Keyword: Surveillance
The new rules for export control of cyber-surveillance items in the EU external link
Schrems II and Surveillance: Third Countries’ National Security Powers in the Purview of EU Law, European Law Blog external link
Abstract
On 16 July 2020 the Court of Justice of the European Union (CJEU) composed as Grand Chamber delivered its landmark ruling Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (case C-311/18, “Schrems II”). The focus of my commentary will be on the aspect that EU law on cross-border transfers of personal data to a third country is not deferential to national security powers of that third country. This judgment is remarkable provided that electronic surveillance conducted by Member States’ intelligence authorities for the purpose of national security is off limits for EU law and that exceptions in international agreement are fairly regularly made for national security. This contribution will deal with the embedded assessment of a third country’s national security powers under the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) and will address the criticism that a third country is held to stricter standards than a Member State of the Union.
adequacy decision, C-311/18, Charter of Fundamental Rights, Facebook, frontpage, GDPR, General Data Protection Regulation, national security, Privacy Shield, Schrems II, Standard Contractual Clauses, Surveillance, united states
RIS
Bibtex
Geen Spelen of verkiezingen zonder digitale oorlogsvoering external link
Het kabinet past bescheidenheid bij uitvoering van de inlichtingenwet external link
Data protection, ECHR, frontpage, overheid, referendum, Surveillance, Wet op de inlichtingen- en veiligheidsdiensten (Wiv), wiretapping
RIS
Bibtex
Geheime surveillance en opsporing: Richtsnoeren voor de inrichting van wetgeving external link
10 Standards for Oversight and Transparency of National Intelligence Services external link
New Data Security Requirements and the Proceduralization of Mass Surveillance Law after the European Data Retention Case external link
Abstract
This paper discusses the regulation of mass metadata surveillance in Europe through the lens of the landmark judgment in which the Court of Justice of the European Union struck down the Data Retention Directive. The controversial directive obliged telecom and Internet access providers in Europe to retain metadata of all their customers for intelligence and law enforcement purposes, for a period of up to two years. In the ruling, the Court declared the directive in violation of the human rights to privacy and data protection. The Court also confirmed that the mere collection of metadata interferes with the human right to privacy. In addition, the Court developed three new criteria for assessing the level of data security required from a human rights perspective: security measures should take into account the risk of unlawful access to data, and the data’s quantity and sensitivity. While organizations that campaigned against the directive have welcomed the ruling, we warn for the risk of proceduralization of mass surveillance law. The Court did not fully condemn mass surveillance that relies on metadata, but left open the possibility of mass surveillance if policymakers lay down sufficient procedural safeguards. Such proceduralization brings systematic risks for human rights. Government agencies, with ample resources, can design complicated systems of procedural oversight for mass surveillance – and claim that mass surveillance is lawful, even if it affects millions of innocent people.
Data protection, data retention, GCHQ, Grondrechten, metadata, NSA, Privacy, security, Snowden, Surveillance, traffic data
RIS
Bibtex
Accountability unchained: Bulk Data Retention, Preemptive Surveillance, and Transatlantic Data Protection external link
Abstract
The innovations on which today’s Internet proliferated have been a major gift from its founders and the US government to the world. Ever since the rise of the Internet it has attracted utopian ideas of a free and borderless cyberspace, a men-made global commons that serves an international community of users. First commercialization and now the prevalence of state surveillance have significantly depreciated the utopist patina. Internet’s borderless nature which was once heralded to rise above the nation state has actually enabled some states to rise above their borders when engaging in mass surveillance that affects users on a global scale. International human rights law and emerging Internet governance principles have not been authoritative enough to protect users’ privacy and the confidentiality of communications.
More or less openly, Western democracies embarked on the path of mass surveillance with the aim to fight crime and defend national security. This chapter’s focus is on the safeguards and accountability of mass surveillance in Europe and the US and how this affects transatlantic relations. It queries whether national systems of checks and balances are still adequate in relation to the growth and the globalization of surveillance capabilities. Lacking safeguards and accountability at the national level can exacerbate in the context of transnational surveillance. It can lead to asymmetries between countries which are precisely at the core of the transatlantic rift over mass surveillance. The chapter concludes with a brief review of proposals how to reduce them.
accountability, Democracy, electronic communications, Grondrechten, Privacy, Surveillance