Impact of the Human Rights Act 1998 on Privacy Law

Privacy is a crucial issue in relation to the information society. In our contemporary society, filled with all sorts of innovations, new technologies have posed risks to privacy, but at the same time, they have as well facilitated new ways of protecting it (Lyon, 2002). With the acceptance of the significance of privacy, many countries have undertaken unequivocal legislation in sustaining privacy defense. It was the year 1998, when the Labour government passed the Human Rights Act (HRA), which incorporated the European Convention on Human Rights into the UK law. The Act received Royal Assent on 9th November 1998, but was only brought fully into force on the 2nd October 2000 and eventually developed into a privacy law. Before this act, information that was classified as private, would be sent to the European Court of Human Rights in Strasbourg without a judgment from a British court. This paper will explore the current aspect of the legal development of privacy due to the Human Rights Act 1998 and its impact to privacy law with a focus on privacy and freedom of expression rights.

Human rights principles are based on values
of freedom, respect, equality, fairness, and autonomy, which are recognised in
the Universal Declaration of Human Rights. The Human Rights Act encourages
public authorities to respect and protect these values. One of these
fundamental values is the right of an individual to respect of their privacy. There
is a general agreement that privacy is essential (Carey, 2010). It is an
inherent human right, and as Article 12 of the Universal Declaration of Human
Rights states: ‘No one shall be subjected to arbitrary interference with his
privacy, family, home or correspondence, nor to attacks upon his honour and
reputation. Everyone has the right to be protected by the law against such
interference or attacks’. Privacy was explained as ‘the right of the individual
to be protected against intrusion into his personal life or affairs, or those
of his family, by direct physical means or by publication of information’ by
the Calcutt Committee in their first report on privacy (Leeds.ac.uk, 2017) but,
as there is no absolute definition for the term, it can be generally
characterised as a state of affairs, a claim, and an outline of control or a
charge. There are several approaches related to privacy that are worth
exploring in a more extensive way, perhaps in another paper. What is essential
for this paper is to take a brief consideration of the various reasons why
privacy should be valued. This can provide a better understanding as to why the
HRA impacted the development of a privacy law in the UK and, essentially, why
privacy should be protected by law in the first place.

Firstly, privacy can be understood as
an important factor in society because a truly private space is necessary for
mental health (Nissenbaum, 1997). Therefore, a society that wishes to function
right requires the provision and protection of privacy for its members
(Introna, 1997).

Secondly, privacy is closely related
to power relationships and as surveillance nowadays is one of the main
challenges to privacy, it can be used to establish and strengthen power. However,
literature has defined privacy as the ‘right to be left alone’ (Warren and
Brandeis, 1890). The right to be left alone is an attractive definition which seems
to consider one’s imagination but does not provide a clear or moral
implementation (Phillipson
and Fenwick 2000). The right to privacy involves rules relating to the
collection and handling of personal data (such as medical records or credit
information), the right to to control one’s identity and the right to restrict
access to oneself (for example, control on communication and intrusion into
domestic and work space). Privacy also conflicts with subjects such as freedom
of speech; powers of surveillance; national security; personal morality and freedom
of information (Markesinis et al., 2004).

In creating more clarifications,
literature have coined various approaches on privacy. A crucial stream has
linked privacy with control of information or control over access to
information. In addition, there is the related approach on the information
self-determination.  Privacy has been
considered as a right of determining who will have access to person-related
information (Krisch
2008). Moreover, there is the relation of this
privacy approach with issues of property. In case person-related information is
considered as property; then privacy aspects may be reduced and be established
or refer to intellectual property law (McCrudden 2000).

There has been a significant
divergence on the level in which privacy consideration differs among employment
and personal state of affairs (Phillipson and Fenwick 2000).
In such situations, there is a common distinction since employers can invade
the employees’ privacy to make sure that the work is done. Thus, there may be the
need for sensitive information, such as pay salaries, bank details or location
data, to be shared so that employers can be sure that their employees will
undertake tasks that are assigned to them (Krisch 2008).
The law of ‘breach of confidence’ has been extensively used to protect such
trade secrets and commercially sensitive information. Employees owe a duty of
confidence to their employers, either under the terms of a written contract or
by an implied term of loyalty.

Technically speaking, the ECHR is an
international treaty which lists a set of rights which must be respected and
guaranteed by the different states within their jurisdictions (Kiestra, 2014).
The HRA’s main goal is to ‘give further effect’ in UK law to the fundamental rights
and freedoms listed in the ECHR. Consequently,
individuals who feel that their human rights have somehow been breached are now
able to go directly to UK courts, instead of complaining only to the Strasbourg
court, after having exhausted all other domestic remedies first (Hoffman and
Rowe, 2003). The rights contained in the HRA affect vital matters of life and
death (for example the right to be freed from torture or killing), but also
matters regarding someone’s daily life (e.g. privacy, freedom of expression
etc.) (Carey, 2010). Due to this wide range of fundamental rights covered, it
is not surprising, that the HRA is considered one of the most significant
pieces of legislation ever passed in the UK (Hoffman and Rowe, 2003). According
to The Equality and Human Rights Commission’s, ‘The case for the Human Rights Act – Part 1 of 3 Responses to the
Commission on a Bill of Rights – HRA Plus Not Minus, this key piece of
legislation has three goals: to bring rights home, by ensuring that all
individuals in the UK have protected their human rights in UK courts, without
the need to go to Strasbourg in first place; to introduce strong constitutional
mechanisms in order to ensure that all powers (i.e. Parliament, Executive and
Judiciary) respect human rights in their work with the aim of enhancing the
democratic process and to increase the awareness of human rights throughout society
(2010). As set out by Masterman (2005), with
the Human Rights Act, privacy law has developed far from the law of buoyancy
and will remain a chronological thing. However, the incursion of personal
privacy will be recognized as a different tort. It is worth noting that the
Article 8 protects both individuals (by the law of slander) as well as any sham
publication that hurts one’s status and (by the new tort) the factual
publication which has unjustified impositions of one’s privacy (McCrudden 2000).
However, after a revelation of one’s awful manner moves out of the specialty of
public and political being, it may no longer be probable to remain justified on
attack of solitude with an appeal to the saying “there is no confidence in
iniquity” (Phillipson
and Fenwick 2000).  Conversely, exposure of iniquity may relate to
public interests, but a case of a sense of disclosure on aberrant sexual conducts
(which may be combined with photographs) may not require fortification of
unrestricted attention shield (Phillipson and Fenwick 2000).

Those who state invasion of privacy
on their behalf generally rely on an action in ‘breach of the right to
confidence’. The essence of this can be summarised as misuse of private
information (Hart and Fazzani, 1997). It has been established in many of the UK
courts’ decisions, that publishing or obtaining information or unauthorised
photographs equals to a breach of confidence in situations where it is
considered that a relationship of confidence exists. In other words, it is a
breach of confidence if the information is damaging to the owner or the subject
of such information and used without their consent.

Article 8 of the ECHR protects an
individual’s right to respect for their private life. ‘Private life’ is a broad
term and covers aspects such as one’s right to determine their sexual
orientation, their lifestyle, and the way they dress and look. It also includes
their right to control who sees and touches their body (Review of the
Implementation of the Human Rights Act, 2006).

New technologies have raised various
issues on privacy protection. Governments in various countries have undertaken
the issue seriously since it has been a problem to the citizens. Hence, there
have been laws and regulations aimed at addressing issues of privacy (Ewing 1999).  According to Phillipson and Fenwick (2000), privacy
has been accepted as a main issue in relation to computer and information
ethics. However, behind the laws, there are philosophy issues related to
privacy and have not been easier to identify, but are good to be noted, if one
wishes to understand why and how privacy can be legally protected. Along with
the Human Rights Act of 1998, the European Directive 95/46/EC was implemented
as the Data Protection Act (DPA), aiming to produce universal European
standards for the storage, collection, and processing of one’s personal
information. That information refers to one’s personal data, which can be
anything that is used to identify an individual (Legislation.gov.uk,
2017). Although the Act itself does not mention
privacy, it is intended to bring British law into line with the 1995 EU Data
Protection Directive for the protection of individuals on issues regarding the
processing of personal data and on the free movement of that data. Therefore, it
provides a way for individuals to control and protect information about
themselves and, in extension, leads to an interpretation of the HRA as a strong
means to ensure privacy.  It is, though
quite direct about the need to consider employer interests in collecting data. On
one hand, employers are supposed to collect personal data from their employees
only for relevant business purposes, but on the other hand there is no explanation
of what would account for as a legitimate business interest (Johnson, 2001). Generally,
human rights act may be used directly by employees for public departments since
it imposes duties of public authorities to make sure that the convention is complied
with. Conversely, employees within the private sector receive support from
privacy concerns since it offers general duties in interpreting legislation. In
fact, the Article of Convection requires the country to ensure that Convection
right for everyone is secured (Phillipson 2003).

As set out under Article 8, everyone
has been guaranteed right of respect for one’s privacy, family life, one home
and their correspondence. Section 2 of the Article details the limits of the
rights (Equalityhumanrights.com, 2017). In general, history of interpreting the
Article 8 by European Court of Human Rights shows rights to privacy which are
well understood. This relates to the aspect of sexual individuality, individual
information and phone calls made from commerce locations (Warren et al, 2008).

One significant case that establishes
the girth of interpreting the HRA’S impact on privacy law was the Halford vs.
the UK (1997) case. This case was the first to raise the issue of employers’
right to privacy at work. Alison Halford was an Assistant Chief Constable and while
she was in her post in Merseyside, senior police officers intercepted her
telephone calls. She then proceeded to apply under the European Convention claiming
a breach of her right to privacy as protected under Article 8. Nine judges of
the European Court of Human Rights decided unanimously that there had indeed
been a violation of Article 8 of the European Convention (Case of Halford v.
The United Kingdom, 1997). The European Court of Human Rights has also examined
the role of privacy and sexual identity. In Dudgeon v UK (1983) the European
Court of Human Rights decided that the forbiddance in Northern Ireland of
homosexual acts between consenting males was a breach of Article 8, in response
to which the law was changed. In that case, it was held that interception of
phone calls resulted in breaching of privacy. This was even though the claimant
was the police and the call was made from “business premises”. Also,
this was the case that was upheld in Valenzuela Contreras vs. Spain (1999)
where it was held that aspect of monitoring telephone conversation was a breach
of the right to respect for private life (Ewing 1999). Possibly,
the most significant impact that Human Right Act has had towards privacy in
employment relates to influence on jurisprudence (Phillipson and Fenwick 2000).
Under Section 3, Human Resource Act requires the court to make interpretation
of legislation in a way that is in line with Human Right Act. This relates to
distinct interpretation on the aspect of reasonableness that is expected to be
applied in employment tribunals (Phillipson 2003).

However, there has also been certain
tension found under Convection Article 8 on the right to privacy and Article 10
rights which offer freedom of expression (Amos, 2009). Article
8 of the Human Rights Act is one of the most open-ended of the Convention
rights, and covers a growing number of issues with negative and positive responsibilities.
The state is under a negative responsibility not to interfere with privacy
rights, but additionally, Strasbourg case law has also extended Article 8 to inflict
a positive duty to prevent private parties from interfering with these rights:
(1) X (2) Y v the Netherlands (1985) 8 EHRR 235. The four main protected
interests under Article 8 are private life, home, family, and correspondence,
which all together broadly translate to personal privacy (Equalityhumanrights.com,
2017). It is therefore clear that
this right is protected against actions by public bodies but it does not
categorically state that it enjoys horizontal application. Article
10 provides everyone with the right to freedom of expression (including the
freedom to hold opinions and to exchange information and ideas without State
interference) (Equalityhumanrights.com,
2017).  Additionally, through this
article, one’s right to communicate and to express oneself in any medium and/or
text is protected. Obviously there needs to be a healthy collaboration of these
two articles, since it is very possible that someone’s free expression could
damage or breach someone else’s private life. But, in such cases, who can win
the argument, the one whose private life is breached or the other who simply
expresses their opinion? In this way, privacy and free expression become two
sides of the same coin, each of them being an essential condition to the
enjoyment of the other. To freely form and convey ones political, religious, or
ethnical beliefs one needs a private space free from interference. Equally,
violations on the right to privacy – physical or online surveillance,
monitoring of communications or activities– prevent an individual from
exercising their freedom expression. In
the modern world, almost every act online is an act of expression yet each of
these acts can also generate transactional information, and can easily be
monitored by unintended parties. The article provides for limitations to the
right of freedom of speech. It specifically refers to those restrictions that
are necessary in a democratic society (Williams, Beatson and Cripps, 2002). In
the case of super-jurisdiction, the court provides an order that requires that,
when the injunction is set in place, its existence may not be published nor
disclosed. Article 8 notes that, “everyone has the right to respect for one
private and family life, his home and his correspondence” (McCrudden 2000). It
goes further to state that, there are no interferences by the public
authorities in exercise of right expected in accordance with law and the
required independent civilisation for interest of nationwide safety,
cost-effective well-being, and public safety of the nation to prevent disorder
and crime to protect morals or health and protect rights and freedom for others
(Woogara 2001).

This paper has attempted to discuss
the development of the Human Rights Act 1998 and its relation to UK’s laws on
privacy, with a specific focus on its articles 8 and 10, regarding freedom of
private life and expression. Whether the Human Rights Act has been identified
as a critical driver for change, or just part of this wider framework, is not a
black-and-white issue and is in most cases a matter of perspective (Arnold,
2013). Sometimes, on close inspection, the role of the Human Rights Act is
found to be minimal or non-existent and other times the Act directly
contributes to greater personalisation and better public services. Generally, in
exercise of freedoms, it is related to duties and responsibilities subjected to
issues such as conditions, formalities, penalties, or restrictions as noted by
law and relevant for the democratic community. This must be an interest of
national safety, territory integrity, and public safety. Prevention of disorder
and crime to protect health and morals and protection of reputation and rights,
as well as prevention of disclosure of information sourced due to confidence
and maintenance of authority are some of the Act’s purposed. The arguments for
and against it could be further explored in another paper, in order to examine
how the limitations of the Act could be eliminated.

Bibliography:

• Amos, M. (2009). Problems with the Human Rights Act 1998 and How to Remedy Them: Is a Bill of Rights the Answer? Modern Law Review, 72(6), pp.883-908.
• Arendt, H. (1958). The human condition. 2nd edition Chicago: The University of Chicago Press.
• Arnold, R. (2013). Reflections on the Universality of Human Rights. The Universalism of Human Rights, pp.1-12.
• Carey, P., Armstrong, N., Lamont, D. and Quartermaine, J. (2010). Media law. 1st ed. London: Thomson Reuters (Legal).
• Case of Halford v. The United Kingdom. (1997). The International Journal of Human Rights, 1(3), pp.59-61.
• Equalityhumanrights.com. (2017). The Human Rights Act | Equality and Human Rights Commission. [online] Available at: https://www.equalityhumanrights.com/en/human-rights/human-rights-act [Accessed 15 Apr. 2017].
• Equality and Human Rights Commission, ‘The case for the Human Rights Act – Part 1 of 3 Responses to the Commission on a Bill of Rights – HRA Plus Not Minus’ (2010) Equality Rights and Human Rights Commission 4
• Ewing, K.D., 1999. The human rights act and parliamentary democracy. The Modern Law Review, 62(1), pp.79-99.
• Hart, T. and Fazzani, L. (1997). Breach of Confidence. Intellectual Property Law, pp.50-63.
• Hoffman, D. and Rowe, J. (2003). Human rights in the UK. 1st ed. Harlow, England: Pearson/Longman.
• Introna, L. (1997). Privacy and the Computer: Why We Need Privacy in the Information Society.
• Metaphilosophy, 28(3), pp.259-275.
• Johnson, J. (2001). The Potential Impact of the Human Rights Act 1998 on Employment Law. Business Law Review, 22(7), pp.164-168.
• Kiestra, L. (2014). The Impact of the European Convention on Human Rights on Private International Law.
• Krisch, N., 2008. The open architecture of European human rights law. The Modern Law Review, 71(2), pp.183-216.
• Legislation.gov.uk. (2017). Data Protection Act 1998. [online] Available at: http://www.legislation.gov.uk/ukpga/1998/29/section/1 [Accessed 15 Apr. 2017].
• Lyon, D. (2002). Surveillance as Social Sorting. 1st ed. Hoboken: Taylor & Francis Ltd.
• Markesinis, B., O’Cinneide, C., Fedtke, J., Hunter-Henin, M. and Fedtke, J. (2004). Concerns and Ideas about the Developing English Law of Privacy (And How Knowledge of Foreign Law Might Be of Help). The American Journal of Comparative Law, 52(1), p.133.
• Masterman, R., 2005. Taking the Strasbourg jurisprudence into account: Developing a ‘municipal law of human rights’ under the Human Rights Act. International and comparative law quarterly, 54(04), pp.907-931.
• McCrudden, C., 2000. A Common Law of Human Rights? Transnational Judicial Conversations on Constitutional Rights. Oxford journal of legal studies, pp.499-532.
• Nissenbaum, H. (1997). Toward an Approach to Privacy in Public: Challenges of Information Technology. Ethics & Behavior, 7(3), pp.207-219.
• Pearson, S., 2009, May. Taking account of privacy when designing cloud computing services. In Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (pp. 44-52). IEEE Computer Society.
• Phillipson, G. and Fenwick, H., 2000. Breach of Confidence as a Privacy Remedy in the Human Rights Act Era. The Modern Law Review, 63(5), pp.660-693.
• Review of the Implementation of the Human Rights Act. (2006). 1st ed. [eBook] Department of Constitutional Affairs. Available at: http://webarchive.nationalarchives.gov.uk/+/http:/www.dca.gov.uk/peoples-rights/human-rights/pdf/full_review.pdf [Accessed 14 Apr. 2017].
• Warren, A., Bayley, R., Bennett, C., Charlesworth, A., Clarke, R. and Oppenheim, C., 2008. Privacy Impact Assessments: International experience as a basis for UK Guidance. Computer Law & Security Review, 24(3), pp.233-242.
• Warren, S. and Brandeis, L. (1890). The right to privacy. Harvard Law Review, pp.193-220.
• Williams, D., Beatson, J. and Cripps, Y. (2002). Freedom of expression and freedom of information. 1st ed. Oxford: Oxford University Press.
• Woogara, J., 2001. Human rights and patients’ privacy in UK hospitals. Nursing Ethics, 8(3), pp.234-246.