W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2015

RE: On the european response to Snowden

From: KWASNY Sophie <Sophie.KWASNY@coe.int>
Date: Tue, 27 Jan 2015 11:19:01 +0000
To: 'Mike O'Neill' <michael.oneill@baycloud.com>, 'Danny Weitzner' <djweitzner@csail.mit.edu>, 'Rigo Wenning' <rigo@w3.org>, "public-privacy@w3.org" <public-privacy@w3.org>
CC: 'David Singer' <singer@apple.com>
Message-ID: <009140F0156579499DBFD29352345F1C7D2F6BAD@V-Linguistix00.key.coe.int>
Dear All, 

Speaking about politicians, let me jump in with recent news from Strasbourg:  

the Rapporteur's report on mass surveillance adopted yesterday in the Legal Committee, which should be final after the  April Plenary session where the Parliamentary Assembly as a whole should adopt it : http://website-pace.net/documents/19838/1085720/20150126-MassSurveillance-EN.pdf/df5aae25-6cfe-450a-92a6-e903af10b7a2


Interesting call for action, in particular the position regarding privacy in Transatlantic Trade Investment Partnership and other international agreements (paragraph 18 of the draft Resolution), the call to promote the wide use of encryption, to further develop user-friendly (automatic) data protection techniques capable of countering mass surveillance and any other threats to internet security.

Regarding Danny's comment on the scope of the draft EU Directive, let me point out that to the contrary national security is not excluded from the ECHR and Convention 108 scope, and while it is a ground for possible limitation of the right to privacy and to data protection, this is very strictly framed as it as to be prescribed by law and be necessary (proportionality test, safeguards etc).

Best regards,

Sophie

Sophie Kwasny 
Data Protection Unit 
Human Rights and Rule of Law 
CONSEIL DE L'EUROPE - COUNCIL OF EUROPE 
www.coe.int/dataprotection
 

-----Original Message-----
From: Mike O'Neill [mailto:michael.oneill@baycloud.com] 
Sent: mardi 27 janvier 2015 11:47
To: 'Danny Weitzner'; 'Rigo Wenning'; public-privacy@w3.org
Cc: 'David Singer'
Subject: RE: On the european response to Snowden

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is also a international dimension, with transatlantic agreements on privacy,  cybersecurity and surveillance being publically discussed, and it is clear these things are interrelated, addressing one will always involve consideration of the others.

There does not have to be a trade-off, no need to forgo privacy for the sake of security. We should be able to build a system with them all.

What is needed is a clearly expressed “statement of requirements” i.e. we want to protect privacy and security within a transparent and democratically  accountable framework which, for example, allows law enforcement to do its job (using warranted surveillance if necessary), but rules out mass surveillance.  Because the net knows no borders there has to be a transnational component.

The W3C could then do its part helping to create the necessary protocols and standards, while the politicians take charge of the oversight process and creating the legal environment.

Mike


From: Danny Weitzner [mailto:djweitzner@csail.mit.edu]
Sent: 27 January 2015 01:15
To: Rigo Wenning; public-privacy@w3.org
Cc: David Singer
Subject: Re: On the european response to Snowden

further decoding: the EU has no authority over national security matters (ie foreign intelligence gathering) in its member states. Directive Rigo mentions will apply to law enforcement -- a good start, but not sufficient.
On Mon Jan 26 2015 at 12:54:41 PM Rigo Wenning <rigo@w3.org> wrote:
On Monday 26 January 2015 9:52:35 David Singer wrote:
> interesting article
>
> <http://www.ecfr.eu/publications/summary/mass_surveillance_privacy_and_secur

> ity_europes_confused_response329>

Decoding:

The privacy regulation is under way and shall be voted in 2015. But it only
touches on data protection and communications of the private sector.

There is a parallel "Directive" on data protection in government. Directive
means that it isn't directly nationally applicable (the regulation above will
be). A Directive needs a national legislative act to be effective. This
Directive touches on the issue of Pervasive Monitoring. There is debate, but
the debate is somewhat silenced by other issues, like Greece, the war in
Ukraine. Also the freedom of speech against islamist threatening is at the
forefront as you can imagine

BTW, while the discussion is somewhat low in France, Italy and Greece, the
debate on Pervasive Monitoring is happening in the Netherlands, Germany and
Belgium. There is certainly a tension between what governments would like to
do and what the population is willing to let them do in terms of surveillance.

- --Rigo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/

Charset: utf-8

iQEcBAEBAgAGBQJUx2yLAAoJEHMxUy4uXm2JkrkH/RPppNjeXQZCNfmuCKfyv+eE
403K0IdpBvvpFPwrvBSrZWzHQyssWVXBh75d2Y9NFKKAbW2/uPUS+jT8TE+st477
Lyhy8jSY5oPLmIwic9YW41K3kM5Tk0Dj2vkZBtxM7JM4wHkFsZi03Fz5AkpNFOsT
mbDVVHkbM3rVbuIr7e4WNucrnLBYIDIrz2SSLb1Zwf84yfcxGqCrHjmcunKzWujl
HUlD8c9903kJupuJplMuWjLGP6T2Dv/5jhAifXevY1RroCT6B/+DGOVnjXsfgAwT
QuN6USGKnSxKuyLqlaIJ1jsPpxdvqHHSgv4P2OCtkB8c23BAYQ0p6qtN5kq+KAw=
=hTP5
-----END PGP SIGNATURE-----
Received on Tuesday, 27 January 2015 11:19:25 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 27 January 2015 11:19:25 UTC