Safeguards for Public-Private Surveillance Partnerships
Through our investigative work and the work of our partners around the world, PI has identified a number of issues common to public-private partnerships that involve surveillance technology and/or the mass processing of data. To address these issues, we have defined corresponding safeguards that we recommend for implementation by public authorities and companies who intend to enter into such partnerships.
As states around the world seek to expand their surveillance capabilities and harness the power of data to deliver public services, they are often tempted to use the services of private technology companies – through public-private partnerships (‘PPPs’). The fight against COVID-19, and associated urgency to find answers and solutions, has only increased the perceived need for states to use ‘innovative’ technologies and big data analytics systems developed by companies. But these PPPs are taking on a new form, diverging from traditional public procurement relationships. We observe much more co-dependency between the parties, whereby the state may be developing new systems or processes entirely reliant on the services of one company, and the company may be receiving access to data or other information for use in developing its own services. Beyond a simple “one-off” commercial relationship, these partnerships are often built over courting, promises of attaining perfect truth, and ever more private access to data – often circumventing public procurement rules and impeding on fundamental rights in the process.
The privatisation of public responsibilities can be deeply problematic if deployed without the safeguards required to ensure human rights are not quietly abused. This is particularly true when the systems deployed are used for surveillance and mass processing of personal data. Private companies have been known to play with the limits of what can legally and ethically be done with individuals’ identities and data, without the same level of accountability required of public authorities – a significant affront to fundamental rights when used to deliver a public service.
Through our investigative work and the work of our partners around the world, PI has identified a number of issues common to PPPs that involve surveillance technology and/or the mass processing of data. To address these issues, we have defined corresponding safeguards that we recommend for implementation by public authorities and companies who intend to enter into such partnerships. Classified between principles of Transparency, Adequate Procurement, Accountability, Legality, Necessity & Proportionality, Oversight and Redress, together they seek to uphold human rights and restore trust in the state’s public functions as these increasingly get outsourced to private hands. The safeguards intend to be jurisdiction-blind, so that they can apply as widely as possible across the globe. They are a living document, which we update regularly with new examples of abuse from across the world and of successful advocacy against surveillance partnerships.
The United Nations Guiding Principles on Business and Human Rights (the ‘UN Guiding Principles’), unanimously endorsed by states through the UN General Assembly in 2011, provide a clear mandate for states and companies alike to step up measures to respect, protect and fulfil human rights and fundamental freedoms, and to extend their responsibilities in this regard, including in the technology industry. The following safeguards outline what PI believes to be a reasonable framework of protections to enforce these responsibilities, and ensure that PPPs do not result in human rights abuses. PI hopes that this outline can help civil society and communities advocate for such a scheme when faced with ubiquitous deployments of technology.
Click through the various sections below to see the safeguards, issues they seek to address, and examples of abuse.
Download a fuller PDF version of the safeguards
Télécharger une version en français
Descarga la versión en español