Data Privacy: The Tide Turns in EU

Uploaded on 2015-04-21 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Europe is  in the midst of a technological step change; a pivot in the world of data privacy.

Many people fall into the trap of seeing privacy in an overly atomistic, individualistic, selfish way; the preserve of the filthy rich. And it is, if we see it as separable from collective freedom, or as absolute over other rights; of freedom of expression, opinion and association; freedom to protest; freedom to resist. But this is not privacy’s ask.

Privacy is about having decisional power, control, over which acts and events of our lives are disclosed and to whom, free from the prying eyes of states, corporations and neighbours. Privacy affords us the freedom to develop ourselves in the world.
The crux of the issue with digital technology is that our ability to make decisions and to control our personal information.

Mostly without our knowledge, and certainly without informed consent, nation states sweep our data alleging ‘national security’ interests, whether legitimate or not. Corporations sweep our data, because they have powerful economic incentives to do so and, with the capitalist lurch, no reason not to.

So what can be done to reclaim this systematic erosion to reinstate rights over the long echo of our digital whispers and wanderings? In Europe, there are some rumblings of resistance. They are the rumblings of citizens, of regulators, of courts. And they are starting to find their voice.

On 24 March in Luxembourg, the Court of Justice of the European Union heard Austrian Max Schrems’ lawsuit against Facebook over the storage, security and treatment of European users’ data. In particular, it explored cooperation between Facebook and US intelligence agencies in sharing private information through Prism and other clandestine surveillance programs. The Schrems case is politically charged, thrust into the tense commercial and intergovernmental relations between the EU and US over data privacy, and particularly the imperiled ‘safe harbor’ regime, which has governed cross-border data transfers for the past 15 years.

This will have been given fuel by the discovery that Facebook spies on virtually all European web users, even those who have opted out of its services, for up to two years.

If ex-NSA contractor Edward Snowden’s disclosures about the vast extent of digital surveillance issued a gunshot, then the European Parliament absorbed it, and the CJEU is now deflecting it. So much so that it has even reached the UK.
The UK is not particularly known as a stronghold of data protection and privacy. But that may have changed with a significant Court of Appeal case on 27 March of Vidal-Hall, which concerned claims by Apple Safari browser users against Google over secret tracking and collation of their browser-generated information and its sale to advertisers.
Vidal-Hall was a procedural decision, but it cleared the way for claims against international tech companies for the tort of misuse of private information, as well as confirming the availability of damages under the UK Data Protection Act for non-financial losses, such as anxiety and distress.

Finally, and moving away from the courts, on 26 March, the UN Human Rights Council issued a resolution establishing a special rapporteur on privacy, the latest step in the Germany and Brazil-led coalition, initiated after the Snowden revelations, to bring privacy in the digital age to the United Nations.
Where do we go from here?

Almost all of our new and much-vaunted technological advances, the app economy, drones, self-driving cars, the Internet of Things, pose unprecedented and, as presently conceived, unjustified trade offs with our autonomy, privacy and data rights.
There are signals and small flames of hope however, that the balance can be readjusted, that corporate and governmental restraint can be introduced to digital platforms, and that citizens can be put back in the driving seat. 

The challenge articulated 15 years ago by scholar Michael Froomkin stands as true as the day he said it:

“There is no magic bullet, no panacea. If the privacy pessimists are to be proved wrong, the great diversity of new privacy-destroying technologies will have to be met with a legal and social response that is at least as subtle and multifaceted as the technological challenge. Given the rapid pace at which privacy-destroying technologies are being invented and deployed, a legal response must come soon, or it will indeed be too late.”

Guardian
 

 

« Human Rights Activists Want to Ban ‘Killer Robots’
Leading Belgian Newspaper Hit by Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TrustedSec

TrustedSec

TrustedSec is an information security consulting services, providing tailored solutions and services for small, mid, and large businesses.

Maureen Data Systems (MDS)

Maureen Data Systems (MDS)

Our mission at Maureen Data Systems is to digitally transform business environments with the use of cloud infrastructure, security and privacy controls, data analytics, and managed services.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

Security Current

Security Current

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

e2e-assure

e2e-assure

e2e Protective Monitoring and Security Operations Centre (SOC) Service is a complete cyber defence service to protect your critical assets from cyber attacks and GDPR breaches.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

BioConnect

BioConnect

BioConnect provide biometric access control solutions to verify a person’s identity across physical, IOT and digital applications.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

HP Wolf Security

HP Wolf Security

HP Wolf Security protects your organization and devices from cyberattacks no matter where, when or how you work.

Early Game Ventures (EGV)

Early Game Ventures (EGV)

Early Game Ventures invests in startups that jumpstart new industries in the emerging markets of Europe.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.