UNITED NATIONS REGULATIONS ON PERSONAL DATA PROTECTION

Universal Declaration of Human Rights

Before examining the provisions regarding personal data protection in the Declaration, a brief explanation of the Declaration would be appropriate for understanding the importance of the regulation. The United Nations Organization is an international institution established after World War II, following the great destruction and suffering experienced by humanity, to prevent people from suffering the same harm again.

It is understood that the fundamental purpose of the Declaration published by the UN was to oppose the adverse conditions that emerged during the war and violations of human rights. The prerequisites of the 1948 Declaration were, on one hand, past “barbaric acts,” namely wars that occurred some time ago and terrible treatment inflicted on millions of victims, and on the other hand, the longing for “the advent of a world in which human beings shall enjoy freedom.”

Here, the enemy being addressed is one that has not committed all these acts and therefore would not want to commit them. The Declaration expresses the desire to save humanity from inhuman treatment. The word “universal” found in the title of the Declaration, which is hardly found in other traditional declarations, is very important.

In the Declaration, those whose rights are violated – whether they are social classes, groups, peoples, or other minorities, or individual persons – demand freedom and equality of rights, which means a universal order for themselves. These demands are legitimized by being based on a universal supra-positive foundation, whether universal natural law or the reason that humans possess from birth, including conscience, from the tradition of enlightenment.^[1]

Provisions Related to Personal Data in the Declaration

Article 12 of the UN Universal Declaration of Human Rights contains provisions for the protection of personal privacy. The relevant article is not directly aimed at protecting personal data, but rather at protecting private life.

Following the establishment of the UN General Assembly, at its 3rd session, the “Universal Declaration of Human Rights” was adopted by Resolution 217 (III)^[2] dated 10/12/1948. It was decided at the Council of Ministers meeting on 6/4/1949, upon the letter dated 28/03/1949 and numbered 36084/122 from the Ministry of Foreign Affairs, that this Declaration should be published in the Official Gazette and taught and interpreted in schools and other educational institutions after publication, and that appropriate publications should be made in radio and newspapers about this Declaration.

The Declaration was published in the Official Gazette numbered 7217 dated 27.05.1949.

International Covenant on Civil and Political Rights

It is also important to examine the conditions under which the Covenant on Civil and Political Rights, adopted 18 years after the UN Universal Declaration of Human Rights, came into being and its position vis-à-vis the Declaration, in order to understand the spirit of the convention on personal data protection.

In 1966, the United Nations opened for signature and ratification the International Covenant on Economic, Social and Cultural Rights and the International Covenant on Civil and Political Rights. Among the Covenants, the International Covenant on Economic, Social and Cultural Rights is understood and interpreted as an expression of socialist and communist ideology, while the International Covenant on Civil and Political Rights is understood as an expression of Western liberal ideology.

The conditions of the Covenants opened for signature by the UN in 1966 differ from the Declaration. In the Covenants, all peoples have the right to self-determination. However, the previous Declaration stated that “all human beings are born free and equal in dignity and rights.”

In contrast, the 1966 Covenants emphasize that individuals have duties as well as rights. At the beginning of the covenants, it is stated that “the individual has duties to other individuals and to the community of which he is a member and bears responsibility.”^[3]

The Republic of Turkey signed this international Covenant, which was opened for signature by the United Nations on 16 December 1966, in New York on 15 August 2000 and ratified it on 04.06.2003. It entered into force after being published in Official Gazette numbered 25142 on 18.06.2003.

UN Human Rights Committee’s 1988 Interpretation

The UN Human Rights Committee interpreted the Privacy of Private Life regulated in Article 17 as follows in its 32nd session in 1988^[4].

According to the article, no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation.

According to the Committee, this right must be protected against all kinds of interference and attacks originating from both State authorities and any natural or legal person. According to the article, the State party is under the obligation to prohibit interference and attacks on this right and to take legislative measures and all other necessary measures aimed at protecting this right.

Furthermore, every individual should be able to learn which public authorities, private individuals or institutions control or may control these files. In cases where the files in question contain incorrect personal information or where such information has been collected or used unlawfully, every individual has the right to request correction or removal of the information^[5].

UN Guidelines for Computer-Based Personal Data Files of 14 December 1990, Resolution 45/

Through this regulation, the UN has established the minimum principles that need to be implemented in the national legislation of member states.

Fundamental Principles:

These also include the following:

• Enabling data subjects to access personal data about themselves and learn how it is processed
• Requesting deletion and correction of unnecessary, unlawful and inaccurate data
• Prohibiting the processing of data that would lead to unlawful or arbitrary discrimination, including information about racial or ethnic origin, color, sexual life, political views, religious, philosophical and other beliefs, as well as membership, except for exceptions specified by law
• Processing data for the purpose of protecting national security, public order, public health or public morals, provided that it is clearly specified in a law enacted according to the domestic legal system or equivalent regulation and with appropriate safeguards

Security and Supervision Measures:

The Guidelines also cover the following aspects:

Providing safeguards for the protection of personal data through legal regulations within each country to protect privacy in the transfer of data from one country to another are the guiding principles.^[6]

Supervision and Effectiveness

Independent authorities have been established by member countries to monitor whether UN guidelines are being implemented. The Guidelines are important in terms of establishing an independent, impartial international body in this matter.

However, since the UN Guidelines are not binding but advisory in nature, it is not accepted that the supervisory body has much effect.^[7] The UN organization, which currently has 193 members, is expected to be more effective in data protection.^[8]

The UN Organization established Personal Data Protection and Privacy Principles to be applied to personnel working within its own organization on 11 October 2018. The regulations in question are listed in 10 articles and are similar to the principles we mentioned above^[9].

REFERENCES