(Dieser Artikel ist auch in deutscher Sprache verfügbar)

More than 600 persons from 50 countries gathered in Montreal to participate to the 29th International Conference of Data Protection and Privacy Commissioners, on 25-28 September 2007, making this year venue attended by a record number of interested parties. The theme of the conference, 'Privacy Horizons: Terra Incognita', certainly played a role in this attraction. The audience has not been disappointed by presentations and panels indeed exploring currently challenging issues in the field of privacy and data protection, such as nanotechnology, ubiquitous computing, the body as data..., not to mention already well known, but continuously concerning issues like globalization, public safety and the interpenetration between law an technology.

The host of the Conference, Canadian Federal Privacy Commissioner Jennifer Stoddart and her team invited US Department of Homeland Security Secretary Michael Chertoff as keynote speaker of the opening ceremony. The Big Neighbour representative's speech was not disappointing either, or rather not surprising, as even those who haven't listened may infer from his own blog report.

Far more worth attending were most of the other sessions and panels. In particular, I went back home with confirmation and further food for thought on three main ideas. First, the well renowned security expert Bruce Schneier (BT Counterpane, USA) insisted on the fact that the world has changed without us having changed accordingly the framing of the debate, and that the dichotomy is not anymore between privacy and security but rather between freedom and control. Second, Law professor Joel Reidenberg (Fordham University School of Law, USA) advocated the need for a 'design liability' when privacy and data protection principles breaches are implemented by design in a given architecture. Although Reidenberg generally advocates too much in favour of so-called "co-regulation" and "codes of conducts" for my taste, this 'design liability' concept should certainly be developed and implemented, as a mean to work towards more privacy-friendly services, tools and standards. Third, Canada Research Chair in Ethics, Law & Technology holder Ian Kerr (University of Ottawa, Canada) gave a very interesting panorama of the privacy issues with ubiquitous computing, highlighting how the current hierarchy between the personal (body data), the territorial (property and good data) and the informational (basic biographical data) spheres, as considered e.g. by the Canadian Supreme Court, may be questioned in the near future with new services and technologies making these spheres merge.

"Here be dragons", then. The whole idea of the Terra Incognita/Dragon for this conference came, as we learnt through Jennifer Stoddart acknowledgements from Stephanie Perrin (Director of Integrity Policy, Integrity and Risk Management, Service Canada), who chaired this year edition of the Computers, Freedom and Privacy Conference, also held in Montreal in May 2007.

It is then no surprise that Stephanie shared with the audience of the Civil Society Privacy Workshop, held the day before and in liaison with the DPA Conference, her impression of 'deja vu'! As a matter of fact, this civil society event, under the global theme of 'Privacy Rights in a World Under Surveillance' was the confirmation of Bruce Schneier's intuition that the whole debate should be reframed according to new world paradigm. If civil society groups do not seriously work on this, they risk to go on meeting each year simply to acknowledge that the situation is worse than the previous year! Trying to open up civil society discussions on privacy to new actors, from both other regions and cultures than simply north-western, anglo- saxon countries and other backgrounds than privacy stricto sensu, would certainly help.

This would at least help understand issues as framed during another event I attended in Montreal this same week, which was the inaugural conference of Data Protection Commissioners from La Francophonie, where I was invited by the 'Commission d'accès à l'information du Québec (Quebec DPA, probably the only DPA authority also acting as the access to information authority) to give a talk on 'Protecting Personal Data in a Virtual World: French and European Perspectives'. La Francophonie is a political space comprising 53 member 13 observer States and governments from the 5 continents (many of which no one would have thought they have any link with French language and culture, but anyhow...). By attending this conference, one may realize - if not already aware - how much the privacy and personal data protection debate needs to find viable arguments to answer basic problems of democracy: how to ensure transparent elections, how to guarantee a working civil status registry, to name a few, in countries where life is a daily struggle. This is not to say that privacy, personal data protection, and other related issues are a luxury, but to help realize that different arguments should be worked out when privacy is not anymore opposed to security, but rather to corruption, illiteracy, etc. At the end of this event attended by representatives from 27 countries from La Francophonie, 14 of them having a DPA, the new international association of DPA from La Francophonie was created, with its bureau composed by Quebec DPA (presidency), French DPA (general secretariat), Burkina Faso DPA and Swiss DPA (vice-presidencies). The association will have its seat in Paris.

29th International Conference of Data Protection and Privacy Commissioners: 'Privacy Horizons: Terra Incognita' (English and French, 25-28.09.2007)
http://www.privacyconference2007.gc.ca

Michael Chertoff's blog on his speech in Montreal (28.09.2007)
http://www.dhs.gov/journal/leadership/2007/09/global-approach.html

Civil Society Privacy Workshop: 'Privacy Rights in a World Under Surveillance' (25.09.2007)
http://www.thepublicvoice.org/events/montreal07

Data Protection Commissioners' Francophonie conference: 'The protection of personal data, an absolute necessity to democracy and development' (in French only, 24.09.2007)
http://www.cai.gouv.qc.ca/CCPDF

Meryem Marzouki's talk at DP Commissioner's Francophonie conference: 'Protecting Personal Data in a Virtual World: French and European Perspectives' (French and English, 24.09.2007)
http://www-polytic.lip6.fr/article.php3?id_article=190

(Contribution by Meryem Marzouki, EDRI member IRIS - France)