Europe’s surveillance crisis
Law enforcement and security agencies are bristling at orders to limit their data collection practices.
Law enforcement and privacy make terrible bedfellows, Europe is learning.
After an EU watchdog ordered the bloc’s intelligence agency to delete troves of data, Europol has fired back, arguing that the order — made in the name of privacy rights — will harm investigations.
The EU’s Home Affairs Commissioner Ylva Johansson amplified that note of alarm this week in an interview with POLITICO, warning that scores of criminal probes would be jeopardized if the privacy regulator has its way and law enforcement agencies have to start dumping data they’ve collected.
The EU has long needled the United States over its surveillance practices, with the bloc’s top court famously ruling that Europeans’ data isn’t safe in the United States following the NSA spying scandal revealed by whistleblower Edward Snowden.
Yet Europe’s security apparatus now faces its own reckoning with privacy — as newly empowered regulators start issuing deletion orders to security agencies, and governments bristle at legal demands to stop retaining data in bulk on their citizenry.
The argument may offer some comfort to U.S. security officials who’ve faced years of withering transatlantic criticism about privacy. But Europeans aren’t laughing.
“The potential risk of the decision is huge. If a member state or national police cannot use Europol to help with the analysis of big data ... then they will be blind because a lot of national police forces do not have the capacity to deal with this big data,” she said.
The argument is heating up almost three years after the EU brought its privacy rulebook, the GDPR, online. While most public focus has been on reining in corporate giants like Google and Facebook — to the delight of many EU politicians — security agencies, which aren't covered by the GDPR, are also facing tougher scrutiny via other privacy tools.
Reacting to the order from the European Data Protection Supervisor (EDPS), Europol said it typically needs to hold data longer than six months in order to effectively fight against ills like terrorism and child abuse.
Johansson and others warn that applying the EDPS's order — and scrapping data after six months — would hamper the EU’s ability to take on cases like last year’s dismantling of encrypted services EncroChat and Sky ECC, which led to the arrests of dozens of drug traffickers and suspected criminals. The EDPS is in charge of overseeing privacy compliance in EU institutions.
Indeed, while the 27-member bloc is proud of its world-leading record on privacy, touting its General Data Protection Regulation as the global gold standard, there is a growing push to give law enforcement and security agencies greater access to citizens’ data.
Johansson is spearheading talks to revive an EU-wide data retention scheme, where national agencies are given bulk access to personal data held by private companies, even though the bloc’s top court has time and again found that such schemes violate privacy rights.
There’s also broad support among EU countries for a framework to facilitate access to encrypted messages, with the European Commission committed to set out “a way forward” on the topic later this year.
Europol, despite having its wrist slapped over its data handling, faces having its powers to process large data sets and exchange information with private companies bolstered under a reform of its mandate.
As Chloé Berthélémy of the European Digital Rights NGO puts it: "The EDPS has taken a critical step today to finally end Europol's unlawful processing of data … Unfortunately, the reform of Europol to be adopted soon … will reverse all these efforts as it is set to legalize the very same practices that undermine data protection and fair trial rights."
After an EU watchdog ordered the bloc’s intelligence agency to delete troves of data, Europol has fired back, arguing that the order — made in the name of privacy rights — will harm investigations.
The EU’s Home Affairs Commissioner Ylva Johansson amplified that note of alarm this week in an interview with POLITICO, warning that scores of criminal probes would be jeopardized if the privacy regulator has its way and law enforcement agencies have to start dumping data they’ve collected.
The EU has long needled the United States over its surveillance practices, with the bloc’s top court famously ruling that Europeans’ data isn’t safe in the United States following the NSA spying scandal revealed by whistleblower Edward Snowden.
Yet Europe’s security apparatus now faces its own reckoning with privacy — as newly empowered regulators start issuing deletion orders to security agencies, and governments bristle at legal demands to stop retaining data in bulk on their citizenry.
The argument may offer some comfort to U.S. security officials who’ve faced years of withering transatlantic criticism about privacy. But Europeans aren’t laughing.
“The potential risk of the decision is huge. If a member state or national police cannot use Europol to help with the analysis of big data ... then they will be blind because a lot of national police forces do not have the capacity to deal with this big data,” she said.
The argument is heating up almost three years after the EU brought its privacy rulebook, the GDPR, online. While most public focus has been on reining in corporate giants like Google and Facebook — to the delight of many EU politicians — security agencies, which aren't covered by the GDPR, are also facing tougher scrutiny via other privacy tools.
Reacting to the order from the European Data Protection Supervisor (EDPS), Europol said it typically needs to hold data longer than six months in order to effectively fight against ills like terrorism and child abuse.
Johansson and others warn that applying the EDPS's order — and scrapping data after six months — would hamper the EU’s ability to take on cases like last year’s dismantling of encrypted services EncroChat and Sky ECC, which led to the arrests of dozens of drug traffickers and suspected criminals. The EDPS is in charge of overseeing privacy compliance in EU institutions.
Indeed, while the 27-member bloc is proud of its world-leading record on privacy, touting its General Data Protection Regulation as the global gold standard, there is a growing push to give law enforcement and security agencies greater access to citizens’ data.
Johansson is spearheading talks to revive an EU-wide data retention scheme, where national agencies are given bulk access to personal data held by private companies, even though the bloc’s top court has time and again found that such schemes violate privacy rights.
There’s also broad support among EU countries for a framework to facilitate access to encrypted messages, with the European Commission committed to set out “a way forward” on the topic later this year.
Europol, despite having its wrist slapped over its data handling, faces having its powers to process large data sets and exchange information with private companies bolstered under a reform of its mandate.
As Chloé Berthélémy of the European Digital Rights NGO puts it: "The EDPS has taken a critical step today to finally end Europol's unlawful processing of data … Unfortunately, the reform of Europol to be adopted soon … will reverse all these efforts as it is set to legalize the very same practices that undermine data protection and fair trial rights."
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.