The ancient city of Marrakech was founded by the Almoravid dynasty at the beginning of the 11th century, as a centre for trade and craftsmanship. One century later, another mythical city, Timbuktu, was founded for similar reasons, in what is now known as the sub-Saharan state of Mali. As the location of the 38th International Privacy Conference, Marrakech aimed to set a precedent once again, this time through opening up the doors to privacy beyond the western world. The Conference took place from 17-20 October this year and the EDPS once again played an active part.
In this historical setting, the topic for discussion in the closed session was one of the most forward-looking ever seen at an International Privacy Conference: the implications of artificial intelligence, machine learning and robotics for privacy and data protection. The EDPS contributed with a background paper on the topic, which was quoted by panellists and participants, analysing technologies such as big data and automated decision making, image recognition, natural language processing, autonomous machines, self-driving cars and drones. It was clear from the discussions that took place that, in the same way that algorithmic transparency remains important for Artificial Intelligence, ensuring transparency of purpose is becoming essential in machine learning and big data scenarios.
Another highlight of the closed session was the presentation by UN Special Rapporteur Joe Cannataci. His efforts to increase the profile of privacy through the United Nations have not yet been allocated the resources needed. It is therefore important that other international organisations and data protection authorities support him to the best of their abilities. I took the floor to express our support for his role and to encourage the development of international law in the area of privacy and Internet governance. This should perhaps start as an instrument of soft law, but may lead to a more hard law in the mid- or long-term.
The Conference adopted resolutions on international enforcement cooperation, Human Rights Defenders, new metrics of data protection regulation and on an International Competency Framework on Privacy Education. The EDPS contributed to the drafting of some of these resolutions and some of the amendments we tabled were also accepted. Central to our intervention was the idea that free flows of data should not only be assessed from an economic perspective but also from the perspective of the individual.
Last but not least, a new working group was set up with the intention of reflecting on the future size and membership of the conference. With our own experience as the data protection authority of an international organisation, this is a debate to which the EDPS is both well-placed and willing to contribute.
The panels in the open session of the Conference dealt with issues of international relevance. Particularly interesting were some contributions from African representatives. These underlined the importance of privacy and data protection for democracy, as an institutional pillar to fight against discrimination and fraud and to empower individuals.
Both myself and Assistant Supervisor Wojciech Wiewiórowski played an active part in the conference. My own contribution was a keynote speech as part of a panel on adequacy, localisation and cultural determinism. I conveyed three main messages to the distinguished audience:
- There is no room for relativism when it comes to respect for individuals and human dignity. The right to privacy is sacrosanct.
- We need to free up flows of data around the world, not only for economic reasons but rather to ensure that everyone is able to enjoy the digital dividend of technological change and globalisation.
- We need a common framework of reference for ethics in the digital age. This requires a new global political consensus on the ethics of data processing.
I argued that there are values and areas of public life which offer fertile ground for this new consensus. Ethics is one area; accountability is another.
This was a well-organised conference, facilitated competently by our colleagues from the Moroccan data protection authority (CNPD). As the title of the conference anticipated, it opened new territories for privacy. It promoted the participation of many African colleagues, who went home with big endorsements and encouragement from the international community, whilst also facilitating innovative discussions on artificial intelligence, robotics and machine learning. The topics addressed are the topics that are shaping the policy debate on the impact of new technologies on the human rights of individuals. Their status only serves to reinforce the need for greater dialogue with regulatory bodies in other sectors or areas responsible for safeguarding the rights and interests of the individual in the digital society and economy.