Data Privacy: The Tide Turns in EU

Europe is  in the midst of a technological step change; a pivot in the world of data privacy.

Many people fall into the trap of seeing privacy in an overly atomistic, individualistic, selfish way; the preserve of the filthy rich. And it is, if we see it as separable from collective freedom, or as absolute over other rights; of freedom of expression, opinion and association; freedom to protest; freedom to resist. But this is not privacy’s ask.

Privacy is about having decisional power, control, over which acts and events of our lives are disclosed and to whom, free from the prying eyes of states, corporations and neighbours. Privacy affords us the freedom to develop ourselves in the world.
The crux of the issue with digital technology is that our ability to make decisions and to control our personal information.

Mostly without our knowledge, and certainly without informed consent, nation states sweep our data alleging ‘national security’ interests, whether legitimate or not. Corporations sweep our data, because they have powerful economic incentives to do so and, with the capitalist lurch, no reason not to.

So what can be done to reclaim this systematic erosion to reinstate rights over the long echo of our digital whispers and wanderings? In Europe, there are some rumblings of resistance. They are the rumblings of citizens, of regulators, of courts. And they are starting to find their voice.

On 24 March in Luxembourg, the Court of Justice of the European Union heard Austrian Max Schrems’ lawsuit against Facebook over the storage, security and treatment of European users’ data. In particular, it explored cooperation between Facebook and US intelligence agencies in sharing private information through Prism and other clandestine surveillance programs. The Schrems case is politically charged, thrust into the tense commercial and intergovernmental relations between the EU and US over data privacy, and particularly the imperiled ‘safe harbor’ regime, which has governed cross-border data transfers for the past 15 years.

This will have been given fuel by the discovery that Facebook spies on virtually all European web users, even those who have opted out of its services, for up to two years.

If ex-NSA contractor Edward Snowden’s disclosures about the vast extent of digital surveillance issued a gunshot, then the European Parliament absorbed it, and the CJEU is now deflecting it. So much so that it has even reached the UK.
The UK is not particularly known as a stronghold of data protection and privacy. But that may have changed with a significant Court of Appeal case on 27 March of Vidal-Hall, which concerned claims by Apple Safari browser users against Google over secret tracking and collation of their browser-generated information and its sale to advertisers.
Vidal-Hall was a procedural decision, but it cleared the way for claims against international tech companies for the tort of misuse of private information, as well as confirming the availability of damages under the UK Data Protection Act for non-financial losses, such as anxiety and distress.

Finally, and moving away from the courts, on 26 March, the UN Human Rights Council issued a resolution establishing a special rapporteur on privacy, the latest step in the Germany and Brazil-led coalition, initiated after the Snowden revelations, to bring privacy in the digital age to the United Nations.
Where do we go from here?

Almost all of our new and much-vaunted technological advances, the app economy, drones, self-driving cars, the Internet of Things, pose unprecedented and, as presently conceived, unjustified trade offs with our autonomy, privacy and data rights.
There are signals and small flames of hope however, that the balance can be readjusted, that corporate and governmental restraint can be introduced to digital platforms, and that citizens can be put back in the driving seat. 

The challenge articulated 15 years ago by scholar Michael Froomkin stands as true as the day he said it:

“There is no magic bullet, no panacea. If the privacy pessimists are to be proved wrong, the great diversity of new privacy-destroying technologies will have to be met with a legal and social response that is at least as subtle and multifaceted as the technological challenge. Given the rapid pace at which privacy-destroying technologies are being invented and deployed, a legal response must come soon, or it will indeed be too late.”

Guardian
 

 

« Human Rights Activists Want to Ban ‘Killer Robots’
Leading Belgian Newspaper Hit by Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

AtkinsRéalis

AtkinsRéalis

AtkinsRealis is a market-leading design, engineering and project management consultancy operating in fields ranging from infrastructure, through energy and transport to cybersecurity.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Cyber Security Agency of Singapore (CSA)

Cyber Security Agency of Singapore (CSA)

The CSA is the national agency overseeing cybersecurity strategy, operation, education, outreach, and ecosystem development.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

WWPass

WWPass

WWPass is a global cybersecurity company that provides password-less authentication and client-side encryption technology.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

Sansec

Sansec

Sansec is the global leader in eCommerce malware and vulnerability detection. We help you to stay ahead of hackers!

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

ThreatFabric

ThreatFabric

ThreatFabric integrates industry-leading threat intel, behavioral analytics, advanced device fingerprinting and over 10.000 adaptive fraud indicators.

DeepTempo

DeepTempo

At DeepTempo, we build AI models and related software that protect enterprises and service providers from sophisticated cyber threats.