30
A Democratic Licence to Operate
to personal security will sometimes limit either liberty or privacy (or both) for some.
However, the security of the state is not, in itself, a legitimate constraint on the rights
of individuals. The security measures taken by states – from surveillance to policing
investigation, from data collection to data mining – are legitimate only insofar as they
contribute to respecting the rights of persons, such as the right to life.
Privacy
2.5
Like the majority of rights, the right to privacy is a qualified, rather than absolute, right.
While everyone has the right to respect of their private and family life, and their home
and correspondence, ‘a public authority can interfere in the interests of national security,
public safety or the economic well-being of the country, for the prevention of disorder
or crime, for the protection of health or morals, or for the protection of the rights and
freedoms of others’, according to the ECHR.2 As Anderson notes:
[The] state has a duty to keep those within its borders safe from criminality. That duty is
generally acknowledged to require some ability to intrude upon private communications.
Where communication channels are unwatched by the state, and still more when they are
incapable of being watched, criminals can act with impunity. That common-sense observation
is reflected in the routine activity theory, a criminological staple which states that the three
necessary conditions for most crime are a likely offender, a suitable target and – significantly
– the absence of a capable guardian.3
2.6
The relationship between privacy on the one hand, and liberty and security on the other,
is complex. Discussions of privacy and security are often described as a matter of finding
or striking a ‘balance’; this traditional metaphor can be misleading. There is no metric
for ‘weighing’ different rights, or even for comparing the ‘weight’ of different rights
in particular cases. But it is feasible to set out robust standards that must be met in
adjusting rights to one another and to devise and establish structures to do so.
2.7
This framework has come under strain with the emergence of a range of communications
technologies that bear on each of these rights and their implementation.4 In the EU,
the informational aspects of the right to privacy are regulated by the Data Protection
Directive (1995; subsequently implemented in national jurisdictions), which regulates
the use, storage and reuse of personal data, and allows authorised access to such data,
recognising that privacy rights must be qualified to allow for rights to liberty and security.
2.
3.
4.
Council of Europe, ‘Convention for the Protection of Human Rights and Fundamental
Freedoms’, Rome, 4.XI.1950.
David Anderson, A Question of Trust: Report of the Investigatory Powers Review [Anderson
Report] (London: The Stationery Office, 2015).
PR Newswire, ‘Digital Divergence: Microsoft Poll Shows Striking Differences in Attitudes
Toward Technology between Internet Users in Developing and Developed Countries’, 2015,
<http://www.prnewswire.co.uk/news-releases/digital-divergence-microsoft-poll-showsstriking-differences-in-attitudes-toward-technology-between-internet-users-in-developingand-developed-countries-289006871.html>.