Former National Security Agency contractor Edward Snowden’s leaks of surveillance secrets have already prompted concerted efforts to reform spy laws in the US. But now a burgeoning international attempt to rein in the mass surveillance is taking shape.

Led by the German government, a loose coalition of privacy chiefs from countries across the world is pushing to update an influential international human rights treaty that enshrines the right to privacy.

German officials first wrote to their counterparts in other European Union countries with the proposal after Snowden’s revelations about the sweeping scope of spy programmes operated by the NSA. They were seeking support for an attempt to protect citizens’ right to privacy in the Internet Age – and the effort is now beginning to gather momentum.

The intention is to draw up an additional protocol to the International Covenant on Civil and Political Rights, a 1966 multilateral treaty that is part of the Universal Declaration of Human Rights and is endorsed by more than 160 countries, including the US. Article 17 of the ICCPR already states that citizens should not be “subjected to arbitrary or unlawful interference with [their] privacy, family, home or correspondence” and contains a vague so-called “general comment” that says the collection of information from computers must be “regulated by law”.


But the German government wants to broaden and update article 17, adding an additional protocol for the “digital sphere” that specifically covers the conduct of spy agencies. It may as well be named the “Snowden protocol,” as it is being put forward as a direct result of the backlash sparked by the NSA whistle-blower’s disclosures.

International support

Data protection chiefs in Austria, Hungary, Switzerland and Lichtenstein were quick to back the plan, which the German government says was initially proposed in a letter it sent to other EU member states in July. Last week, however, the proposal received a major boost at the International Conference of Data Protection and Privacy Commissioners in Warsaw, Poland. The annual conference was attended by a diverse selection of privacy and data protection officials from across the world, with representatives attending from countries including Japan, New Zealand, France, Slovenia, Uruguay, Belgium, Ireland, Finland, Spain, Australia, Germany, Burkina Faso, Canada, the US and the UK.

During a closed session at the conference open only to the privacy chiefs, a resolution was put forward for a vote on the proposal to update article 17. They voted overwhelmingly in favour of the idea, recognising a need to “create globally applicable standards for data protection and the protection of privacy in accordance with the rule of law”.

Notably, only one country did not approve of the resolution: the US. A representative from the Federal Trade Commission abstained. I sent an email to the FTC asking why it refused to endorse the proposal, but had not received a response at the time of publication.

At this point, the proposed article 17 protocol is still a long way off. It will eventually need to be put forward at the United Nations and voted on by member states, and that could take time. But the growing appetite to amend the international treaty in light of the Snowden revelations is highly symbolic if nothing else, reflecting widespread concerns about the power of mass surveillance technology in the digital age to trample over basic universal privacy rights.

Dutch data protection chief Jacob Kohnstamm, who also chairs the European Parliament’s working group on data protection issues, told me that he believes there is a need for the UN to tackle the transparency and proportionality concerns raised by the surveillance programmes. “One of the problems that we are facing is that there is no supra-national regulation,” Kohnstamm said.

What difference does it make?

Of course, even if an update to article 17 of the ICCPR is eventually accepted by countries at the UN, there is no guarantee that it will have a substantive impact. The ICCPR is enforced by the UN’s Human Rights Committee, but its recommendations are not legally binding, making the committee mostly just a moral authority. As the various dragnet spying programmes exposed by Snowden have shown, the US, the UK and the three other partners in the so-called “Five Eyes” network – New Zealand, Australia and Canada – have for years ignored what international treaties and human rights law says about the right to privacy. However, the coalition led by Germany is at least trying to recognise that it is a problem to have intelligence agencies aggressively eavesdropping on millions of communications daily – and that is a significant development in itself.

In the meantime, more serious options are still on the table that could have a tangible impact on the spying in the shorter term. Several politicians in the European Parliament are pushing to suspend or radically reform data-sharing agreements with the US, and angry leaders in countries like Brazil and Mexico, which were reportedly targeted for surveillance, may force the Obama administration to make assurances that it will cease or at least limit its politically charged eavesdropping in these countries. On Obama’s home turf, too, the debate about snooping is still raging, with freshly proposed reforms seeking to rein in the scope of NSA surveillance.

Snowden said that his biggest fear about leaking the secret files was that “nothing will change”. But it seems clear at this point that he can rest easy, because change is already in motion.