Author: Danaja Fabčič Povše
Chapter 6, book Security and Law
In a global digital economy, data pass through servers, located in different countries with diverse rules on data protection security. Different standards and requirements lead to the problem of the global system only being as strong (or weak) as cybersecurity requirements in the “least trusted country”. Encryption is often put forward by the crypto experts as an effective security measure. At its core, encryption transforms text-information into a seemingly random string of words and letters that can only be deciphered by using another bit of information, called the decryption key. The rules on use of encryption vary and some countries have adopted regimes that may compromise information and conversations despite use of appropriate encryption techniques. Encryption is also an important measure contributing to human rights, especially freedom of expression and the right to privacy. It keeps communications inaccessible and safe from prying eyes, enabling the sharing of opinion, accessing online information and organising with others to counter injustices. In data protection, encryption is a privacy-preserving technique, that also contributes to the security of processing personal data.
This chapter will focus on the analysis of encryption in the international human rights legal framework. More specifically, general human rights framework on the right to privacy, especially confidentiality of communications, and/or data protection, legal instruments specific to data protection, and soft law, i.e. experts’ and policy-makers’ non-binding opinions and recommendations, will be analysed.