Freedom AND Security – data protection conference at Europol

Freedom AND Security – Killing the zero sum process was the title of this year’s data protection conference organised by the Europol Data Protection Experts Network (EDEN) and the Academy of European Law (ERA). Held at Europol headquarters on 22 and 23 November, the conference took a closer look at topics linking the work of law enforcement and security authorities, and the impact this has on fundamental rights.

In an era of globalized terrorism and ever increasing cybercrime, the use of state-of-the-art investigative techniques and certain forms of surveillance by law enforcement and security services is absolutely crucial to safeguard security. At the same time individuals rightfully attach increasing importance to their right to personal privacy – including in the cyberspace. As a consequence, operations by law enforcement and other security authorities are frequently questioned in terms of data protection compliance. This public debate often follows an “either/or logic” suggesting that we can never have it all: if we turn up freedom, we get less security, and if we turn up security, we get less freedom.

This scenario created the framework in which this year’s EDEN conference brought together 300 law enforcement officials, EDEN specialists, representatives of private industries, NGOs, academia and stakeholders interested in data protection matters in a law enforcement context.

The key topics of the conference covered:

• the right to data protection and privacy;
• risks and opportunity for citizens;
• effects of the General Data Protection Regulation (GDPR) on law enforcement;
• government hacking, data retention, and darknet investigations;
• bridges between intelligence services and law enforcement agencies;
• from law enforcement fiction to future – privacy in the year 2030.

Catherine De Bolle, Europol Executive Director, opened the conference and said: “We don't have to choose freedom or security. There is no need to compromise on individual privacy for the sake of public security. In the fulfilment of our mandate, Europol is working to increase the synergies between these two fundamental rights. We want and need to be innovative in implementing privacy by design. We need to continue the discussion between law enforcement, the private sector and the academic world.”

Wojciech Wiewiórowski, Assistant Supervisor at the European Data Protection Supervisor (EDPS), in his key note speech emphasised that we need to move away from the ‘freedom vs. security’ tune: “There is no privacy without security and no security without privacy.” The Assistant Supervisor highlighted that the possibility of increasing security without decreasing data protection rights also forms the very basis of ‘data protection-by-design’.

Henrik Saugmandsgaard Øe, Advocate General of the European Court of Justice, elaborated relevant case law dealing with the controversial topic of data retention. The European Court of Justice has in fact not considered data retention as non-compliant with the EU Charter of Fundamental Rights by default. The Advocate General in this context referred to pending legal proceedings which will further specify the criteria for a fundamental rights compliant data retention regime.

Due to the high visibility of speakers from different sectors all over the world, the conference represented a great opportunity for stakeholders interested in data protection matters. By discussing the impact that the processing of data in an interconnected and borderless cyber-world has for both the fundamental rights of citizens and the world of law enforcement and security authorities, the conference aimed to overcome the perceived contradiction between freedom and security.

This year’s EDEN conference followed the success of its 2016 predecessor, Privacy in the Digital Age of Encryption and Anonymity Online.