"What we have currently is a typical reaction where something happens, people react and then people sometimes use it also for their own purpose," Helmbrecht told EurActiv.com. There have been calls — in the wake of the Paris and Brussels attacks — for intelligence and law enfoprcement agencies to be given access to security loopholes in an effort to prevent terrorist attacks — or, at least, assist the investigation after such attacks.
"My feeling is that in a lot of cases you cannot prove that these new security measures really prevented new terrorist or criminal events," Helmbrecht said.
In the Apple case, the US FBI, demanded access to iPhone data following the terrorist attack in San Bernardino, California, on December 2, 2015, in which 14 people were killed and 22 were seriously injured. In its investigation into the attack, the FBI requested data from Apple on one of the iPhones that belonged to one of the attackers. The FBI suspended the court hearing over the issue when the agency claimed it has managed to unlock the iPhone and gain access it the data.
However, following the Paris and Brussels attacks, several EU countries have called for more surveillance powers. The proposed UK Investigatory Powers law — known as the Snoopers' Charter — currently under review by the UK Parliament could allow for police and intelligence services to demand so-called "backdoor" access to customer data by communications services providers (CSPs).
The legislation is expected to allow police and the intelligence agencies to demand that CSPs retain data on users' email, browser use, social media and other forms of communication using a "bulk" warrant. This would allow for a warrant to be issued by a Secretary of State to demand that CSPs collect and retain data for up to a year.
Documents associated with the draft legislation state that "CSPs may be required under section 217 of the Act to provide a technical capability to give effect to interception, equipment interference, bulk acquisition warrants or communications data acquisition authorizations. The purpose of maintaining a technical capability is to ensure that, when a warrant is served, companies can give effect to it securely and quickly." The documents also state that the CSPs are under a duty not to disclose to customers that their data is being retained.
In France, the government passed a controversial act of law giving the intelligence services wide powers of surveillance of communications data.
"Under this new law, almost all Internet communications will be considered fair game by the French authorities, without any form of meaningful checks and balance. Allowing for such extensive, intrusive and indiscriminate mass surveillance is a flagrant violation of people's right to privacy and freedom of speech," said Sherif Elsayed-Ali, Deputy Director of Global Issues at Amnesty International.