Privacy advocates from the United States, Canada and Europe have gathered in Washington, DC for the conference on Computers, Freedom and Privacy (CFP). In light of recent revelations about the collection of personal data from Internet companies by the US government and other dragnet surveillance techniques that impact the rights of Internet users, the North American and European privacy advocates issued the following consensus statement.

Privacy is a basic human right set out in Articles 17 and 19 of the International Covenant on Civil and Political Rights (ICCPR) and Article 12 of the Universal Declaration of Human Rights (UDHR).

We, the undersigned civil society groups from North America and Europe, are outraged because:

• Under PRISM and related surveillance programs, the US government is collecting personal data that individuals have given to companies such as Google or Facebook. These data were given freely or inadvertently, trusting that they would only be used for stated commercial purposes and not secretly shared with governments in order to monitor innocent people worldwide;

• At the same time, the US companies and the US administration are lobbying in Europe against European data protection law at a time when the world needs strong privacy protections most;

• EU citizens currently have significant privacy rights that US citizens do not have – thereby creating a level of trust in the public and private sectors in the European Union that is not available to US citizens.

Currently, the European Union is reforming its general data protection framework for the private sector.

We therefore call on EU policy makers:

• to oppose corporate lobbying and to prevent the erosion of privacy protections in the European Union;

• to set a high standard and ensure that EU data protection law sets a global standard for privacy;

• to ensure specific rights of individuals are being preserved, such as explicit consent to personal data processing, the right to access, rectification and certain rights to erasure that are in the existing European legal framework;

• to ensure basic principles that would help protect citizens against untargeted and disproportionate surveillance measures, such as data minimization, purpose limitation, limited storage periods and notification procedures;

• to ensure that personal data processed in the EU is not transferred to third country authorities without a determination that there are adequate privacy safeguards.

Our common future, on both sides of the Atlantic, needs privacy and a strong European law. We call on European policy makers to defend this human right now, as an essential prerequisite for preserving privacy, freedom of thought and of expression in vibrant democracies.

Promoters:

Access American Civil Liberties Union (ACLU) Bits of Freedom (BoF) British Columbia Civil Liberties Association (BCCLA) CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) Consumer Federation of America (CFA) Center for Digital Democracy (CDD) Defending Dissent Foundation Electronic Privacy Information Center (EPIC) European Digital Rights (EDRi) Friends of Privacy USA Privacy International Privacy Rights Clearinghouse