Privacy Laws by Countries

Most countries have started swapping privacy for security, with Bahrain and Iran being amongst the worst transgressors while Spain and Germany top the list of countries maintaining privacy.

An introduction

Nowadays, the world is gripped in fear. Security measures all over the world have increased significantly in order to ensure that the countries are well prepared in case of a terrorist attack. However, this security has come at a cost. The rights of citizens to their privacy have been corrupted and neglected to an almost unforeseen extent.

With the advent of technology, people have been coming up with a variety of ways to protect information that they consider personal. On the other hand, the governments of various countries are using the same technology in order to break the encryptions and be able to spy on the citizens, in the name of national safety of course.

With that in mind, here is a list of countries that have completely perverted the rights of their citizens to their personal freedom and privacy:

The United States of America

It may not be surprising to find out that there is no law relating to privacy in the Bill of Rights. The belief in a right to privacy first came about in the U.S in 1890 in a paper published in the Harvard Law Review. However, even the paper failed to achieve any sort of success and eventually, was forgotten.

There have been various complaints regarding the U.S. government’s attempts to spy on its citizens throughout the ages. However, there was never really any concrete proof established in this regard and the government denied any allegations brought against them.

However, the Patriot Act, which gave the United States unlimited power in its attempt to tackle terrorism after 9/11, bore the first cracks of a façade that had aimed to prove that the government did respect the privacy of its citizens. It was vocally condemned by the Electronic Privacy Information Centre, which stated that it considered the law to be unconstitutional, due to the fact that it could lead to the communications of innocent citizens being compromised and tapped.

This could be seen when, in the aftermath of the Madrid train bombings in 2004, FBI agents, under the protection of the Patriot Act, search the home of Brandon Mayfield, who was wrongly held for two weeks on suspicion of being behind the terrorist act. After he was released, Mayfield pursued action against the US government in the courts, where the judge decreed that the actions of the FBI were unlawful.

However, this was not the only time that the U.S. government was accused of violating the Constitution. In what has since became the biggest leak in U.S. history, Edward Snowden, an ex-employee of the National Security Agency, revealed in 2013 the extent to which the NSA had established a global surveillance. The documents leaked by Snowden showed that the NSA had actually intercepted communication and internet use of over a billion people worldwide. This means that statistically, 1 in every 7 people worldwide had been under the surveillance net placed by the NSA. The documents further revealed that of the more than 17,000 phone lines tapped by the NSA, only 11% met the legal criteria required for the NSA to be able to tap the lines.

As can be seen, the United States has been proven time and again to be a poor defender of the citizens’ right to their privacy.


A constant presence on the worst countries according to privacy, Bahrain has truly earned its place in this list.

Bahrain has a long history of attempting to suppress dissidents by force and using spying as a means to neutralize any opponents. Hence, it has also decided to ban certain websites or place filters on specific websites in order to ensure that no controversial or banned discussions take place on the Internet. To this effect, the government of Bahrain has blocked many human rights, news, religious and humor websites. However, the people of Bahrain often use proxies to bypass the restrictions and access the internet.

The Ministry of Information in Bahrain has a special office dedicated to monitoring the web. It keeps an eye on the websites in order to be ready to block any website it deems to be detrimental to the government. It is also updating its techniques used to ban the websites in order to make it more difficult for the citizens to circumvent the measures introduced and access the banned material.

Bahrain also has a history of arresting bloggers which it deems to be anti-government, citing propaganda and spreading false news. In 2011, a blogger died after being subjected to torture in prison. He was among dozens of bloggers who have been arrested by the government.

However, in what was the most blatant breach of privacy, Bahrain used a surveillance company based in the United Kingdom, called Gamma International, to spy on activists in Bahrain. The leaked documents, which showed the correspondence between the surveillance company and the government of Bahrain, showed that the company spied on the computers of 77 activists.


For a country currently engaged in political turmoil, the government has not earned any favors from its blatant spying on its citizens. With over 5 million people in Syria using the internet, a sizeable population has had their privacy violated time and again. In fact, Syria has actually arrested a total of 18 internet users, as well as 22 journalists in its crackdown on dissidents.

The network is controlled by a couple of entities which includes the Syrian Computer Society, an entity which was formed by current Syrian dictator, and the man in the middle of the country’s civil war, Bashar Al Assad.

While the Syrian Computer Society is in control of the 3G infrastructure present in the country, most of the fixed connections in the country are controlled by the Syrian Telecommunications Establishment.

The Syrian Telecommunications Establishment is in charge of blocking a URL or a website which the government deems to be offensive or illegal. The STE orders the internet service providers in the country to block the relevant content.

Furthermore, the STE even made a bid in 1999 to provide a centralized national Internet system within Syria. The requirements mentioned recording any offline as well as online activities of the users, making copies of emails exchanges within the country and the capability of blocking and intercepting any data, whether encrypted or not.


Iran already has a much maligned reputation in international circles with reference to its spying on its citizens. However, this may be set to increase even further as Iran is looking to create a home-based internet system, citing the recent cyber-attacks on its nuclear facilities as the reason for this step. This will result in various applications such as email, social networks and search engines to be under the control government of the Iranian government, giving them unrestricted access to user data.

This will allow Iran to not just eliminate any dissent against the government but will also provide the government with an opportunity to carry out large-scale surveillance. Iran has already jailed 20 internet users, while at least one has also been killed within the last couple of years.

While Iran has continuously and strenuously denied its involvement in any such activities, Google begs to differ. The search engine giant revealed that the Iranian government had been involved in a large scale operation that allowed the government to spy on its citizens. Thousands of citizens were unaware that the government was keeping an eye on all their activities. The spying was facilitated largely by a phishing program which targeted the Gmail accounts of the citizens.


Unlike Iran, China has already accomplished a government run internet system in the country. Considering that it is the world’s largest and most populous country, with over a billion people, this is no mean feat. If the citizens in China want internet access, they have to rent broadband access from the Chinese Communist Party.

However, the restrictions placed on internet access are so vast, they have collectively come to be known as the Great Firewall of China. Not only is access to vastly popular foreign websites such as Google, YouTube and Facebook banned in the country, it also often blocks URLs and websites which it deems offensive.

The fear of the government cracking down on dissidents isn’t just a conspiracy theory in China. Cyber dissident Hu Jia and his wife have had policemen present at the steps of their apartment building for several months.

Hence, it is not surprising to find out that China has jailed the most people involved in information and news than any other country in the world.

Of course, this is not to say that no country or no government respects the privacy of its own citizens. There are several countries which have laid great emphasis on the rights and privacy of their citizens, passing laws to ensure that there is no way that these rights will be infringed in any way whatsoever. Nowhere is this more obvious than in the continent of Europe, which is host to nearly all the top countries regarding the privacy of their citizens.

This is mainly due to the power of the European Union, which has expressed deep concern regarding the violation of the privacy of the citizens in countries around the world. It has considered strict rules regarding privacy, bordering on the controversial, including the right to be forgotten. If this rule gets approved, then a person’s record of activities on the internet cold be wiped completely clean, with their data no longer being allowed to be stored or processed by any person or company. This is being fiercely combated by major companies such as IBM Corp which makes huge profits from storing and analyzing user data, which can then be used to predict future trends.

With this in mind, here are some of the countries which regard the privacy of their citizens as a basic, irrevocable right:


Spain is one of the top countries when it comes to respecting the privacy and data of its citizens. Personal data protection is considered to be extremely important in the country and the same is reflected in its law. This is further reflected in the Constitution of Spain, which states that the law aims to limit the use of information technology in order to be able to protect the personal intimacy and honor of its citizens.

In Spain, a business is required by law to inform an individual before carrying out any of the aforementioned actions:

  1. Existence or creation of a file used for collecting the individual’s data, the reasons behind the storage of the data, and the people who can receive this information.
  2. Whether the information being collected is optional or mandatory.
  3. Whether any consequences exist for providing or not providing the required data.
  4. Who has the rights to rectify, access, delete or even oppose the data which has been stored.
  5. The identity of the person storing the data or his representative.

In addition, if the information is collected indirectly, the company or individual has to inform the person whose data is being stored within 3 months of the data being stored. If the data is gathered from freely available sources, the company still has to inform the person of the 5 points mentioned above once they contact the person.

Even websites are required to mention these 5 points at the bottom of their form if the form is collecting any personal information.


Along with Spain, Germany is considered to have one of the toughest stances regarding the privacy of their citizens and the protection of this privacy. The Germans are especially defensive regarding employee data. Data regulators in the country hand out stiff fines to offenders in this regard; the fines can often be up to 250,000 euros.

Germany’s Federal Data Protection Act is aimed at protecting the data of its citizens. Some of the principles of this Act state:

  • Unless the consumer expressly gives his permission, organization cannot collect any of his data, from his name to his IP address.
  • Even if the person gives his permission, he must also specify where, for how long and how the data is to be used.
  • Furthermore, the person can revoke the permission at any time he deems appropriate.

Further components of Germany’s criminal code also protect the data of the citizens in the country. This is especially relevant in the insurance, healthcare and telecommunications sector. In addition, all 16 German states have specific laws with regards to data protection.

The German Federal Ministry of the Interior also often puts out guidelines which require all cloud providers which are signing contracts with German Federal Government agencies to establish ‘no spy’ guarantees which ensure that no matter where the data is stored, the could service providers cannot share it with any unauthorized third party at all.

South Korea

In 2011, South Korea passed the Personal Information Protection Act, which is the strictest and most stringent data protection Act in Asia.

However, this is not to say that South Korea did not have tough laws regarding data protection before 2011. The IT Network Act (officially called the Act on Promotion of Information and Communication Network Utilization and Information Protection) regulated the collection, storage and use of the data of consumers by the IT service providers.

Any public institution which operates a Personal Data File (a file used for the collection of personal data) has to register the following details to the Minister of Public Administration and Security:

  • Name, basis and the reason of the operation of the Personal Data File.
  • Any items which have been or which will be recorded on the Personal Data File.
  • The method by which data will be gathered in the Personal Data File.
  • The period in which the file will retain the data.
  • Any person who has access to the Personal Data File.

There are further restrictions placed on operators of Personal Data Files as well, including further details which have to be registered to the Minister of Public Administration and Security.


While the world may collectively believe that a common person can no longer believe in privacy, this article shows that the situation may not be as dire as it seems. While some governments and corporations have decided that privacy is a thing of the past, as always there are two sides to the story and there are countries fighting and spending their resources on ensuring that their citizens can rest peacefully knowing that their data is secure.

No comments yet.

Leave a Reply