Dear Secretary General Ángel Gurría and Members of the OECD:
We write to you, as leaders of civil society organizations and experts who have worked with the OECD, to express support for your important work in response to the pandemic and to urge you to continue to uphold the democratic values on which the OECD is based.
The OECD has worked to promote cooperation among member countries from the start. In the early years, the OECD carried forward the Marshall Plan and helped ensure coordination among European nations during a period of rebuilding. Over time, the reach of the OECD expanded to North America, and Asia, as trade increased and democratic countries confronted common economic and social challenges. And under your leadership the OECD has reached out to countries in Latin America and Africa, becoming a truly global organization.
Throughout its history, the OECD has also retained a steadfast commitment to democratic institutions, the rule of law, and fundamental rights. The 1960 Convention emphasized “economic strength and prosperity” and also “the preservation of individual liberty.” And this work can be seen in the influential OECD Privacy Guidelines of 1980 as well as the recent OECD AI Principles of 2019. In the OECD Cryptography Guidelines of 1997, the OECD helped encourage new techniques for privacy and security that made possible the rise of the information economy.
Promoting economic growth and safeguarding fundamental rights is the key to “shape #betterlives.”
Today the OECD and the member countries confront perhaps the biggest challenge in the organization’s 60 year history. Many nations are considering proposals to use digital technologies to track and monitor individuals, to enforce quarantines, and perhaps to impose legal penalties. Law enforcement agencies want access to cell phone records. Companies are gathering enormous amounts of personal data related to the pandemic that could be used for other purposes in the future. New transfer arrangements for personally identifiable information are being established with little oversight or accountability. Governments have already limited the scope of preexisting privacy law.
At the same time, we see innovative approaches that aim to respond to the pandemic and to safeguard privacy and personal liberty. This week several European countries announced that they are creating a “privacy-preserving proximity tracing” app that uses Bluetooth signals between mobile phones to track users who are close enough to infect each other. It is claimed that the software uses privacy-enhancing techniques such as encryption, data anonymization, and data minimization to provide effective tracing while maintaining high data protection standards. We note the efforts of Singapore to curb the spread of the disease by way of a similar app that is open source and exchanges short distance bluetooth signals, while records are stored locally on the phone, and it is claimed that logs will be shared with the Health Ministry only when requested. A major tech company has launched a Screening Tool that provides information about the coronavirus, social distancing, and guidance on testing. The company has stated that it will not collect personal data.
The claims made regarding the privacy-preserving nature of such applications require further inquiry to ensure that they work as stated and are not repurposed. On behalf of civil society organizations and experts around the world that work with the OECD we therefore urge you to:
-
Make clear the ongoing importance of the OECD policy frameworks that safeguard fundamental rights, from the OECD Privacy Guidelines of 1980 to the OECD AI Principles of 2019;
-
Continue to use the powerful analytical tools of the OECD to demonstrate that there are many use of data that do not require “trade-offs” or “balancing.” For example, the OECD’s evaluation of “the initial impact of COVID-19 containment measures on economic activities” provides direction to governments without raising privacy concerns. Effective evidence-based analysis can both provide critical insights to policy makers and safeguard privacy and liberty; and
-
Use your role as the leader of one of the most respected international organizations in the world to urge your colleagues at the G-7, the G-20, UNESCO, the ITU and elsewhere to uphold fundamental rights
It is not just leaders among the civil society groups that want to ensure governments respect fundamental rights. Those on the front line of the pandemic are also urging governments to safeguard privacy and data protection. Dr. Michael Ryan, a key advisor for the World Health Organization, said last week that there is a tremendous amount of innovation and enthusiasm for new products. But he also cautioned that “when collecting information on citizens or tracking their movements there are always serious data protection and human rights principles involved.” Dr. Ryan said, “we want to ensure that all products are done in the most sensitive way possible and that we never step beyond the principles of individual freedoms and rights.”
We must be certain that the actions taken now are necessary and proportionate to the challenges we face. They should be evidence-based and they should respect the traditions on which the OECD was founded.
Thank you for your consideration of our views.
Signatories:
Organisations
-
Access Now (United States)
-
Algorithmic Justice League (United States)
-
Asociación por los Derechos Civiles - ADC (Argentina)
-
Association for Progressive Communications (Global)
-
Australian Privacy Foundation (Australia)
-
CPDP Scientific Committee (Belgium)
-
Data Protection Commissioner of Schleswig-Holstein (Germany)
-
Derechos Digitales (Chile)
-
EPIC (United States)
-
European Center for Not-for-Profit Law (ECNL) (Netherlands)
-
Fundación Ciudadanía Inteligente (Chile)
-
Fundación Datos Protegidos (Chile)
-
Fundación Karisma (Colombia)
-
Hiperderecho (Peru)
-
Homo Digitalis (Greece)
-
Homo Digitalis (Greece)
-
Indigenous Friends Association (Canada)
-
Instituto Nupef (Brazil)
-
International Applied Ethics and Technology Association (United States)
-
IPANDETEC - Centroamérica (Panama)
-
Kenya ICT Action Network (KICTANet) (Kenya)
-
LI²FE Laboratorio de Investigación e Intervención Filosófica y Ética (Spain)
-
Privacy International (United Kingdom)
-
Privacy Salon (Belgium)
-
tedic (Paraguay)
-
Trade Union Advisory Committee to the OECD (TUAC) (France)
-
Usuarios Digitales (Ecuador)
Individuals
-
Dr. Jonathan Andrew (Switzerland)
-
Monica Arenas Ramiro (Spain)
-
Bruce Baer Arnold (Australia)
-
Txetxu Ausin (Spain)
-
Renata Avila (Guatemala)
-
Suso Baleato (Spain)
-
COLIN BENNETT (Canada)
-
Christine Borgman (United States)
-
Ian Brown (United Kingdom)
-
Ryan Budish (United States)
-
Paul De Hert (Belgium)
-
Agustina Del Campo (Argentina)
-
Claudia Diaz (Belgium)
-
Pedro Franco (Ecuador)
-
Urs Gasser (United States)
-
Caroline Giraud (France)
-
Grace Githaiga (Kenya)
-
Graham Greenleaf (Australia)
-
Marit Hansen (Germany)
-
Mireille Hildebrandt (Belgium)
-
Alan Horne (United Kingdom)
-
Deborah Hurley (United States)
-
Tamir Israel (Canada)
-
Jeff Jonas (United States)
-
Javier Juarez (Mexico)
-
Konstantinos Karachalios (United States)
-
Garry Kasparov (Croatia)
-
Lorraine Kisselburgh (United States)
-
Pablo Molina (United States)
-
Ricardo Morte Ferrer (Germany)
-
Heesob Nam (Korea, Republic of)
-
Peter Neumann (United States)
-
Michael J. Oghia (Serbia)
-
Bilyana Petkova (Qatar)
-
Liam Pomfret (Australia)
-
Charles Raab (United Kingdom)
-
Marc Rotenberg (United States)
-
Bruce Schneier (United States)
-
Nadine Strossen (United States)
-
Ivan Szekely (Hungary)