CONFERENCE ON PUBLIC SECURITY, PRIVACY AND TECHNOLOGY
Concluding
remarks by
HE Deputy
Minister of the Interior
José
Magalhães
on
behalf of
the
Portuguese Presidency
of
the Council of the European Union
Vice-President Frattini,
Excellencies,
Ladies and Gentlemen,
|
A |
llow me to start by thanking the organisers for
the kind invitation extended to the Presidency of the Council of the European
Union to be here today and for the opportunity to draw a
few of the many possible conclusions from the numerous debates that occurred in
this Conference, very timely and well organized.
This
event, that gathered many participants,
was inspired by several European
Commission’s initiatives namely the 2007
communications “on Public-Private Dialogue in Security Research and Innovation” and “on
Promoting Data Protection by Privacy Enhancing Technologies” . These initiatives were
preceded by the 2006 important communications
on “A Strategy for a Secure Information Society” and “on Fighting spam, spyware and malicious software”. I mention these communications because they paved the way to relevant
measures to be implemented by the Commission and the Member
States to tackle security challenges in
relation to information systems and networks in the EU, outlined a
comprehensive and dynamic policy framework founded on a holistic and
multi-stakeholder approach and correctly underlined the need to foster international co-operation to secure networks in
our globalized world. As a reaction to these two
Communications, a Council
Resolution was approved on a
Strategy for a Secure Information Society in
Today’s conference considered how
technology can develop the protection of privacy and at the same time allow law
enforcement authorities access to personal data. Throughout the sessions,
numerous arguments and examples were offered that technology can very effectively enhance both public security and privacy.
But the “magic triangle” formed
by mobility/security/privacy –as Peter Altmeier stressed-
has many complexities.
The Conference confirmed that the
public and private sectors should both launch a dialogue to better understand
the security and data protection requirements of our time. In fact, public-private dialogue
in the field of security research is of paramount importance to increase the
security of infrastructures, fight organised crime
and terrorism, help restore security in a crisis and improve surveillance and
border control. That is the reason why the European Security Research and
Innovation Forum will present a Joint Security Research Agenda towards the end
of 2009 which will
contain recommendations to public
authorities.
Until
then we will not cross our arms. The European Union has responded to the need
for more security research with two seven-year Framework Programmes
in the area of Security. These are the FP7, which includes a security theme,
and the EU Framework Programme on ‘Security and
Safeguarding Liberties’ both frequently mentioned during the Conference.
We should never forget that this is the era of
extraordinary growth of Internet users and of the WEB 2.0. The present and
future development of the World Wide Web is occurring in such terms that a vast array of new opportunities for public security are
easily available. This should lead to changes in our methods and projects.
Let me offer
an example. A few days ago the news came that researchers at the University of
Arizona are developing a tool that uses several clues to automate the analysis
of online jihadism.The “Dark web Project” aims to
scour Web sites, forums and chat rooms to find the Internet’s most prolific and
influential jihadists and learn how they reel in supporters.Instead of reinventing the “digital wheel”, why
not take advantage of this new possibility of easily sharing tools and work
together to create the ones not yet invented?
|
W |
E should also keep in mind
that, as we build these new capabilities,
the notion of “EU Overall Security” is
beginning to be seriously discussed reminding us of an important fact: many of
the means required to ensure the internal and external security of the
Defense and security will growingly share tools and missions.
As the Open Source collection of information in the Internet is clearly
showing, the distinction between “external”/”internal” became absurd.In this new context, only the reinvention of data
protection tools will preserve values we cherish.
Ladies
and Gentlemen,
This
Conference confirmed that we need many new tools to protect our citizens
against very diverse threats. But let me also conclude that we have to offer
good arguments to those who say that data protection is put at risk by such developments.
Our governments, our
companies and our citizens collect extensive
personal information directly, in ways that became irreplaceable. The
disruption of the information systems that serve modern
Welfare States or our travel
systems would suspend vital programs and panic large portions of the
population. On the other hand, even as we
speak, search engines register and store the results of millions
of queries; powerful computers in all
parts of the world store e-mail, voice mail and sms
messages; sensors monitor human activities and store the data; digital devices
allow us to pay tolls and make our trips traceable; cellular phones and PDA’s register
calls and may reveal user location; ATMs make our lives simpler and crystal
transparent.
Without those technologies we would feel helpless
and unhappy.Yet they produce terabytes of digital
records which can now be easily shared through
the internet and
kept in storage devices.
The Conference confirmed that in
this new environment – which
is here to stay – the traditional measures to protect privacy will become less and less effective unless appropriate technological measures are used as
an essential complement to legal means.
In
order to
achieve a sufficient level of protection
privacy enhancing technologies are
– presently and in the foreseeable
future- absolutely essential to
guarantee civil and political rights in the
age of cyberspace.
Paradoxically,
those same tools
can also be used by terrorists and other criminals. Thus, if data are automatically anonymised,
after a certain lapse of time, that procedure may erase evidence of crimes;
encryption tools prevent hacking when
information is transmitted over the Internet
and protect personal data against
unlawful processing but may also help conceal criminal plans; cookie-cutters enhance compliance with the principle that
data must be processed fairly and that
the data subject must be informed about the processing going on, but may also make ineffective police efforts
to gather information on illegal activities..
The complex challenge
we face is to keep high levels of protection for common citizens and allow
the fair use of
effective tools against criminals,
thus protecting public security.
But can such a mission be
achieved?
Yes,
concluded the speakers in the first part of the Conference. We had in fact a vast
and diversified discussion
on the topic “Public
security & technology”, especially in the context of prevention,
detection and investigation of criminal offences. Excellent contributions to ascertain the
state of the play on both sides of the Atlantic were offered by the presentation on “European aspects of public
security” and a very comprehensive description of the view of
the U.S. Department Of Homeland Security Privacy Office on how to minimize the
Impact (of the use of technologies) on Privacy While Achieving the Mission. Technology
can (and is) being used to guarantee collection limitation, one-stop means of redress,security safegards,control
of routines,privacy impact assessments,privacy
implementation of guidelines and periodical discussion of obstacles and experiences.That is the way forward.
The new problems related to
data exchange between private
sector data controllers and law enforcement authorities where also
extensively considered taking in
consideration the relevant experience acquired by German authorities.We have to quickly learn those lessons if we
are to succeed in enforcing the availability principle and the Prum Treaty rules on police cooperation.In
fact, police forces need new skills and new tools, have to establish
collaboration procedures, use digital platforms to work together 24/7, pool and
share resources (vg.translation services, news
aggregators) and use e-learning to exchange experiences and train officers.
“Privacy & technology” was the
second issue to be debated by a panel
consisting of both public and private sectors, with representatives from
technology producers, data controllers and data subjects. Concrete examples were offered of
technology, privacy and security research projects funded by the Preparatory
action on
security research (PASR) and the 7thFramework Programme of Science and
Technology
as well as an
overview of what has been done under the 6th the Framework
Programme.
I was very impressed by the
vivid and accurate description of how our
The research we need is
solution oriented and should include purposes such as the protection of senior
citizens and child watch,robust protection of e-passports (vg. basic access
control/extended access control)and, of course, privacy enhancing technologies…
A thought-provoking
presentation equated if Technologies for Privacy are ready to escape from the lab and concluded
that time has come for such an escape to take place under certain conditions,
namely if we manage to bridge the gap between policy makers and researchers.
It pays highly to do so, as has
shown the very interesting assessment made on behalf of the Austrian Data Protection on
the use of fractional pins to protect data in e-Government schemes of data exchange.The
message is clear: data storage can be clever and proportionate;exchange
does not have to lack safegards.
Very
appropriately, the Conference
paid due attention to the need to enhance consumer
trust in e-services in the era when information moves from users computers to
huge storage providers and server farms.
The presentations on the ongoing efforts in
The third part of the Conference discussed how to stimulate Public-Private Dialogue on Public security, privacy & technology
issues. The panel
examined, as planned, the
role of technology in the globalized world and
evaluated measures to guarantee both public security and privacy.
The
conclusion is obvious:it is
our duty to maximize fundamental
rights and public security in ourdemocracies. That view , here
expressed by Vice-President Lambrinidis, on behalf of
the EP LIBE Committee, is widely shared. A broad consensus has been
built between EU institutions on this issue, as clearly have shown the
successful negotiations of the regulations on the
That consensus
is much needed if we want Europe to
speed up the widespread adoption of Radio Frequency Identification (RFID)
Devices, sensor networks and
content-rich services, such as Voice
over Internet Protocol and other
services that require both high
levels of network and information security and new
ways of allowing law enforcement authorities to succeed in their mission.
The
appropriate concern to offer transatlantic perspectives led the panel to examine the
The panel offered consistent
arguments on behalf of that data Protection as a crucial condition for success of Public Security in
our democracies. For that purpose
we have to reinvent
the protection methods and come up with new tools. Excessive safegards
do not safeguard at all.
This conclusion is entirely
compliant with the new Lisbon Treaty and our democratic legal frameworks. There should be no doubt that
the involvement of data protection
authorities in ensuring that privacy provisions are enforced by police
forces can not be seen as an obstacle
for fighting crime. Data protection Authorities
are - and will be in the future - a
central piece of any effective IT security system.
Last but not least,
advances in computer security are awesome
and very exciting. They where vividly reviewed in the Conference.
A very accurate assessment was offered
on how private sector telecommunications companies are growingly
incorporating technologies to secure privacy of users and at the
same time making personal information available to
public authorities as needed and proportionate for important public interests.
Ladies and Gentlemen,
The
task that we face is difficult and
debates such as the one that took place here confirm that even if we act
quickly and wisely no miraculous results will occur. A colossal amount of work
will have to be done. But that will be from tomorrow on. On behalf of the Council , let me thank you once more for this excellent contribution.