Privacy Law and Policy Reporter
|
|
Home
| Databases
| WorldLII
| Search
| Feedback
Privacy Law and Policy Reporter |
|
David Banisar and Simon Davies, with contributors
The Global Internet Liberty Campaign (GILC) released in October 1998 a major report ‘Privacy And Human Rights — An International Survey of Privacy Laws and Practice’, at <http://www.gilc.org/privacy/survey/>. The GILC Survey contains both a topical ‘Overview: The State of the World’s Privacy’ and an analysis of the privacy and surveillance laws and practices of 49 nations. The survey was funded by the Open Society Institute. Its primary authors are David Banisar and Simon Davies of Privacy International, with additional research by Wayne Madsen, Ronnie Breckheimer, Michael Kassner and Shauna van Dongen, and contributions from experts around the world. It is intended to be updated annually.
With GILC’s permission, PLPR is publishing extracts from the survey dealing with privacy in countries outside the familiar territory of Europe, North America and Australasia. In 5 PLPR 86-89 we covered Hong Kong, India, Japan, South Korea and Malaysia. In 5 PLPR 170-173 we covered the the Philippines, Singapore, Taiwan and Thailand. In this issue we complete the extracts by covering central and south American countries and South Africa (Graham Greenleaf - General Editor).
Articles 18 and 19 of the Argentine Constitution provide (in part):
The home is inviolable as is personal correspondence and private papers; the law will determine what cases and what justifications may be relevant to their search or confiscation. The private actions of men that in no way offend order nor public morals, nor prejudice a third party, are reserved only to God’s judgment, and are free from judicial authority. No inhabitant of the Nation will be obligated to do that which is not required by law, nor be deprived of what is not prohibited.
Article 43, enacted in 1994, provides a right of habeus data:
Every person may file an action to obtain knowledge of the data about them and its purpose, whether contained in public or private registries or databases intended to provide information; and in the case of false data or discrimination, to suppress, rectify, make confidential, or update the data. The privacy of news information sources may not be affected.[1]
In December 1996, the Congress approved a data protection law in conformance with art 43 of the Constitution. The law provided ‘full protection of personal information recorded in data files, registers, banks or other electronic or manual technical means of data treatment, in order to guarantee the honour and privacy of persons, as well as the access to the information that may be recorded about such persons’, and provides provisions for consent, notification, security, uses, scope, confidentiality, and international transfer of personal data.[2] Sensitive data was given additional protections. A Bicameral Commission on Monitoring of Data Protection within the National Congress was to be established to enforce the law. However, upon request of the Central Bank, the law was subsequently vetoed by the President.[3] Efforts to revive it are pending. Under the Code of Penal Procedure, ‘A judge may arrange, for the purposes of building a case, the intervention of telephone commun-ications or whatever other means of communication’.[4] The Civil Code does not mention electronic communications, nor does the Penal Code provide penalties for such privacy violations. Illegal wiretapping has been common since the transition to civilian rule. In 1990, the entire telephone switchboard of the President’s official residence was extensively bugged and a major government scandal ensued.[5] In 1996, the telephones of the Archdiocese of Formosa were found to be wiretapped.[6] Also in that year, former Economy Minister Domingo Cavallo accused Interior Minister Carlos Corach of ordering the telephone bugging of a federal prosecutor.[7] In 1998, the Mayor of Buenos Aires and 1999 presidential candidate Fernando de la Rua lodged a criminal complaint against two city councillors and another party member, accusing them of tapping his family’s telephone for years and recording 3000 hours of conversation.[8] He also accused the secret police, known as SIDE, of complicity with the wiretaps.[9]
The Civil Code prohibits ‘that which arbitrarily interferes in another person’s life: publishing photos, divulging correspondence, mortifying another’s customs or sentiments or disturbing his privacy by whatever means’.[10]
In 1996, the national government began a new crackdown on tax evaders. Measures included reviewing citizens’ credit card, insurance, and tax records. One Bill allowed citizens whose credit card records had been obtained to sue for invasion of privacy.[11] The same year, the Argentina Passport and Federal Police Identification System, developed by Raytheon E-Systems, was inaugurated at the Buenos Aires airport. The system combines personal data, colour photos and fingerprints.[12]
Article 5 of the 1988 Constitution of Brazil provides, in part:
10. the privacy, private life, honour and image of persons are inviolable, and the right to compensation for property or moral damages resulting from the violation thereof is ensured;11. the home is the inviolable asylum of the individual, and no one may enter it without the dweller’s consent, save in the case of ‘in flagrante delicto’ or disaster, or to give help, or, during the day, by court order;
12. the secrecy of correspondence and of telegraphic, data and telephone communications is inviolable, except, in the latter case, by court order, in the events and in the manner established by the law for purposes of criminal investigation or criminal procedural discovery; ...
14. access to information is ensured to everyone and confidentiality of the source is protected whenever necessary for the professional activity.[13]
A Bill promoting the privacy of personal data in conformance with the OECD guidelines, to affect both public and private sector databases, was proposed in the Senate in 1996 and has yet to be voted on by the Federal Senate. The Bill provides that:
No personal data nor information shall be disclosed, communicated, or transmitted for purposes different than those that led to structuring such data registry or database, without express authorization of the owner, except in case of a court order, and for purposes of a criminal investigation or legal proceedings ... It is forbidden to gather, register, archive, process, and transmit personal data referring to: ethnic origin, political or religious beliefs, physical or mental health, sexual life, police or penal records, family issues, except family relationship, civil status, and marriage system ... Every citizen is entitled to, without any charge; access his/her personal data, stored in data registries or databases, and correct, supplement, or eliminate such data, and be informed by data registry or database managers of the existence of data regarding his/her person.[14]
The 1990 Code of Consumer Protection and Defense[15] allows all consumers to:
access any information derived from personal and consumer data stored in files, archives, registries, and databases, as well as to access their respective sources. Consumer files and data shall be objective, clear, true, and written in a manner easily understood, and shall not contain derogatory information for a period over five years. Whenever consumers find incorrect data and files concerning their person, they are entitled to require immediate correction, and the archivist shall communicate the due alterations to the incorrect information within five days. Consumer databases and registries, credit protection services, and similar institutions are considered entities of public nature. Once the consumer has settled his/her debts, Credit Protection Services shall not provide any information which may prevent or hinder further access to credit for this consumer.
The Informatics Law of 1984[16] protects the confidentiality of stored, processed and disclosed data, and the privacy and security of physical, legal, public, and private entities. Citizens are entitled to access and correct their personal information in private or public databases.
In 1996, a law regulating wiretapping was enacted.[17] Official wiretaps are permitted for 15 days, renewable on a judge’s order for another 15 days, and can only be resorted to in cases where police suspect serious crimes punishable by imprisonment, such as drug smuggling, corruption, contraband smuggling, murder and kidnapping. The granting of judicial eavesdropping permits by judges was previously an ad hoc process without any legal basis.[18] In 1992, amid a scandal which toppled President Fernando Collor de Mello, it was discovered that Vice President Itamar Franco’s phones at his official residence in Brasilia and in a Rio de Janeiro hotel room had been tapped.[19] In 1996, the Brazilian Intelligence Agency (Abin) was put under military control with the task of evaluating the background of people appointed to government posts. According to the new director, ‘every instrument authorised by the courts will be used to keep the president well informed, including wiretapping of phones, opening of personal mail, and infiltration of Abin agents into social movements such as the Landless Peasant’s Movement (Movimento sem Terra)’. Abin is the central body of an intelligence system that is spread out through federal, state, municipal and even private organisations. The intelligence system operates under the name of Sisbin (Brazilian Intelligence System).[20] The Agency’s guidelines prevent it from performing police operations, and require it to obtain a judicial order to perform wiretaps.[21]
A candidate for mayor of Sao Paulo, Celso Pitta, discovered wiretaps on two of his telephone lines in 1996.[22] A man with AIDS charged the city of Morretes, Parano of discrimination and invasion of privacy after a city government proclamation identifying him and his HIV status was posted in public buildings.[23]
Brazil signed the American Convention on Human Rights on 25 September 1992.
Article 19 of Chile’s Constitution secures for all persons:
[r]espect and protection for public and private life, the honour of a person and his family. The inviolability of the home and of all forms of private communication. The home may be invaded and private communications and documents intercepted, opened, or inspected only in cases and manners determined by law.[24]
Chile’s transition to democratic rule in 1990 did not eliminate personal privacy violations. The Investigations Police — a plainclothes civilian agency which functions in close collaboration with the International Criminal Police Organization (Interpol) and with the intelligence services of the army, navy, and air force — keeps records of all adult citizens and foreign residents and issues identification cards that must be carried at all times.[25] The personal data compiled during military rule was never destroyed. In January 1998, former dictator General Augusto Pinochet threatened to use ‘compromising information’ from secret military intelligence files against those who were trying to keep him from becoming a Senator for Life, a position which would provide immunity from civil suits and public accountability for crimes which took place during his dictatorship.[26]
A comprehensive privacy Bill was introduced in the House of Deputies in 1996.[27] The Bill covers both the public and private sectors. Information can only be collected if it is authorised by law or with the express consent of the person, who must be told of its purpose. Individuals have a right of access and can demand corrections or removal of information once a year. Information can only be used for the purposes for which the information was provided. Information collected for journalistic purposes is exempt. Violators can be imprisoned.
A 1995 law bars obtaining information by undisclosed taping, telephone intercepts, and other surreptitious means, and bars the dissemination of such information, except by judicial order in narcotics-related cases. In August 1996, the head of the Direccion de Inteligencia Policial (Dipolcar), the police intelligence service, was charged with authorising a surveillance operation against the defense ministry official responsible for Carabineros, the militarised national police force. His resignation in disgrace allowed a greater role for the civilian security police, Investigaciones, in anti-drug operations.[28] In 1992, a surveillance center with 24 hour scanning devices was uncovered in downtown Santiago. It was run by an active army intelligence unit (DINE, incorporating former members of the secret police, the CNI) and, among other incidents, was found to have tapped into presidential candidate Sebastian Pinera’s cellular phone[29] and taped the calls of President Patricio Aylwin.[30] The Army admitted to tapping telephones in order to comply with its mission, but reaffirmed that it ‘does not tap phones in an attempt to interfere with peoples’ privacy’.[31] The scandal provoked the retirement of General Ricardo Contreras, head of the Army Telecommunications Command.[32]
Chile signed the American Convention on Human Rights on 20 August 1990.
Article 16 of the 1917 Mexican Constitution provides in part:
One’s person, family, home, papers or possessions may not be molested, except by virtue of a written order by a proper authority, based on and motivated by legal proceedings. The administrative authority may make home visits only to certify compliance with sanitary and police rules; the presentation of books and papers indispensable to verify compliance with the fiscal laws may be required in compliance with the respective laws and the formalities proscribed for their inspection. Correspondence, under the protective circle of the mail, will be free from all inspection, and its violation will be punishable by law.[33]
Article 214 of the Penal Code protects the disclosure of personal information held by government agencies.[34] The General Population Act regulates the National Registry of Population and Personal Identification. The Registry’s purpose is to register all persons making up the country’s population using data enabling their identity to be certified or attested reliably. The aim of this is ultimately to issue the citizen’s identity card, which will be the official document of identification, fully endorsing the data contained in it concerning the holder.[35]
Chapter 6 of Mexico’s Postal Code, in effect since 1888, recognizes the inviolability of correspondence and guarantees the privacy of correspondence.[36] The 1939 General Communication Law provides penalties for interrupting communications and divulging secrets.[37] The Federal Penal Code establishes penalties for the crime of revealing personal secrets by any means, including personal mail.[38] In 1981 the Penal Code was amended to include the interception of telephone calls by a third person.[39] The Law Against Organized Crime, passed in November 1996, allows for electronic surveillance with a judicial order.[40] The law prohibits electronic surveillance in cases of electoral, civil, commercial, labor, or administrative matters and expands protection against unauthorised surveillance to cover all private means of communications, not merely telephone calls.[41] The Law has been widely criticised by Mexican human rights organisations as violating art 16 of the Constitution.[42] They noted that telephone espionage had historically been used by the ruling PRI party ‘to keep the opposition in check’.[43] In 1997, the telephones of the Jalisco State Supreme Court were found to have been wiretapped.[44] On 3 March 1998, a large cache of government electronic eavesdropping equipment which had been used since 1991 to spy on members of opposition political parties, human rights groups and journalists was discovered in Campeche.[45] Thousands of pages of transcripts of telephone conversations were uncovered, along with receipts for $1.2 million in Israeli surveillance equipment. More than a dozen other cases of government espionage in four other states were exposed, ranging from hidden microphones and cameras found in government offices in Mexico City to tapes of a state governor’s telephone calls. Every government agency identified with the electronic surveillance operations — the federal attorney-general and interior ministry, the military, the national security agency and a plethora of state institutions — denied knowing anything about them.[46]
The US-Mexican border has been an area of increased surveillance. Mexican authorities now routinely perform ‘security sweeps’ of homes in areas bordering the United States.[47] On the US side, biometric facial feature recognition systems have been implemented by the Immigration and Naturalization Service at the Otay Mesa border crossing (San Diego-Tijuana) for frequent US commuters to Mexican maquiladora factories. The biometric data is stored, with driver’s licence number, vehicle registration number and passport status, in an INS database. When a commuter in the program approaches the US border, a transponder under his vehicle sends a signal to the checkpoint booth, activating the database and displaying the driver’s image. Other commuters use a voice-activated device in addition to the facial scan.[48]
Mexico is a member of the OECD but does not appear to have adopted the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. Mexico has also signed the American Convention on Human Rights.
Section 14 of the South African Constitution of 1996 states that ‘everyone has the right to privacy, which includes the right not to have — (a) their person or home searched; (b) their property searched; (c) their possessions seized; or (d) the privacy of their communications infringed’. Section 32 states:
(1) Everyone has the right of access to -
(a) any information held by the state, and;(b) any information that is held by another person and that is required for the exercise or protection of any rights;
(2) National legislation must be enacted to give effect to this right, and may provide for reasonable measures to alleviate the administrative and financial burden on the state[49]
The Interim Constitution contained an essentially similar provision to s 14, in s 13.[50] It is clear that both sections are written in a way which directly responds to the experiences during the apartheid era of gross interferences with peoples’ right to privacy.
The South African Constitutional Court has delivered a number of judgments on the right to privacy relating to the possession of indecent or obscene photographs,[51] the scope of privacy in society,[52] and searches.[53] All the judgments were delivered under the provisions of the Interim Constitution as the causes of action arose prior to the enactment of the Final Constitution. However, as there is no substantive difference between the privacy provisions in the interim and final Constitutions, the principles remain authoritative for future application.
South Africa is currently in the process of adopting a comprehensive privacy and freedom of information law. The Open Democracy Bill was introduced in July 1998.[54] The Bill covers both public and private sector entities and allows for access, rights of correction and limitations on disclosure of information. The Bill would be enforced by the Human Rights Commission. This Bill is now with the Portfolio Committee on Justice, which has promised to hold public hearings on the final draft before sending the Bill to Parliament for tabling. The Bill was recently taken off the Parliamentary agenda for this session and is unlikely to reappear before the election in May next year.
South Africa does not have a privacy commission but has a Human Rights Commission which was established under Ch 9 of the Constitution and whose mandate is to investigate infringements on and to protect the fundamental rights guaranteed in the Bill of Rights, and to take steps to secure appropriate redress where human rights have been violated.
The Interception and Monitoring Act 1992 regulates the interception of communications.[55] This Act prohibits the interception of certain communications and the monitoring of certain conversations and also provides for the interception of postal articles and communications and for the monitoring of conversations in the case of a serious offence, or if the security of the country is threatened.
There are no other specific pieces of legislation on general data protection law. Other than the constitutional right to privacy, the South African common law protects rights of personality under the broad umbrella of the actio injuriarum. The elements of liability for an action based on invasion of privacy are the same as any other injury to the personality, namely an unlawful and intentional interference with another’s right to seclusion and to private life.
The Cabinet approved a plan in March 1998 to issue a multi-purpose smart card which combines access to all government departments and services with banking facilities. This is part of the information technology strategy formulated by the Department of Communications to provide kiosks for access to government services.[56] In the long term, the smart card is intended to function as passport, driver’s licence, identity document and bank card. The driver’s licence will include fingerprints.
David Banisar and Simon Davies, with contributors.
[1] Constitucion de la Nacion Argentina (1994) http://www. constitution.org/cons/argentin.htm.
[2] Law No 24.745 of December 23, 1996 http://www.privacyexchange.org/legal/ppl/nat/argpending.html.
[3] Decree No 1616/96, Comment by Supreme Court of Argentina Comparative Law Research and Library Secretary.
[4] Codigo Procesal Penal de la Nacion, Art 236.
[5] Reuters News Service — Central and South America, 29 January, 1990.
[6] La Nacion, Buenos Aires, 8 Sept 1996.
[7] ‘Cavallo lashes out against corruption’ Latin American Weekly Report, 31 October 1996.
[8] ‘Argentine candidate says own party men bugged him’ Reuters World Report, 2 June 1998.
[9] ‘Argentine security services accused over phone tap’ Reuters World Report, 2 June 1998.
[10] Codigo Civil, art 1071, incorporated by Law No 21.173.
[11] New York Times, 10 June 1996.
[12] Business Wire, 10 Sept 1996.
[13] The Constitution of Brazil 1988 http://www.uni-wuerzburg .de/law/br00t_.html.
[14] Federal Senate Bill No 61, 1996 (in English) http://www.privacyexchange.org/legal/ppl/nat/brazilpending.html.
[15] Law No 8078, 11 September 1990.
[16] Law No 7.232, 29 October 1984.
[17] LEI Nordm; 9.296, DE 24 DE JULHO DE 1996, http://bdtextual.senado.gov.br/folio.pgi/integral.nfo/query=240796/doc/{@1}/hit_headings/word=4/hits_only.
[18] ‘Brazil makes police phone taps legal’ Reuters World Service, 24 July 1996.
[19] ‘Brazil vice-president claims his phone was tapped’ Reuters North American Wire, 9 Sept 1992.
[20] ‘O Globo’, Rio de Janeiro, in Portuguese 4 Aug 1996, BBC Monitoring Service: Latin America, 7 August 1996.
[21] ‘President transfers control of new intelligence agency to military’ Agencia Estado news agency, Sao Paulo, BBC Summary of World Broadcasts, 11 April 1996.
[22] Reuters News Service, 2 October 1996.
[23] SEJUP (Servico Brasileiro de Justica e Paz), No 117, 17 February 1994.
[24] Constitution of Chile 1980 http://www.georgetown.edu/LatAmerPolitical/Constitutions/Chile/chile97.html.
[25] Chile: A Country Report 1994, US Library of Congress, http://lcweb2.loc .gov/cgi-bin/query/D?cstdy:26:./ temp/~frd_IHzm::.
[26] ‘Chile’s Ex-Dictator Tries to Dictate His Future Role’ The New York Times, 1 February 1998.
[27] Protection of Personal Data, House of Deputies, November 1996 http://www.privacyexchange.org/legal/ppl/nat/chilepending.html.
[28] ‘Rows grow over security services’ Southern Cone Report, 12 September 1996.
[29] Television Nacional de Chile, BBC Summary of World Broadcasts, 26 September 1992.
[30] ‘Army’s bugging centre uncovered’ Latin America Weekly Report, 8 October 1992.
[31] ‘Navy, Air Force Deny Allegations of Telephone Tapping’ BBC Summary of World Broadcasts, 28 Sept 1992.
[32] ‘Chile army to take action against servicemen involved in telephone-tapping case’ BBC Summary of World Broadcasts, 27 November 1992.
[33] Constitucion Politica de los Estados Unidos Mexicanos http://info.juridicas.unam.mx/cnsinfo/fed00.htm.
[34] Código Penal Federal.
[35] See United Nations Commission on Human Rights, ‘Question of the follow-up to the guidelines for the regulation of computerized personal data files: report of the Secretary-General prepared pursuant to Commission decision 1995/114’ at <http://www.hri.ca/fortherecord1997/documentation/commission/e-cn4-1997-67.htm> .
[36] El Código Postal de los Estados Unidos Mexicanos (1884).
[37] Ley de Vas Generales de Comunicación de 30 de diciembre de 1939, arts 571, 576, 578.
[38] Código Penal Federal, art 210.
[40] Ley Federal Contra la Delincuencia Organizada, 7 de noviembre de 1996 at http://info1.juridicas.unam.mx/legfed/247/1.htm.
[41] ‘Zedillo to sign sweeping organized crime package’ The Los Angeles Times, 30 October 1996.
[42] ‘Exigen siete ONG la renuncia del titular de Seguridad Publica’ La Jornada, 7 October 1997.
[43] ‘Con la reforma anticrimen, el espionaje entrara a la Constitución’, La Jornada, 28 April 1996.
[44] AP, 18 January 1997.
[45] ‘Spy Network Stuns Mexicans, Raid Opens Door to Exposure of Government Snooping’ The Washington Post, 13 April 1998.
[46] ‘Anger as Big Brother spy tactics exposed’ The Guardian (London), 14 April 1998.
[47] ‘En marcha, amplia operacion anticrimen en la frontera con EU’ La Jornada, 5 November 1996.
[48] ‘Human bar codes’ The San Diego Union-Tribune, 13 May 1998.
[49] The Constitution of the Republic of South Africa, Act 108 of 1996: <http://www.parliament.gov.za/legislation/1996/saconst.html> .
[50] The Interim Constitution (Act 200 of 1993).
[5] Case and Another v Minister of Safety and Security and Curtis and Another v Minister of Safety and Security [1996] ZACC 7; 1996 (3) SA 617 (CC).
[52] Bernstein and others v Von Weilligh Bester NO and others [1996] ZACC 2; 1996 (2) SA 751 (CC); 1996 (4) BCLR 449 (CC), delivered 27 March 1996.
[53] Mistry v The Interim National Medical and Dental Council of South Africa and others as yet unreported CCT 13/97, decided on 29 May 1998.
[54] Open Democracy Bill No 67, 1998 http://www.parliament.gov.za/bills/1998/b67-98.pdf.
[55] Interception and Monitoring Prohibition Act, No 77 of 1992 (amended by the Intelligence Services Act, No 38 of 1994).
[56] David Shapshak, SA services get ‘smart’, Mail & Guardian, 24 April, 1998.
AustLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.austlii.edu.au/au/journals/PrivLawPRpr/1999/28.html