04:42 GMT +324 May 2019
Listen Live
    Facebook eye

    Security Vs Privacy: EU to Let Cops Hop Across Borders for Data

    CC0
    Europe
    Get short URL
    0 42

    The EU is planning to work out a mechanism which will allow law enforcement bodies to receive evidence directly from tech companies, such as Facebook or Google, even when stored in another European country. This has sounded alarm bells, as many see it as a threat to privacy. Sputnik discussed the issue with Nigel Hawthorne from Skyhigh Networks.

    The initiative came in the wake of terrorist attacks in the recent years. The European Commission is going to present three corresponding options to EU justice ministers meeting in Brussels on Thursday, who will then form the basis of a future legislative proposal, including the possibility for police and intelligence services to copy data directly from the cloud, stored in other EU member states.

    The proposal is to be ready by the end of the year or early 2018,  EU Justice Commissioner Vera Jourova told Reuters.

    Currently, obtaining information that is stored in a different member state is a long and arduous process requiring involvement from law enforcement, corporate legal representatives and permissions from the various governments of involved countries.

    The three options therefore are: one is that police would be able to access data stored in the cloud in other EU member states.

    It is also considered that companies like Facebook or Google would be obliged to hand over data if requested by law enforcement authorities in other member countries.

    The third option aims to protect the privacy of people during the investigation: authorities wouldn’t know the location of the server hosting the data. The types of data that could be requested by law enforcement authorities will also be discussed at the meeting.

    Sputnik Radio discussed the issue with Nigel Hawthorne, European privacy spokesperson from cybersecurity start-up Skyhigh Networks.

    "The important thing is that terrorists and criminals don't recognize country borders, so I understand fully why law enforcers want to be able to have a similar capability to jump across borders to collect information to investigate crimes. Whenever there is a terrorist incident, they have to respond fast to find and arrest whoever they can, all members of the gang. It all makes sense," he told Sputnik.

    Commenting on the second option, which would oblige tech companies to hand over data if requested by law enforcers, Nigel Hawthorne noted that technology companies should understand that they are part of a society, which has rules and it wants to make sure that law enforcers are able to do their job.

    The third option is clearly a cause of many concerns.

    In terms of privacy of correspondence and non-interference in private life, the law has to be a very proportionate, clearly focused on a direct investigation and not allow a broad sweeping collection of information, the expert elaborated.

    "We should feel comfortable that privacy of individuals should not be a problem as long as it is well-thought out, well-written law and proportionate," Nigel Hawthorne said.

    So far the option is a bit too broad, he said, it should not be included. There have been cases in the past where if you give law enforcers too much access, unfortunately they can gather up more data than they really need. Then it may not be kept safely.

    "We don't want law enforcers go and fish for all the data that they might find thinking they might need sometime in the future for looking at other cases of criminality. It is a step too far," he told Sputnik.

    Nigel Hawthorne also commented  on a possibility of adopting such measures at the international level, outside the EU.

    "Expanding it outside the EU and the European economic area could be problematic unless everyone is sure that the expectation of privacy and reasonable use of that data is the same in each of the countries," he said.

    The expert reminded that there are currently law suits going around in various countries where law enforcers in one country are asking for data held in another country, such as the famous Microsoft Ireland case.

    Microsoft Corp fought and won a high-profile battle in the US against the Department of Justice's request that it turn over emails stored on a server in Ireland.

    The Commission weighed in for Microsoft in that case, saying data held by companies in the EU should not be directly accessed by foreign authorities outside formal channels of cooperation.

    "I don't think this can be expanded outside the EU unless the privacy laws in other countries and other safeguards are similar in each country. That might not be impossible to achieve. We do have to take careful steps to make sure that we are not trampling on the rights of individuals while also giving law enforcers the access to the data they need," Nigel Hawthorne concluded.

    Tags:
    data, information, tech companies, privacy, European Union, Nigel Hawthorne, Europe
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik