Privacy holds a highly contested place within contemporary political and legal discourse. One of the difficulties associated with privacy claims is the relatively amorphous nature of privacy. As Robert Gellman aptly said:
Lawyers, judges, philosophers, and scholars have attempted to define the scope and meaning of privacy, and it would be unfair to suggest that they have failed. It would be kinder to say that they have all produced different answers.~1
Particularly marginal or novel claims for privacy are sometimes resisted with the argument that privacy is meaningless when it potentially encompasses all and any claims to individual liberty and autonomy. Yet it should no longer be doubted that privacy is a fundamental concern and that, in many traditional settings, it has also acquired a fairly specific scope and meaning. However, privacy is difficult to enforce because it is not an absolute right. Its protection must always be sought against conflicting values or interests. While the conflict between privacy and freedom of expression has been a constant for many decades, it is becoming apparent that public safety and national security concerns have resurged as the nemesis of privacy claims, in particular when states consider themselves under siege from external and internal threats.
1 R. Gellman, 'Does Privacy Law Work?' in Philip Agre and Marc Rotenberg (eds.)， Technology and Privacy: The New Landscape (Cambridge, MA: MIT Press, 1997), p. 193.

This book with Australian and European perspectives on emerging challenges in privacy law comes at the right time, since those challenges are increasing both in size and in scope. It also sends a powerful message on the need for reform, so as to ensure that our legal safeguards in this area continue to be relevant in a fast changing world, and that adequate thought is given to different ways to make them more effective in practice, and more accessible and understandable for all stakeholders. This message is very welcome, and this at least for three good reasons.
The first reason is that 'privacy' and 'data protection' are more and more relevant in a world that is increasingly driven by information, and where detailed information on the behaviour of individuals is generated and used, almost twenty-four hours a day and seven days a week, in a variety of ways, both online and off line, without these individuals being aware of it, and where at the same time even the most experienced internet users are discovering the limits of their control. The fact that this is happening does not mean that 'privacy' and 'data pro- tection' as fundamental rights or values have disappeared. The often repeated statement from Silicon Valley: 'Privacy is gone, get over it,' is contradicted by a growing sensitivity among consumers and citizens in many parts of the world, who are demanding more control over their personal information, more transparent data management practices and better accountability of relevant business organisations and government agencies.
What is emerging here is a growing disconnect between widespread practices in the field and consumers' and citizens' expectations. Many of them wish to benefit from the positive aspects of the Digital Society, and at the same time, to be more assured that their privacy interests are adequately protected. This is a powerful driver of legal reform, since more trust and confidence in the online environment are key conditions for economic growth, and particularly so in areas such as eCommerce, eGovernment and eHealth. It is also increasingly clear that a sustainable development in these areas needs to be built on widely shared and practised modern legal safeguards for privacy and data protection.
The need for reform of present legal safeguards for privacy and data protection is now also driving important initiatives in different parts of the world and at different levels. This is another reason why the various contributions in this book are so welcome at this point in time. Both the OECD and the Council of Europe have revisited their current privacy frameworks, in order to update and reinforce them in the light of recent developments. The OECD Privacy Guidelines (1980) was the first major policy document to lay down privacy principles for its member states, including from Europe and the Asia-Pacific, and a revised version of the Guidelines was published earlier this year. The Council of Europe's Data Protection Convention (1981) was the first binding legal instrument, aiming at a comprehensive set of legal safeguards for the protection of personal data at national level. It has been ratified by forty-five countries in Europe and recently also by Uruguay, and continues to be open for accession by other countries around the world. The revision of the Convention is now well on its way.
The European Union has used the Council of Europe Convention as a reference point for its Data Protection Directive (1995) and other instruments, which specified its legal safeguards for the EU member states. The EU is now also engaged in an thorough review of its current legal framework for the protection of personal data. The results of this review will be visible in the near future and hopefully contribute to stronger and more effective protection of personal data, both within their own scope and beyond. These international instruments have influenced each other, and so far, this continues to be the case.
Let me mention two other examples: the US government has launched an initiative to update its approach to privacy, and the World Economic Forum is developing a major initiative to improve, and hopefully mainstream, 'Personal Data Governance'. All these activities will benefit from high quality input from academia, civil society and other relevant stakeholders. This book will therefore also be helpful as a source of reference and further reflection on how to take this subject forward at different levels.
All this means that we are at a crucial point in time that opens many opportunities. If we get it right and coordinate our efforts well, we will be able to reinforce our legal frameworks in the face of new technologies, and achieve more global privacy at the same time. That is at least the perspective in which the EU is currently approaching its own review of the existing legal framework for data protection. It would be great if this book could help us all make progress in the same direction.

Acknowledgements page viii

Notes on contributors ix

Foreword xv

Introduction

1 An overview of emerging challenges in privacy law 1 NORMANN WITZLEB, DAVID LINDSAY, MOIRA PATERSON AND SHARON RODRICK

      PART I Reforming the data protection frameworks: Australian and EU perspectives 29

2 Navigating privacy in the information age: the Australian perspective 31 TIMOTHY PILGRIM

3 Responding to new challenges to privacy through law reform: a privacy advocate's perspective 45 NIGEL WATERS

4 The reform of EU data protection: towards more effective and more consistent data protection across the EU 62 PETER HUSTINX

      PART II Privacy in European human right instruments 73

5 Protection of privacy in the EU, individual rights and legal instruments 75 UDO FINK

6 A world data privacy treaty? 'Globalisation' and 'modernisation' of Council of Europe Convention 108 92 GRAHAM GREENLEAF

      part iii Privacy protection through common law and statute 139

7 Protection against intrusion in English legislation 141 N. A. MOREH AM

8 Privacy: common law or human right? 157 MICHAEL TILBURY

9 English privacy law in the light of the Leveson Report 180 ERIC BARENDT

      part IV Privacy, surveillance and control 199

10 Surveillance in public places: the regulatory dilemma 201 MOIRA PATERSON

11 Privacy and young people: controlling anti-social behaviour through loss of anonymity 229 THOMAS CROFTS

      part V Privacy and the Internet 257

12 Data privacy law and the Internet: policy challenges 259 LEE A. BYGRAVE

13 The 'right to be forgotten' in European data protection law 290 DAVID LINDSAY

14 Privacy online: reform beyond law reform 338 MEGAN RICHARDSON AND ANDREW T. KENYON

15 Privacy protection and data clouds in Germany and the influence of European law 353 DIETER DÖRR AND EVA AERNECKE

      part vi Privacy, the courts and the media 369

16 Open justice, privacy and suppressing identity in legal proceedings: 'what's in a name?' and would anonymity 'smell as sweet'? 371 SHARON RODRICK

17 Interim injunctions for invasions of privacy: challenging the rule in Bonnardv. Perryman? 407 NORMANN WITZLEB

Index 441

中国标准化研究院国家标准馆