Privacy as a social and legal issue has for a long time been a concern of social scientists, philosophers, and lawyers. With the arrival of the computer and increasing capabilities of modern IT-systems and communication networks, individual privacy is increasingly endangered. Especially on the way to a Global Information Society with different national programmes for the further development of data highways, there are severe privacy risks. Privacy as a fundamental human right recognised in the UN Declaration of Human Rights, the International Convenant on Civil and Political Rights and in many other international and regional treaties [PI/EPIC 1999] has to be protected in a democratic society.
In general, privacy protection can be undertaken by
• privacy and data protection laws promoted by government
• self-regulation for fair information practices by codes of conducts promoted by
businesses
• privacy-enhancing technologies adopted by individuals
• privacy education of consumers and IT professionals.
In this Chapter, privacy risks and means of privacy protection are discussed and analysed. In the first part, a definition of privacy and an overview to privacy legislation is given. Then, privacy risks in the Global Information Society are discussed, and it is shown that privacy is becoming more and more an international problem. For this reason, an international harmonisation of privacy legislation besides the EU Directive on data protection is needed. However, it shows that, due to cultural, political and historical differences, there are significant deviations in the EU approach to privacy protection from the privacy regulations of other countries, which have developed information infrastructure programmes. Although the EU Directive on Data Protection might have a coercive effect also on countries outside the EU to enact efficient data protection legislation based on the EU Directive, a common international harmonised approach seems hardly feasible. Therefore, it is argued that besides privacy protection by legislation and code of conducts, privacy enhancing technologies as a means to technically enforce legal privacy requirements are becoming increasingly important. Finally, the importance of privacy education complementary to privacy enhancing technologies is pointed out.