Impact of the Human Rights Act 1998 on Privacy Law

Privacy is a crucial issue in relation to the information society. In our contemporary society, filled with all sorts of innovations, new technologies have posed risks to privacy, but at the same time, they have as well facilitated new ways of protecting it (Lyon, 2002). With the acceptance of the significance of privacy, many countries have undertaken unequivocal legislation in sustaining privacy defense. It was the year 1998, when the Labour government passed the Human Rights Act (HRA), which incorporated the European Convention on Human Rights into the UK law. The Act received Royal Assent on 9th November 1998, but was only brought fully into force on the 2nd October 2000 and eventually developed into a privacy law. Before this act, information that was classified as private, would be sent to the European Court of Human Rights in Strasbourg without a judgment from a British court. This paper will explore the current aspect of the legal development of privacy due to the Human Rights Act 1998 and its impact to privacy law with a focus on privacy and freedom of expression rights.

Human rights principles are based on values of freedom, respect, equality, fairness, and autonomy, which are recognised in the Universal Declaration of Human Rights. The Human Rights Act encourages public authorities to respect and protect these values. One of these fundamental values is the right of an individual to respect of their privacy. There is a general agreement that privacy is essential (Carey, 2010). It is an inherent human right, and as Article 12 of the Universal Declaration of Human Rights states: ‘No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to be protected by the law against such interference or attacks’. Privacy was explained as ‘the right of the individual to be protected against intrusion into his personal life or affairs, or those of his family, by direct physical means or by publication of information’ by the Calcutt Committee in their first report on privacy (Leeds.ac.uk, 2017) but, as there is no absolute definition for the term, it can be generally characterised as a state of affairs, a claim, and an outline of control or a charge. There are several approaches related to privacy that are worth exploring in a more extensive way, perhaps in another paper. What is essential for this paper is to take a brief consideration of the various reasons why privacy should be valued. This can provide a better understanding as to why the HRA impacted the development of a privacy law in the UK and, essentially, why privacy should be protected by law in the first place.

Firstly, privacy can be understood as an important factor in society because a truly private space is necessary for mental health (Nissenbaum, 1997). Therefore, a society that wishes to function right requires the provision and protection of privacy for its members (Introna, 1997).

Secondly, privacy is closely related to power relationships and as surveillance nowadays is one of the main challenges to privacy, it can be used to establish and strengthen power. However, literature has defined privacy as the ‘right to be left alone’ (Warren and Brandeis, 1890). The right to be left alone is an attractive definition which seems to consider one’s imagination but does not provide a clear or moral implementation (Phillipson and Fenwick 2000). The right to privacy involves rules relating to the collection and handling of personal data (such as medical records or credit information), the right to to control one’s identity and the right to restrict access to oneself (for example, control on communication and intrusion into domestic and work space). Privacy also conflicts with subjects such as freedom of speech; powers of surveillance; national security; personal morality and freedom of information (Markesinis et al., 2004).

In creating more clarifications, literature have coined various approaches on privacy. A crucial stream has linked privacy with control of information or control over access to information. In addition, there is the related approach on the information self-determination.  Privacy has been considered as a right of determining who will have access to person-related information (Krisch 2008). Moreover, there is the relation of this privacy approach with issues of property. In case person-related information is considered as property; then privacy aspects may be reduced and be established or refer to intellectual property law (McCrudden 2000).

There has been a significant divergence on the level in which privacy consideration differs among employment and personal state of affairs (Phillipson and Fenwick 2000). In such situations, there is a common distinction since employers can invade the employees’ privacy to make sure that the work is done. Thus, there may be the need for sensitive information, such as pay salaries, bank details or location data, to be shared so that employers can be sure that their employees will undertake tasks that are assigned to them (Krisch 2008). The law of ‘breach of confidence’ has been extensively used to protect such trade secrets and commercially sensitive information. Employees owe a duty of confidence to their employers, either under the terms of a written contract or by an implied term of loyalty.

Technically speaking, the ECHR is an international treaty which lists a set of rights which must be respected and guaranteed by the different states within their jurisdictions (Kiestra, 2014). The HRA’s main goal is to ‘give further effect’ in UK law to the fundamental rights and freedoms listed in the ECHR. Consequently, individuals who feel that their human rights have somehow been breached are now able to go directly to UK courts, instead of complaining only to the Strasbourg court, after having exhausted all other domestic remedies first (Hoffman and Rowe, 2003). The rights contained in the HRA affect vital matters of life and death (for example the right to be freed from torture or killing), but also matters regarding someone’s daily life (e.g. privacy, freedom of expression etc.) (Carey, 2010). Due to this wide range of fundamental rights covered, it is not surprising, that the HRA is considered one of the most significant pieces of legislation ever passed in the UK (Hoffman and Rowe, 2003). According to The Equality and Human Rights Commission’s, ‘The case for the Human Rights Act – Part 1 of 3 Responses to the Commission on a Bill of Rights – HRA Plus Not Minus, this key piece of legislation has three goals: to bring rights home, by ensuring that all individuals in the UK have protected their human rights in UK courts, without the need to go to Strasbourg in first place; to introduce strong constitutional mechanisms in order to ensure that all powers (i.e. Parliament, Executive and Judiciary) respect human rights in their work with the aim of enhancing the democratic process and to increase the awareness of human rights throughout society (2010). As set out by Masterman (2005), with the Human Rights Act, privacy law has developed far from the law of buoyancy and will remain a chronological thing. However, the incursion of personal privacy will be recognized as a different tort. It is worth noting that the Article 8 protects both individuals (by the law of slander) as well as any sham publication that hurts one’s status and (by the new tort) the factual publication which has unjustified impositions of one’s privacy (McCrudden 2000). However, after a revelation of one’s awful manner moves out of the specialty of public and political being, it may no longer be probable to remain justified on attack of solitude with an appeal to the saying “there is no confidence in iniquity” (Phillipson and Fenwick 2000).  Conversely, exposure of iniquity may relate to public interests, but a case of a sense of disclosure on aberrant sexual conducts (which may be combined with photographs) may not require fortification of unrestricted attention shield (Phillipson and Fenwick 2000).

Those who state invasion of privacy on their behalf generally rely on an action in ‘breach of the right to confidence’. The essence of this can be summarised as misuse of private information (Hart and Fazzani, 1997). It has been established in many of the UK courts’ decisions, that publishing or obtaining information or unauthorised photographs equals to a breach of confidence in situations where it is considered that a relationship of confidence exists. In other words, it is a breach of confidence if the information is damaging to the owner or the subject of such information and used without their consent.

Article 8 of the ECHR protects an individual’s right to respect for their private life. ‘Private life’ is a broad term and covers aspects such as one’s right to determine their sexual orientation, their lifestyle, and the way they dress and look. It also includes their right to control who sees and touches their body (Review of the Implementation of the Human Rights Act, 2006).

New technologies have raised various issues on privacy protection. Governments in various countries have undertaken the issue seriously since it has been a problem to the citizens. Hence, there have been laws and regulations aimed at addressing issues of privacy (Ewing 1999).  According to Phillipson and Fenwick (2000), privacy has been accepted as a main issue in relation to computer and information ethics. However, behind the laws, there are philosophy issues related to privacy and have not been easier to identify, but are good to be noted, if one wishes to understand why and how privacy can be legally protected. Along with the Human Rights Act of 1998, the European Directive 95/46/EC was implemented as the Data Protection Act (DPA), aiming to produce universal European standards for the storage, collection, and processing of one’s personal information. That information refers to one’s personal data, which can be anything that is used to identify an individual (Legislation.gov.uk, 2017). Although the Act itself does not mention privacy, it is intended to bring British law into line with the 1995 EU Data Protection Directive for the protection of individuals on issues regarding the processing of personal data and on the free movement of that data. Therefore, it provides a way for individuals to control and protect information about themselves and, in extension, leads to an interpretation of the HRA as a strong means to ensure privacy.  It is, though quite direct about the need to consider employer interests in collecting data. On one hand, employers are supposed to collect personal data from their employees only for relevant business purposes, but on the other hand there is no explanation of what would account for as a legitimate business interest (Johnson, 2001). Generally, human rights act may be used directly by employees for public departments since it imposes duties of public authorities to make sure that the convention is complied with. Conversely, employees within the private sector receive support from privacy concerns since it offers general duties in interpreting legislation. In fact, the Article of Convection requires the country to ensure that Convection right for everyone is secured (Phillipson 2003).

As set out under Article 8, everyone has been guaranteed right of respect for one’s privacy, family life, one home and their correspondence. Section 2 of the Article details the limits of the rights (Equalityhumanrights.com, 2017). In general, history of interpreting the Article 8 by European Court of Human Rights shows rights to privacy which are well understood. This relates to the aspect of sexual individuality, individual information and phone calls made from commerce locations (Warren et al, 2008).

One significant case that establishes the girth of interpreting the HRA’S impact on privacy law was the Halford vs. the UK (1997) case. This case was the first to raise the issue of employers’ right to privacy at work. Alison Halford was an Assistant Chief Constable and while she was in her post in Merseyside, senior police officers intercepted her telephone calls. She then proceeded to apply under the European Convention claiming a breach of her right to privacy as protected under Article 8. Nine judges of the European Court of Human Rights decided unanimously that there had indeed been a violation of Article 8 of the European Convention (Case of Halford v. The United Kingdom, 1997). The European Court of Human Rights has also examined the role of privacy and sexual identity. In Dudgeon v UK (1983) the European Court of Human Rights decided that the forbiddance in Northern Ireland of homosexual acts between consenting males was a breach of Article 8, in response to which the law was changed. In that case, it was held that interception of phone calls resulted in breaching of privacy. This was even though the claimant was the police and the call was made from “business premises”. Also, this was the case that was upheld in Valenzuela Contreras vs. Spain (1999) where it was held that aspect of monitoring telephone conversation was a breach of the right to respect for private life (Ewing 1999). Possibly, the most significant impact that Human Right Act has had towards privacy in employment relates to influence on jurisprudence (Phillipson and Fenwick 2000). Under Section 3, Human Resource Act requires the court to make interpretation of legislation in a way that is in line with Human Right Act. This relates to distinct interpretation on the aspect of reasonableness that is expected to be applied in employment tribunals (Phillipson 2003).

However, there has also been certain tension found under Convection Article 8 on the right to privacy and Article 10 rights which offer freedom of expression (Amos, 2009). Article 8 of the Human Rights Act is one of the most open-ended of the Convention rights, and covers a growing number of issues with negative and positive responsibilities. The state is under a negative responsibility not to interfere with privacy rights, but additionally, Strasbourg case law has also extended Article 8 to inflict a positive duty to prevent private parties from interfering with these rights: (1) X (2) Y v the Netherlands (1985) 8 EHRR 235. The four main protected interests under Article 8 are private life, home, family, and correspondence, which all together broadly translate to personal privacy (Equalityhumanrights.com, 2017). It is therefore clear that this right is protected against actions by public bodies but it does not categorically state that it enjoys horizontal application. Article 10 provides everyone with the right to freedom of expression (including the freedom to hold opinions and to exchange information and ideas without State interference) (Equalityhumanrights.com, 2017).  Additionally, through this article, one’s right to communicate and to express oneself in any medium and/or text is protected. Obviously there needs to be a healthy collaboration of these two articles, since it is very possible that someone’s free expression could damage or breach someone else’s private life. But, in such cases, who can win the argument, the one whose private life is breached or the other who simply expresses their opinion? In this way, privacy and free expression become two sides of the same coin, each of them being an essential condition to the enjoyment of the other. To freely form and convey ones political, religious, or ethnical beliefs one needs a private space free from interference. Equally, violations on the right to privacy – physical or online surveillance, monitoring of communications or activities– prevent an individual from exercising their freedom expression. In the modern world, almost every act online is an act of expression yet each of these acts can also generate transactional information, and can easily be monitored by unintended parties. The article provides for limitations to the right of freedom of speech. It specifically refers to those restrictions that are necessary in a democratic society (Williams, Beatson and Cripps, 2002). In the case of super-jurisdiction, the court provides an order that requires that, when the injunction is set in place, its existence may not be published nor disclosed. Article 8 notes that, “everyone has the right to respect for one private and family life, his home and his correspondence” (McCrudden 2000). It goes further to state that, there are no interferences by the public authorities in exercise of right expected in accordance with law and the required independent civilisation for interest of nationwide safety, cost-effective well-being, and public safety of the nation to prevent disorder and crime to protect morals or health and protect rights and freedom for others (Woogara 2001).

This paper has attempted to discuss the development of the Human Rights Act 1998 and its relation to UK’s laws on privacy, with a specific focus on its articles 8 and 10, regarding freedom of private life and expression. Whether the Human Rights Act has been identified as a critical driver for change, or just part of this wider framework, is not a black-and-white issue and is in most cases a matter of perspective (Arnold, 2013). Sometimes, on close inspection, the role of the Human Rights Act is found to be minimal or non-existent and other times the Act directly contributes to greater personalisation and better public services. Generally, in exercise of freedoms, it is related to duties and responsibilities subjected to issues such as conditions, formalities, penalties, or restrictions as noted by law and relevant for the democratic community. This must be an interest of national safety, territory integrity, and public safety. Prevention of disorder and crime to protect health and morals and protection of reputation and rights, as well as prevention of disclosure of information sourced due to confidence and maintenance of authority are some of the Act’s purposed. The arguments for and against it could be further explored in another paper, in order to examine how the limitations of the Act could be eliminated.

Bibliography:

• Amos, M. (2009). Problems with the Human Rights Act 1998 and How to Remedy Them: Is a Bill of Rights the Answer? Modern Law Review, 72(6), pp.883-908.
• Arendt, H. (1958). The human condition. 2nd edition Chicago: The University of Chicago Press.
• Arnold, R. (2013). Reflections on the Universality of Human Rights. The Universalism of Human Rights, pp.1-12.
• Carey, P., Armstrong, N., Lamont, D. and Quartermaine, J. (2010). Media law. 1st ed. London: Thomson Reuters (Legal).
• Case of Halford v. The United Kingdom. (1997). The International Journal of Human Rights, 1(3), pp.59-61.
• Equalityhumanrights.com. (2017). The Human Rights Act | Equality and Human Rights Commission. [online] Available at: https://www.equalityhumanrights.com/en/human-rights/human-rights-act [Accessed 15 Apr. 2017].
• Equality and Human Rights Commission, ‘The case for the Human Rights Act – Part 1 of 3 Responses to the Commission on a Bill of Rights – HRA Plus Not Minus’ (2010) Equality Rights and Human Rights Commission 4
• Ewing, K.D., 1999. The human rights act and parliamentary democracy. The Modern Law Review, 62(1), pp.79-99.
• Hart, T. and Fazzani, L. (1997). Breach of Confidence. Intellectual Property Law, pp.50-63.
• Hoffman, D. and Rowe, J. (2003). Human rights in the UK. 1st ed. Harlow, England: Pearson/Longman.
• Introna, L. (1997). Privacy and the Computer: Why We Need Privacy in the Information Society.
• Metaphilosophy, 28(3), pp.259-275.
• Johnson, J. (2001). The Potential Impact of the Human Rights Act 1998 on Employment Law. Business Law Review, 22(7), pp.164-168.
• Kiestra, L. (2014). The Impact of the European Convention on Human Rights on Private International Law.
• Krisch, N., 2008. The open architecture of European human rights law. The Modern Law Review, 71(2), pp.183-216.
• Legislation.gov.uk. (2017). Data Protection Act 1998. [online] Available at: http://www.legislation.gov.uk/ukpga/1998/29/section/1 [Accessed 15 Apr. 2017].
• Lyon, D. (2002). Surveillance as Social Sorting. 1st ed. Hoboken: Taylor & Francis Ltd.
• Markesinis, B., O’Cinneide, C., Fedtke, J., Hunter-Henin, M. and Fedtke, J. (2004). Concerns and Ideas about the Developing English Law of Privacy (And How Knowledge of Foreign Law Might Be of Help). The American Journal of Comparative Law, 52(1), p.133.
• Masterman, R., 2005. Taking the Strasbourg jurisprudence into account: Developing a ‘municipal law of human rights’ under the Human Rights Act. International and comparative law quarterly, 54(04), pp.907-931.
• McCrudden, C., 2000. A Common Law of Human Rights? Transnational Judicial Conversations on Constitutional Rights. Oxford journal of legal studies, pp.499-532.
• Nissenbaum, H. (1997). Toward an Approach to Privacy in Public: Challenges of Information Technology. Ethics & Behavior, 7(3), pp.207-219.
• Pearson, S., 2009, May. Taking account of privacy when designing cloud computing services. In Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (pp. 44-52). IEEE Computer Society.
• Phillipson, G. and Fenwick, H., 2000. Breach of Confidence as a Privacy Remedy in the Human Rights Act Era. The Modern Law Review, 63(5), pp.660-693.
• Review of the Implementation of the Human Rights Act. (2006). 1st ed. [eBook] Department of Constitutional Affairs. Available at: http://webarchive.nationalarchives.gov.uk/+/http:/www.dca.gov.uk/peoples-rights/human-rights/pdf/full_review.pdf [Accessed 14 Apr. 2017].
• Warren, A., Bayley, R., Bennett, C., Charlesworth, A., Clarke, R. and Oppenheim, C., 2008. Privacy Impact Assessments: International experience as a basis for UK Guidance. Computer Law & Security Review, 24(3), pp.233-242.
• Warren, S. and Brandeis, L. (1890). The right to privacy. Harvard Law Review, pp.193-220.
• Williams, D., Beatson, J. and Cripps, Y. (2002). Freedom of expression and freedom of information. 1st ed. Oxford: Oxford University Press.
• Woogara, J., 2001. Human rights and patients’ privacy in UK hospitals. Nursing Ethics, 8(3), pp.234-246.