CONFERENCE ON PUBLIC SECURITY, PRIVACY AND TECHNOLOGY
Concluding remarks by
HE Deputy Minister of the Interior
on behalf of
the Portuguese Presidency
of the Council of the European Union
Ladies and Gentlemen,
llow me to start by thanking the organisers for the kind invitation extended to the Presidency of the Council of the European Union to be here today and for the opportunity to draw a few of the many possible conclusions from the numerous debates that occurred in this Conference, very timely and well organized.
event, that gathered many participants,
was inspired by several European
Commission’s initiatives namely the 2007
communications “on Public-Private Dialogue in Security Research and Innovation” and “on
Promoting Data Protection by Privacy Enhancing Technologies” . These initiatives were
preceded by the 2006 important communications
on “A Strategy for a Secure Information Society” and “on Fighting spam, spyware and malicious software”. I mention these communications because they paved the way to relevant
measures to be implemented by the Commission and the Member
States to tackle security challenges in
relation to information systems and networks in the EU, outlined a
comprehensive and dynamic policy framework founded on a holistic and
multi-stakeholder approach and correctly underlined the need to foster international co-operation to secure networks in
our globalized world. As a reaction to these two
Communications, a Council
Resolution was approved on a
Strategy for a Secure Information Society in
Today’s conference considered how technology can develop the protection of privacy and at the same time allow law enforcement authorities access to personal data. Throughout the sessions, numerous arguments and examples were offered that technology can very effectively enhance both public security and privacy.
But the “magic triangle” formed by mobility/security/privacy –as Peter Altmeier stressed- has many complexities.
The Conference confirmed that the public and private sectors should both launch a dialogue to better understand the security and data protection requirements of our time. In fact, public-private dialogue in the field of security research is of paramount importance to increase the security of infrastructures, fight organised crime and terrorism, help restore security in a crisis and improve surveillance and border control. That is the reason why the European Security Research and Innovation Forum will present a Joint Security Research Agenda towards the end of 2009 which will contain recommendations to public authorities.
Until then we will not cross our arms. The European Union has responded to the need for more security research with two seven-year Framework Programmes in the area of Security. These are the FP7, which includes a security theme, and the EU Framework Programme on ‘Security and Safeguarding Liberties’ both frequently mentioned during the Conference.
We should never forget that this is the era of extraordinary growth of Internet users and of the WEB 2.0. The present and future development of the World Wide Web is occurring in such terms that a vast array of new opportunities for public security are easily available. This should lead to changes in our methods and projects.
Let me offer an example. A few days ago the news came that researchers at the University of Arizona are developing a tool that uses several clues to automate the analysis of online jihadism.The “Dark web Project” aims to scour Web sites, forums and chat rooms to find the Internet’s most prolific and influential jihadists and learn how they reel in supporters.Instead of reinventing the “digital wheel”, why not take advantage of this new possibility of easily sharing tools and work together to create the ones not yet invented?
E should also keep in mind
that, as we build these new capabilities,
the notion of “EU Overall Security” is
beginning to be seriously discussed reminding us of an important fact: many of
the means required to ensure the internal and external security of the
Defense and security will growingly share tools and missions. As the Open Source collection of information in the Internet is clearly showing, the distinction between “external”/”internal” became absurd.In this new context, only the reinvention of data protection tools will preserve values we cherish.
Ladies and Gentlemen,
This Conference confirmed that we need many new tools to protect our citizens against very diverse threats. But let me also conclude that we have to offer good arguments to those who say that data protection is put at risk by such developments.
Our governments, our companies and our citizens collect extensive personal information directly, in ways that became irreplaceable. The disruption of the information systems that serve modern Welfare States or our travel systems would suspend vital programs and panic large portions of the population. On the other hand, even as we speak, search engines register and store the results of millions of queries; powerful computers in all parts of the world store e-mail, voice mail and sms messages; sensors monitor human activities and store the data; digital devices allow us to pay tolls and make our trips traceable; cellular phones and PDA’s register calls and may reveal user location; ATMs make our lives simpler and crystal transparent.
Without those technologies we would feel helpless and unhappy.Yet they produce terabytes of digital records which can now be easily shared through the internet and kept in storage devices.
The Conference confirmed that in this new environment – which is here to stay – the traditional measures to protect privacy will become less and less effective unless appropriate technological measures are used as an essential complement to legal means.
In order to achieve a sufficient level of protection privacy enhancing technologies are – presently and in the foreseeable future- absolutely essential to guarantee civil and political rights in the age of cyberspace.
Paradoxically, those same tools can also be used by terrorists and other criminals. Thus, if data are automatically anonymised, after a certain lapse of time, that procedure may erase evidence of crimes; encryption tools prevent hacking when information is transmitted over the Internet and protect personal data against unlawful processing but may also help conceal criminal plans; cookie-cutters enhance compliance with the principle that data must be processed fairly and that the data subject must be informed about the processing going on, but may also make ineffective police efforts to gather information on illegal activities..
The complex challenge we face is to keep high levels of protection for common citizens and allow the fair use of effective tools against criminals, thus protecting public security.
But can such a mission be achieved?
Yes, concluded the speakers in the first part of the Conference. We had in fact a vast and diversified discussion on the topic “Public security & technology”, especially in the context of prevention, detection and investigation of criminal offences. Excellent contributions to ascertain the state of the play on both sides of the Atlantic were offered by the presentation on “European aspects of public security” and a very comprehensive description of the view of the U.S. Department Of Homeland Security Privacy Office on how to minimize the Impact (of the use of technologies) on Privacy While Achieving the Mission. Technology can (and is) being used to guarantee collection limitation, one-stop means of redress,security safegards,control of routines,privacy impact assessments,privacy implementation of guidelines and periodical discussion of obstacles and experiences.That is the way forward.
The new problems related to data exchange between private sector data controllers and law enforcement authorities where also extensively considered taking in consideration the relevant experience acquired by German authorities.We have to quickly learn those lessons if we are to succeed in enforcing the availability principle and the Prum Treaty rules on police cooperation.In fact, police forces need new skills and new tools, have to establish collaboration procedures, use digital platforms to work together 24/7, pool and share resources (vg.translation services, news aggregators) and use e-learning to exchange experiences and train officers.
“Privacy & technology” was the
second issue to be debated by a panel
consisting of both public and private sectors, with representatives from
technology producers, data controllers and data subjects. Concrete examples were offered of
technology, privacy and security research projects funded by the Preparatory
security research (PASR) and the 7thFramework Programme of Science and Technology
as well as an overview of what has been done under the 6th the Framework Programme.
I was very impressed by the
vivid and accurate description of how our
The research we need is solution oriented and should include purposes such as the protection of senior citizens and child watch,robust protection of e-passports (vg. basic access control/extended access control)and, of course, privacy enhancing technologies…
A thought-provoking presentation equated if Technologies for Privacy are ready to escape from the lab and concluded that time has come for such an escape to take place under certain conditions, namely if we manage to bridge the gap between policy makers and researchers.
It pays highly to do so, as has shown the very interesting assessment made on behalf of the Austrian Data Protection on the use of fractional pins to protect data in e-Government schemes of data exchange.The message is clear: data storage can be clever and proportionate;exchange does not have to lack safegards.
Very appropriately, the Conference paid due attention to the need to enhance consumer trust in e-services in the era when information moves from users computers to huge storage providers and server farms.
The presentations on the ongoing efforts in
The third part of the Conference discussed how to stimulate Public-Private Dialogue on Public security, privacy & technology issues. The panel examined, as planned, the role of technology in the globalized world and evaluated measures to guarantee both public security and privacy.
conclusion is obvious:it is
our duty to maximize fundamental
rights and public security in ourdemocracies. That view , here
expressed by Vice-President Lambrinidis, on behalf of
the EP LIBE Committee, is widely shared. A broad consensus has been
built between EU institutions on this issue, as clearly have shown the
successful negotiations of the regulations on the
That consensus is much needed if we want Europe to speed up the widespread adoption of Radio Frequency Identification (RFID) Devices, sensor networks and content-rich services, such as Voice over Internet Protocol and other services that require both high levels of network and information security and new ways of allowing law enforcement authorities to succeed in their mission.
appropriate concern to offer transatlantic perspectives led the panel to examine the
The panel offered consistent arguments on behalf of that data Protection as a crucial condition for success of Public Security in our democracies. For that purpose we have to reinvent the protection methods and come up with new tools. Excessive safegards do not safeguard at all.
This conclusion is entirely compliant with the new Lisbon Treaty and our democratic legal frameworks. There should be no doubt that the involvement of data protection authorities in ensuring that privacy provisions are enforced by police forces can not be seen as an obstacle for fighting crime. Data protection Authorities are - and will be in the future - a central piece of any effective IT security system.
Last but not least, advances in computer security are awesome and very exciting. They where vividly reviewed in the Conference.
A very accurate assessment was offered on how private sector telecommunications companies are growingly incorporating technologies to secure privacy of users and at the same time making personal information available to public authorities as needed and proportionate for important public interests.
Ladies and Gentlemen,
The task that we face is difficult and debates such as the one that took place here confirm that even if we act quickly and wisely no miraculous results will occur. A colossal amount of work will have to be done. But that will be from tomorrow on. On behalf of the Council , let me thank you once more for this excellent contribution.