The European Union is drafting a bill that will oblige companies to provide customers’ personal data on request even if it is stored on servers outside the bloc, according to a Reuters report. The proposed legislation would authorize European prosecutors to compel companies to hand over data, bypassing existing legal channels.
Sputnik discussed how helpful this initiative will be in tackling cybercrime with Matthew Hickey, Co-Founder & Director of the Hacker House.
Sputnik: What is your take on this initiative? How helpful will it be in tackling cybercrime?
Matthew Hickey: This directive seems to be driven very heavily by law enforcement, and that they want to get information much more quickly across borders without dealing with local jurisdiction and local justice matters, so it will allow them them to get information much more quickly than before which will give them, obviously, an advantage when trying to catch criminals who might be operating transnationally or internationally in different countries.
Sputnik: On the other side of the coin, with regard to this, is privacy issues, obviously there’s a lot of discussion and discussion groups about retention of privacy in this technological age, to what extent will privacy be compromised therefore, if the law is adopted?
Matthew Hickey: It is a bold statement, really, that they want to make data effectively borderless, this would mean the removal of sovereignty around the data. It will remove a lot of local jurisdictions and policies and these local jurisdictions and policies, basically, have a lot of privacy mechanisms already in use, so it would certainly address the needs of law enforcement to get accesses to information more quickly, but it would do that by circumventing many of our own existing personal privacy laws, making our data exposed unnecessarily and without proper due diligence and process, so it could be used without proper care and attention, and it could be subject to leaks.
Sputnik: This in fact is a shifting of the EU’s traditional position that was previously in line with privacy advocates in the past, so it looks on the face of it as though the EU is shifting its stance towards more transparency then, what’s your take on it?
Matthew Hickey: It’s identification of a wider problem. Basically, the sharing of information between countries for law enforcement purposes is kind of flawed, but certainly there’s a need to make that process faster and more streamlined, the main problem is that this legislation is, perhaps, not as cleverly thought-out in terms of addressing some of those local jurisdiction and justice policies that would safeguard our personal data and not open it up to abuse by a malicious state. There’s certainly cause for argument that if an individual is drinking in one country where it’s not illegal and their information is accessed in a country where it is illegal, there could be abuse of states harvesting information and getting accesses to data without proper traditional court-enforced policies and procedures.
Sputnik: We are living in more and more transparent times and it’s very difficult to be hidden underground so to speak, is that the way that the world is going now? Is everybody going to be able to know everybody else’s information and news if you like?
Matthew Hickey: It’s certainly a side-effect of so much information being shared and not enough safeguards being put in place to protect that information adequately. I think that this new EU legislation is echoing a wider problem that they have identified the need for law enforcement to get information more quickly, but that shouldn’t come at the expense of safeguarding our personal privacy, because who wants to live in a completely transparent world. I think that it is very important that personal privacy is safeguarded, given the arts and the music that many of us enjoy, so it’s important that we protect these concepts of personal privacy and who owns our data. If our data now is subjected to anyone in the EU then it obviously raises questions on how that will be enforced locally and what safeguards will be made to prevent that data from becoming public.
Sputnik: What’s the complexity of introducing a law like this and how would it fit in with existing data protection laws? What’s your view point on that?
Matthew Hickey: They would have to improve existing core processes and try to make a unilateral agreement whereby information could flow freely between different government agencies, different government departments, but how they would keep track of that, how they would manage classification of data, and would they get everybody agreeing on an international standard, so it could become quite messy quite quickly. So it will be quite interesting to see how they will propose to introduce the technical complexities of this, without just saying you will no longer need a warrant to access this information, it will just be freely available to any member state, that certainly would raise alarm bells with a lot of watchdogs and privacy advocates.
Sputnik: What’s you particular stance on moving this forward in terms of protecting our personal information, but also allowing the police forces of the world to be able to track down crime and cybercrime?
Matthew Hickey: I think it needs a lot more collaboration between law enforcement, government policy makers and the tech companies themselves. Obviously, the user bases are out there, the individuals using these products and it’s important that their data is safeguarded, and it’s right for technology companies to stand up for that, and it’s important that we ensure that legislative decisions and policy influence is not just coming from one sector of professional or public security, for instance, just law enforcement, it’s important that it comes from a whole spectrum of individuals and the safeguards that are put in place don’t infringe on individual’s right to have freedom of expression or right to personal privacy, the right to be able to store their poetry lyrics on a web server without it being routinely accessed without a warrant or sufficient legal basis. I think there’s a long way to go really for the policy makers, who are proposing these solutions, to understand really the implications of that means for a more global society when we apply them across all the EU member states.