The Human Rights Act

Readers in the UK will be aware of the Human Rights Act which recently came in to force. This act incorporates the European Convention on Human Rights. Quite rightly it has made our responsibilities to others high profile. So what does this mean to ICT professionals?

The Act lays out several rights, many of which have a bearing on what activities ICT professionals undertake and how they perform those activities. The most relevant rights appear to be:

According to Ros Taylor writing in the Guardian on 29 March 2000, the Act makes public services, including the police, schools, local government and hospitals, potentially liable for breaches of the Act. He reports that many organisations that consider themselves outside the public sector could also be liable. These include private schools, hospitals, prisons and nursing homes, because they carry out public sector duties. Clearly there are many ICT professionals working for such organisations and they must review how they treat the public and make sure they operate in a fair, reasonable and legal way. ICT professionals provide the systems that process the data that produces the information on which decisions are based. In practice it is the ICT professional who is best placed to ensure such systems do not contravene the Act. There can however be pressures to act in a different way.

At the time of writing this column another piece of legislation came into force, the Regulation of Investigatory Powers (RIP) Act. According to Will Knight and Wendy McAuliffe of ZDNet (UK), "The RIP Act gives law enforcers power to intercept communications via devices to be installed at ISPs and to imprison those who fail to hand over the keys to encrypted messages." They explain that it also allows "employers to spy on the Internet activities of staff without their consent". ICT professionals will have a fundamental role to play in implementing computer systems which provide the means under the powers of the RIP Act to investigate the activities of individuals and groups.

Whilst there may be justifiable reasons to monitor activity there are most certainly many reasons that cannot be justified. Indeed David Kilduff, Partner and Head of Public Sector and Private Finance of Walker Morris explains that the Human Rights Act is likely to have important repercussions on the way organisations operate. He points out that, "Surveillance and security systems (including computer sweeping) and data capture or management policies and processes will need to be reviewed to ensure that the right of privacy is not compromised." If you are in the position of developing a monitoring system then consider the list of rights outlined previously and ask yourself whether any of these rights appear to be contravened. If the answer is yes then clearly there needs to be a thorough review of the reasons behind the need to monitor.

There are many who believe that the RIP Act contradicts the objectives of the Human Rights Act. If so then the ICT professional is left in a precarious position as legal compliance with both acts may not be feasible. This is an occasion when the professional must decide which is the course of action to take that promotes social responsibility.

As for the legal position, Knight and McAuliffe point out that, "Thanks to the Human Rights Act it will be possible for the RIP to be challenged in a UK court by someone who feels that their right to privacy has been denied. It will then be up to a judge to decide whether there is conflict."

The UK Government has established the Human Rights Unit at the Home Office. The slogan of the Home Office is "building a safe, just and tolerant society". This seems like a good stance for ICT professionals to take in this uncertain climate. What do you think?

Please send your views on ethical and social responsibility issues and cases of ethical dilemmas to: