Data Privacy: The Tide Turns in EU

Uploaded on 2015-04-21 in NEWS-News Analysis, GOVERNMENT-National, FREE TO VIEW

Europe is  in the midst of a technological step change; a pivot in the world of data privacy.

Many people fall into the trap of seeing privacy in an overly atomistic, individualistic, selfish way; the preserve of the filthy rich. And it is, if we see it as separable from collective freedom, or as absolute over other rights; of freedom of expression, opinion and association; freedom to protest; freedom to resist. But this is not privacy’s ask.

Privacy is about having decisional power, control, over which acts and events of our lives are disclosed and to whom, free from the prying eyes of states, corporations and neighbours. Privacy affords us the freedom to develop ourselves in the world.
The crux of the issue with digital technology is that our ability to make decisions and to control our personal information.

Mostly without our knowledge, and certainly without informed consent, nation states sweep our data alleging ‘national security’ interests, whether legitimate or not. Corporations sweep our data, because they have powerful economic incentives to do so and, with the capitalist lurch, no reason not to.

So what can be done to reclaim this systematic erosion to reinstate rights over the long echo of our digital whispers and wanderings? In Europe, there are some rumblings of resistance. They are the rumblings of citizens, of regulators, of courts. And they are starting to find their voice.

On 24 March in Luxembourg, the Court of Justice of the European Union heard Austrian Max Schrems’ lawsuit against Facebook over the storage, security and treatment of European users’ data. In particular, it explored cooperation between Facebook and US intelligence agencies in sharing private information through Prism and other clandestine surveillance programs. The Schrems case is politically charged, thrust into the tense commercial and intergovernmental relations between the EU and US over data privacy, and particularly the imperiled ‘safe harbor’ regime, which has governed cross-border data transfers for the past 15 years.

This will have been given fuel by the discovery that Facebook spies on virtually all European web users, even those who have opted out of its services, for up to two years.

If ex-NSA contractor Edward Snowden’s disclosures about the vast extent of digital surveillance issued a gunshot, then the European Parliament absorbed it, and the CJEU is now deflecting it. So much so that it has even reached the UK.
The UK is not particularly known as a stronghold of data protection and privacy. But that may have changed with a significant Court of Appeal case on 27 March of Vidal-Hall, which concerned claims by Apple Safari browser users against Google over secret tracking and collation of their browser-generated information and its sale to advertisers.
Vidal-Hall was a procedural decision, but it cleared the way for claims against international tech companies for the tort of misuse of private information, as well as confirming the availability of damages under the UK Data Protection Act for non-financial losses, such as anxiety and distress.

Finally, and moving away from the courts, on 26 March, the UN Human Rights Council issued a resolution establishing a special rapporteur on privacy, the latest step in the Germany and Brazil-led coalition, initiated after the Snowden revelations, to bring privacy in the digital age to the United Nations.
Where do we go from here?

Almost all of our new and much-vaunted technological advances, the app economy, drones, self-driving cars, the Internet of Things, pose unprecedented and, as presently conceived, unjustified trade offs with our autonomy, privacy and data rights.
There are signals and small flames of hope however, that the balance can be readjusted, that corporate and governmental restraint can be introduced to digital platforms, and that citizens can be put back in the driving seat. 

The challenge articulated 15 years ago by scholar Michael Froomkin stands as true as the day he said it:

“There is no magic bullet, no panacea. If the privacy pessimists are to be proved wrong, the great diversity of new privacy-destroying technologies will have to be met with a legal and social response that is at least as subtle and multifaceted as the technological challenge. Given the rapid pace at which privacy-destroying technologies are being invented and deployed, a legal response must come soon, or it will indeed be too late.”

Guardian
 

 

« Human Rights Activists Want to Ban ‘Killer Robots’
Leading Belgian Newspaper Hit by Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CERT Polska

CERT Polska

CERT Polska is the first Polish computer emergency response team and operates within the structures of NASK (Research and Academic Computer Network) research institute.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Six Degrees Group

Six Degrees Group

Six Degrees is a specialist managed IT services organisation offering a range of solutions including Managed Security Services.

Vigilant Software

Vigilant Software

Vigilant Software develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR.

CertiK

CertiK

CertiK uses rigorous Formal Verification technology to provide hacker-resistant smart contract and blockchain audits, thorough penetration testing, and customized security integrations.

CyberSec Hub

CyberSec Hub

The goal of CyberSec Hub is to create a centre of excellence for cybersecurity in Krakow, a new European “Cyber-Silicon Valley”.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.