Personal data located in the country’s centralized civil registry identified a person by name, household, family and religious belief. By accessing this information, the Nazis were able to easily locate those of Jewish faith, which resulted in the persecution of over 100,000 Jews in the Netherlands alone.
The authoritarian regimes in Europe’s history have made the issues of security and civil liberty of equal importance across the member states of the European Union. The 1970s saw the early adoption of data protection legislation in countries familiar with the state’s abuse of private information, such as Austria and Germany.
While the right to privacy is mentioned in the legislature of today’s European Union, infringements are difficult to determine in a digital world where personal information is limitless and borders non-existent.
Privacy and security, an intricate dance
Parallel to the conversations in North America instigated by National Security Agency whistleblower Edward Snowden, who revealed in 2013 that the U.S. has been spying on its citizens as well as other governments, Europe is debating the need for increased security at the expense of privacy.
Studying the impact of technology on society, the Institute of Technology Assessment in Austria believes privacy or security is an impossible choice. Recently in Vienna, the organization hosted Citizens’ Perspectives on Privacy, Security and Surveillance: Controversies, Alternatives and Solutions, an interdisciplinary conference aimed at exploring the debate over privacy and security in Europe.
Johann Čas, program coordinator and member of the Institute of Technology Assessment, set the context in an interview with Ricochet in Vienna.
“The relation between privacy and security is more complex than what you could put in a single trade-off,” said Mr. Čas. “All the proponents of surveillance use it as an excuse to introduce any kind of surveillance measures. In general, if you are asking for surveillance-oriented security technologies the first perception is that it’s something that is increasing security and infringing on privacy. But if you look at it in more detail, people want to have both.”
From mobile phones to GPS, the digitalization of everyday life has created extensive tools for surveillance. Current rules governing the collection and use of digital data fall outside the pre-existing laws for privacy protection in Europe.
The president of the European Group of Ethics, Julian Kinderlerer, raised the issue of security versus the rights for citizens included in the Treaty of Lisbon, which forms the constitutional basis of the European Union.
“We recognize that governments have a responsibility to look after their citizens,” Mr. Kinderlerer told the conference. “The questions we’re asking is how far does that go, where does it stop and how do we ensure that citizens really have the rights that we think, as part of the Lisbon treaty, should be read.”
Privacy through transparency
Concerns over the securitization of Europe have arisen with the rapid advancement and implementation of surveillance technology.
In March 2011, former President of the European Commission José Manuel Barroso requested that European policy advisors investigate how surveillance technologies were being used in the European Union’s member states. Two years later Snowden leaked classified information about the mass surveillance program operated by the National Security Agency.
“The revelations of Snowden emphasized how important it was for the reorganization and reinterpretation to our approach to security and surveillance,” said Mr. Kinderlerer. “We have experienced a massive change in our ability to handle data, to collect data, to look at individuals and correlate information, which was not there in the past.”
In comparison to the U.S., Europe’s use of surveillance technologies for enhancing security is relatively new. In 2012, the European Commission estimated that Europe’s security industry was worth between €26 billion and €36.5 billion, and announced a plan to further develop the sector.
“I think to some extent, what’s happening here is really different,” said Jaro Krieger-Lamina, member of the Institute of Technology Assessment, in an interview with Ricochet. “In the U.S. there is a different understanding of privacy and data protection law than what we have in Europe. I also think that U.S. citizens have a different feeling when it comes to their personal data. Of course they don’t want this data to be abused, but they wouldn’t have a problem if someone makes money with the data as soon as they get something in return.”
In general, people in Europe “think that private companies are profit oriented and therefore wouldn’t care about their privacy,” said Mr. Krieger-Lamina.
The European Commission also put forward a draft proposal to unify data protection laws across member states. Dissimilar to U.S. policy, the European Data Protection Regulation would create strict legal requirements for the use of personal data by any sector. The idea is that privacy would be improved through transparency.
“You have this right to get information that is stored and processed, but there is a lack of enforcement in Europe. That’s the problem I think,” said Mr. Krieger-Lamina.
An avalanche of technology
Development of Europe’s security industry coincided with the 2007 launch of the 7th Framework Programme for Research and Technological Development (FP7), a coordination of research grants aimed at fostering new security technologies and forming guidelines for surveillance practice in the European Union.
Working in the Norwegian security private sector, Nina Trano is accustomed to surveillance procedures. At the conference, she explained to Ricochet the sensitivities of her job.
“When you have an incident, the immediate reaction is to implement security measures to give an impression of decisiveness, but without doing the proper evaluation of the problem itself,” said Ms. Trano. “You can write as many policies as you want, but if you don’t implement them properly and get understanding from the people that are going to use them, they aren’t worth anything.”
Revelations of domestic eavesdropping have created negative perceptions of surveillance technology throughout the West. Both Canada and the U.S. have seen lawsuits filed against their governments over privacy-infringing measures taken by the countries’ intelligence agencies. In Canada, the British Columbia Civil Liberties Association has filed a lawsuit against the federal government for illegal surveillance of citizens. The lack of transparency associated with national security issues leaves little room for democratic input.
“This is a problem. There is a lot of money invested in developing technologies, but almost no money for seeing what the consequences are for using them,” said Mr. Krieger-Lamina. “Therefore, we may end up in a situation where we have a lot of technological measures in place, and then realize the unintended consequences this has on society.”
Perceptions of privacy
The European Union’s FP7 initiative also invested in projects focused on public perceptions of security-oriented surveillance technologies, including video recording, location tracking and obscure tools used for Internet surveillance.
SurPRISE was one of those projects. It used a multidisciplinary approach to gauge the opinions of between 1,700 and 1,800 European citizens from nine countries. With the involvement of Ms. Trano, Mr. Krieger-Lamina and Mr. Čas, SurPRISE reconsidered the trade-off between privacy and security.
One finding that was obvious is that people find mass surveillance programs to be unacceptable, said Mr. Čas, project coordinator of SurPRISE. “It’s not the thing that citizens want and it’s not in line with [their] fundamental rights. They were surprised that there were so little political reaction to the Snowden revelations, or at least that you couldn’t notice that much of a plan to change publicly. They want the state to be protecting security, but also protecting privacy.”
Her work in security made Ms. Trano a suitable advisor to the project.
“Some of the perspectives of the citizens were surprisingly moderate,” said Ms. Trano. “Being in a position where I have to implement security measures, it’s important to know what the reaction is going to be, so that they can be implemented the right way.”
In the U.K., 76 per cent of SurPRISE participants were concerned with the amount of personal data being collected. While initially only 32 per cent of British participants believed surveillance technologies undermined privacy, after gaining knowledge of the capabilities of security-oriented surveillance technologies, 46 per cent believed so. Similar results occurred in other countries.
“They want to have a clear framework,” said Mr. Čas. “They want to know what is happening, what kind of technologies, for which purposes and who is responsible for this. If you can explain it, if it’s proportional and necessary, it is accepted by the majority of citizens.”
The use of video surveillance, for example, was generally accepted as a contribution to a secure society. However, lack of transparency about the collection of information was a concern. In Spain 78 per cent of participants believed that Smart CCTV — an advanced form of video surveillance — was used without their consent.
“In some cases, participants trust that they don’t need to be involved in any decision-making regarding security,” said Mr. Čas. “But in general, they want to get informed. It’s our task to [inform] policy makers to ensure they are taking this seriously.”
Both privacy and security remain paramount to European society, and opinion results generated from citizens have left many questions unanswered.
“It seems like this kind of research is just starting, and hopefully it will lead to more research that gives us more concrete conclusions,” said Ms. Trano. “I need something to grab onto and bring to my daily work.”
As the European Parliament considers the European Data Protection Regulation, citizen perspectives obtained from projects like SurPRISE may yield a more open discussion on the impact of new technologies on daily routines.
“Looking at the actions of law enforcement agencies or intelligence services you see the problem of processing, handling and misusing personal data is nothing that stops at national borders,” said Mr. Krieger-Lamina. “If you see data protection as a competitive advantage, then it would be interesting to put this forward in Europe, to see how it could spread over the whole globe.”