining, in particular, how law and practice in this area relates to other important societal values, notably freedom of expression and information. Please find some further information on my biography and also on my research attached.
Unfortunately, although I am interested in all aspects of your review of the Privacy Act 1993, I have only found time to provide some very rough comments on how you deal with the current exemption of “news activity” by any “news medium” (Section 2(xiii), Privacy Act 1993). Briefly, I acknowledge that the complete exemption this part of the Act grants may, especially in the light of the absence of a right of privacy in e.g. the New Zealand Bill of Rights Act 1990, be inappropriately total. On the other hand, I am principally concerned that these provisions are unhelpfully opaque and potentially far too narrow to capture the range of freedom of expression interests which should be especially protected. This narrowness is likely to lead to growing problems as developments such as social networking elide categories in this area. Most importantly, I am concerned that the lack of clarity of this provision leads relatively risk-averse institutions, notably many New Zealand Universities, deciding that important high-value expression (e.g. social sciences and humanities research) falls outside of this exemption. The full force of the Privacy Act is therefore applied by Research Ethics Committees which now routinely vet academic projects for compliance with the law (see e.g http://calendar.waikato.ac.nz/assessment/ethicalConduct.html). This in practice means that certain forms of communication which serve in a very serious way the public interest are hampered in their activities, whilst communications which serve at best little more than an “entertainment” function are substantially free from control. This is impossible to justify, I would argue, from any perspective of principle. It is specifically against the logic of the New Zealand Bill of Rights Act’s protection of freedom of expression (Section 14), absent a justified limitation (Section 5). It is to be stressed that this right is very broad. It specifically includes “the freedom to seek, receive, and impart information and opinions of any kind in any form” (Section 14). It is therefore vital that this whole area is systematically looked at again.
There follows some more detailed comments on the specific questions from your Issues Paper (Wellington, 2010) (p. 133). I should point out that these suggestions are made in the spirit of improving what is currently a very different Act to interpret and navigate. They are not meant to offer in any sense definitive solutions to the many difficult philosophical and regulatory issues this area of law raises. (These issues are currently being addressed in my Data Protection the Open Society (DPOS) project, the details of which I attach).
Responses to specific questions:
Q.64 – We propose that the exclusion of the news media in relation to their news activities should remain in the Privacy Act. Do you agree?
I believe that anyone engaging in data processing activities with a view to the publication of a work to the public (or a section of the public) clearly requires substantial exemption from the Privacy Act. To that extent I believe that the news media exemption which is currently provided is appropriate. However, there are concerns that this provision is both too narrow/opaque and that it grants too unlimited an exemption in certain cases. The first point is dealt with in the questions to come. Regarding the second, I think the exemption should only apply in cases where:
- The material which has, or is to be, made public is not such that publication is against the public interest.
This test should be broad enough for all the various and multi-faceted interests in play in a concrete case to be weighted in the balance in order to develop a notion of what must be prohibited as contrary to the “public interest”.
Q. 65 We propose that the definition of “news activity” should remain as it is. Do you agree?
No. It is vital that this term is clarified and expanded. It is unclear at present how this term relates to the following type of activities:
- The writing of contemporary history or a biography on a public figure. This is clearly work which, in principle, is in the public interest. However, it is likely to be stymied if it has to conform to all the substantive provisions of the Privacy Act 1993. In practice, the socio-legal reality in New Zealand currently is that an independent writer will likely produce such material on the assumption that the “news media” exemption does apply. By contrast, if the writer is attached to a University, then the University Ethics Committee is almost certain to decide that the exemption does not apply and that therefore the research has to adhere to the Privacy Act’s provisions in full. This is manifestly unprincipled.
- Reports which deal with matters of public concern but which report on events over a wide span of time i.e. which don’t deal with a matter which, in a narrow sense, constitutes immediate “news”.
- Private archives which are made available to the public (e.g. of a public figure or an civil society organization)
- Blogs and social networking sites. Vast amounts of data are being made public in these new arenas, with little community consensus as to how privacy issues should be resolved.
An exemption should be available for all forms of processing where a person is seeking to publish a work for the public and that publication is not against the public interest. It should be made clear that this applies to the production of any literary or artistic piece of work including not only journalistic work but also research work, whether produced in Universities or otherwise.*
Q.66 Do you think the definition of “news medium” should be amended to confine it to the print and broadcast media? Alternatively, should it be confined to news media that are subject to a code of ethics and complaints procedure?
No. The exemption should apply generally as above. However, this should be subject to a public interest test, enforceable ultimately in the courts. There may also be a case for allocating to an official agency the task of receiving and investigating complaints that this test has not been met. This could provide a particularly useful tool in relation to the legal issues which arise with new media such as blogs and social networking sites. Any final determination, however, must be a matter for the courts. Moreover, it is important that legal costs do not deter such cases being heard when appropriate.
Q. 67 We propose that the limiting reference to Radio New Zealand and Television New Zealand should be removed from the definition of “news medium”. Do you agree?
Q68 Are any other changes needed to the exclusions from the definition of “agency”?
Yes. There should be no requirement that the agency in question is specifically a “news medium” agency. The focus should be on the function being performed, not the general nature of the agency. To reiterate, the test should be whether the processing under scrutiny is undertaken in order to publish (or constitutes the act of publishing) material for the public (or a section of the public) and that publication is not against the public interest. Thus, if Wellington City Council is producing a book on Wellington featuring contemporary history and photography then it should be able to benefit from the exemption in the same manner as if The Dominion Post were doing the same. But, likewise, it should be stressed that both agencies also undertake many activities which should not benefit from this exemption (e.g. collecting tax or invoice payments).
I hope that you find this submission helpful. Please do not hesitate to contact me if you require further elaboration or are interested more generally in the DPOS project.
Dr. David Erdos
* Section 32 of the Data Protection Act (UK) 1998 provides for a wider exemption but does not take on board the need to clarify that the exception is available for “research”.
OxPILS: getting involved
There are many ways in which you might get involved in the work of OxPILS. A variety of possibilities are available depending on your institutional affiliation, background, level of interest and time available.
Join the Committee
- If you are a current member of Oxford University with an interest in data protection, then you may wish to join the OxPILS Committee. This Committee helps co-ordinate OxPILS activities and events and, in doing so, seeks to promote inter-disciplinary discussion and debate on privacy and information across the University and beyond. The Committee consists of a Chairperson and a number of officers, such as Information Outreach Officer, Web Officer, Secretary, and others eager to be involved in OxPILS’ activities and events.
Keep in touch
- If you wish to keep up-to-date with work going on at OxPILS then you are invited to follow us on Twitter.com at OxPILS[see http://twitter.com/#!/OxPILS]. You can also check our News and Events page [see OxPILS: news and events] and are warmly invited to attend any of our events open to you.
- If you are interested in joining OxPILS as a student then you should consult information about student admissions available from CSLS as well as from the University of Oxford generally. The Centre accepts research students working towards an MSt, MLitt and DPhil. It is Centre policy that final decisions regarding supervision can only be made a student has been accepted into the Centre and his or her research degree is commencing. However, you are welcome to get in touch informally with Dr. David Erdos (david.erdos[at]csls.ox.ac.uk) to discuss your interest in studying within this area.
- If you are interested in being associated with OxPILS through visiting CSLS then you are advised to consult the details of the Centre’s Visiting Programme. This programme covers established academics, practitioners and student researchers. In relation to the academic elements of your proposed visit you are very welcome to get in touch with Dr. David Erdos at david.erdos [at] csls.ox.ac.uk. Any other matter may be taken up with Dr. Marina Kurkchiyan who is CSLS’ Deputy Director and Head of the Visiting Programme.
- If you are an interested in establishing some other kind of collaboration with OxPILS then you are welcome also to get in touch with Dr. David Erdos atdavid.erdos [at] csls.ox.ac.uk. Such collaborations may range from joint web links through to a suggested joint funding application. If you are particularly interested in the work of a specific individual then you are of course welcome to get in touch with that person directly (see OxPILS People [see OxPILS: people] for details).
OxPILS is structured as a research programme within the Centre for Socio-Legal Studies, which is housed in the University of Oxford’s Manor Road Building. The OxPILS Committee is responsible for coordinating OxPILS activities and events. If you are interested in getting involved with OxPILS, please visit the OxPILS: getting involved webpage.
Our street address is:
Centre for Socio-Legal Studies
Manor Road Building
Our fax number is
+44 (0) 1865 284221
For any general matter relating to OxPILS you are welcome to get in touch with Dr. David Erdos at david.erdos [at] csls.ox.ac.uk. Matters relating to the work of specific individuals listed on OxPILS should be taken up directly with that person. For relevant contact details see OxPILS People [see OxPILS: people].
Getting to CSLS
The University of Oxford’s Manor Road Building houses CSLS alongside the Centre for Criminology, a number of other units within the Social Sciences Division and the Social Sciences Library. The building is directly next to the Law Library and the offices of the Law Faculty in St Cross Street. Manor Road is about half a mile to the north east of the city centre. The map below provides details of how to get to us. Further details are provided on the Centre’s main website.
This page provides a general list of some of the main organizations whose work relates strongly to that pursued by OxPILS. Some more specific linkages are provided within the research strand [see OxPILS: research] pages of the website.
National Regulatory Agencies
Austrian Data Protection Authority (English site)
News, Blogs and Journals