The right to privacy in Police investigations.

While privacy is not always directly mentioned as a separate right in constitutions, nearly all States recognize its value as a matter of constitutional significance. Although this right is enshrined in Article 27 of the constitution, the applicability/and enforceability of the right is a laughable notion in Uganda. The media is quick to publish names and photographs of suspects even before investigations are complete. This trend has been aggravated by heightened security tensions resulting from terror threats by various insurgents. Photographs of the suspected terrorists are published and freely circulated in print & social media. Consequently and through the adversarial nature of these reports, the suspects automatically become public enemies and are guilty before they are tried by competent courts of law.

Once information about a suspected terrorist is published, a quick Google search will in most cases reveal personal information about the person. Most of this information provided by the media.

Granted, the right to privacy is not an absolute right. Once an individual is being formally investigated or screened by a security agency, personal information is shared among security agencies for reasons of countering terrorism and the right to privacy is almost automatically affected. These are situations where States have a legitimate power to limit the right to privacy under international human rights law. However, countering terrorism is not a trump card which automatically legitimates any interference with the right to privacy. There is a very thin line between careful and controlled release of suspect’s information to aid with investigations and premature release of information without justifiable cause.

The recent mass collection of Biometric data for National ID’s is another worrisome aspect. We can only speculate as to who will have access to this data and whether it will be well regulated. Centralized collection of biometrics if not properly managed create a risk of causing miscarriages of justice. In March 2004, shortly after the Madrid bombings, the Spanish police managed to lift a fingerprint from an unexploded bomb. Fingerprint experts from the United States Federal Bureau of Investigation (FBI) declared that a lawyer’s fingerprint was a match to the crime-scene sample. The person’s fingerprint was on the national fingerprint system because he was a former soldier of the United States.

The individual was detained for two weeks in solitary confinement, even though the
Fingerprint was not his. Examiners failed to sufficiently reconsider the match, a situation that was made worse for him when it was discovered that he, as a lawyer, had defended a convicted terrorist, was married to an Egyptian immigrant, and had himself converted to Islam.

Without any real privacy or data protection laws, there is no clear way of determining culpability. Data protection is globally recognized as a distinct human or fundamental right. Some countries have recognized data protection even as a constitutional right, thereby highlighting its importance as an element of democratic societies. The detailed article 35 of the 1976 Constitution of Portugal can be seen as an example of best practice here.

In the absence of clear guidelines, the police must be wary of human rights violations while carrying out investigations. The right to privacy might not be regarded as fundamental compared to the “more important” human rights abuses, but can easily cause an unfortunate miscarriage of justice. Retired Justice Ralph Ocan while presiding over the Buganda riots case in 2004, attributed the failure of the case to the Police and the prosecution, who in their desire to achieve a conviction at all costs totally ignored the fundamental duties imposed by all of them by the Constitution.

Regardless of whether the police is under great pressure to carry out effective investigations, violation of right to privacy could cost them a much needed conviction.

In some countries, the right to privacy emerges by extension of the common law of breach of confidence, the right to liberty, freedom of expression or due process. In other countries, the right to privacy emerges as a religious value. The right to privacy is therefore not only a fundamental human right, but also a human right that supports other human rights and forms the basis of any democratic society.

Muhangi Kenneth LLB (Hons) LLM (Wales) Dip LP. LDC

The Right to Privacy and the Right to be forgotten by the Internet.

We are living in a world where there is no such thing as absolute privacy. With the increasing popularity of Social media, most Ugandans now have extensive digital footprints comprised of Tweets, Facebook posts, LinkedIn profiles, Instagram photos, and other material they share online.

While we may think our web searches, browsing history, and email archives are private, this data is often one of the most valuable assets for companies like Google.

We still do not have clear answers to basic questions such as: Do people own personal information about themselves? How can they control or limit how companies (and governments) use it? To start, there are complexities around the fundamental issue of information “ownership,” particularly ownership of personally identifiable information. One cannot be said to actually own information about one’s self. Information relates to you, is connected to you, or is of you.

Even if we consider personal information to be a form of property over which individuals should have full control, the exercise of this control is complicated by the legal concept of possession. If an owner rents or leases his house to a tenant, he still owns the property but it is now in the tenant’s possession. While the landlord may set parameters for its acceptable use, he cannot really control what happens to the house and will have to turn to the law to punish renters who misuse the property.

Because personal information can be easily replicated it is very difficult to protect. While one can exclude others from physical property through fences, locks, or, armed guards, it is much trickier to control information in a digital environment.

Social media sites like Facebook, Tumblr, and Twitter all require users to submit certain identifying information and have privacy policies governing how that information may be used. Unfortunately most users do not read these policies and just accept the terms inadvertently signing over their rights.

In Europe, the Europe convention 1981 opened the floodgates to countries specifically within the European Union to enact specific laws to address the issues of data security. In 1995, the UK, thus eventually adopted directive 95/46/EEC which required all member states to recognize the right to privacy with respect to the processing of personal data.

While Uganda is yet to wake up and smell the coffee, Europe has once again made strides towards fortifying the right to privacy. The European court of Justice recently confirmed the "right to be forgotten" and said Google must delete "inadequate, irrelevant or no longer relevant" data from its results when a member of the public requests it.

The case was brought against Google Spain by a Spanish man, Mario Costeja González, after he failed to secure the deletion of an auction notice of his repossessed home dating from 1998 on the website of a newspaper in Catalonia.

Costeja argued that the matter, in which his house had been auctioned to recover his social security debts, had been resolved and should no longer be linked to him whenever his name was searched on Google.

The ruling established that search engines must be regarded as "data controllers" and take responsibility for the content that they link to and may be required to purge search results even if the material was previously published legally.

This ruling could give the go-ahead to deletion requests of material including photographs of embarrassing episodes and even insults on social media websites. It is certain that such a ruling would be welcomed by many in Uganda that have fallen victim to negative publicity as a result of their indiscretions.

Perhaps for now it is incumbent on all consumers to be circumspect with respect to whom they allow access to their data.

Government must recognize the inherent danger in the collection and retention of personal information and protect citizens – and empower them to protect themselves – from both corporate and its own interests. In the meantime, the few smart lawyers who offer reputation management services to those who can afford will seek to reap from developments in this area of practice.

Kenneth Muhangi
LLB (Hons) LLM (Wales) Dip. LP (LDC)
This email address is being protected from spambots. You need JavaScript enabled to view it.