Different countries have different privacy laws, and different attitudes towards what should be counted as private information. As Peter Fleischer rightly notes, this often means that citizens of various nation-states are often confused about their digital privacy protections – in part because of the influx of foreign culture (and the presumed privacy standards in those media) – and consequently are unaware of their nation’s privacy resources, or lack thereof.
Google Corporation has recently begun to suggest that a global data protection system has to be implemented. In his private blog (which isn’t necessarily associated with his work with Google) Fleischer notes that,
…citizens lose out because they are unsure about what rights they have given the patchwork of competing regimes, and the cost of compliance for businesses risks chilling economic activity. Governments often struggle to find any clear internationally recognised standards on which to build their privacy legislation.
The ultimate goal should be to create minimum standards of privacy protection that meet the expectations and demands of consumers, businesses and governments. Such standards should be relevant today yet flexible enough to meet the needs of an ever changing world. Such standards must also respect the value of privacy as an innate dimension of the individual . . . we should work together to devise a set of standards that reflects the needs of a truly globalised world. That gives each citizen certainty about the rules affecting their data, and the ability to manage their privacy according to their needs. That gives businesses the ability to work within one framework rather than dozens. And that gives governments clear direction about internationally recognised standards, and how they should be applied. (Source)
I think that, in a general sense, Fleischer is dead on. There is a need to establish a harmonious global privacy standard, one that clearly identifies citizens’ respective privacy rights, and that does not unnecessarily inconvenience business. The concern that I have surround the principle actors of such privacy law. As it stands now, particular citizens cannot (often) envision themselves as the authors and addressees of international law. Nor is there court system that is currently able to enforce its will on members of the international stage who are found to be violating international law.
A core element of law is that the members who are to be served by it must see themselves as its authors and addressees – without this, they do not develop shared bonds, do not recognize the law as something they had a hand in creating, and as such lack a substantive legitimated obligation towards it. Of course, coercive measures can be deployed so that citizens sufficiently fear disobeying the law, but this is an obligation promoted by fear rather than by respect. Citizens, under the former mode of obligation, will chafe under its yoke, whereas they will recognize themselves as having self-imposed law in the latter situation and, consequently, recognize themselves as responsible the obligations they exist under. Certainly, experts from different corporate groups should be present when data privacy laws are developed, but not as key political actors, but as members that argue for their particular position. As experts in different areas come to inform lawmakers, lawmakers who also listen to the words of academics, the disenfranchised, and economically disadvantaged, it becomes possible to create laws that balance corporate interests (which are essential to preserving a network where goods can be transferred from one zone to another) and the interests of the citizenry, the key group that all corporations ultimately depend on for their continued existence.
While Fleischer is right, insofar as we need some kind of global privacy system, any such system must be developed along lines guided by the respective citizenries that are to be affected by such laws. Corporations, of course, have a key role to play in developing data protection laws – they should avoid actively trying to denigrate particular modes of governance, particular political associations, and allow data to flow between discursive participants without interruption. The role of money should be to minimally enter into the domain of the lifeworld, the space where the democratic consensus that is needed to establish any potential structure of global law is to take place before being brought into the political system.
Each particular political body will determine what should and should not be private and (hopefully) their decisions can be guided by a key set of norms that are intended to facilitate similarly motivated, though not necessarily similar in form, international law. Each body politic and the associations that it has chosen to enter into must be respected. If/when dominant groups that try to facilitate a global privacy model, and stridently discount particular models before the discourse even begins, those groups reveal that their interests are not necessarily motivated by what is best for the world’s citizenries as a whole, but for the particular group. It’s not uncommon, but when one of those groups happens to be one of the largest corporations in the world (Google) it’s important to carefully consider and reflect on their strategic monetary interests before even beginning to swallow their actions.
Do no evil, in a corporation, usually translates into ‘don’t forget to make a decent profit’. That’s especially true for corporations that are explicitly guided by this particular tenet.