1
INDICATIVE VERSION: DO NOT CITE WITHOUT PERMISSION
FROM THE AUTHORS
Beyond the security paradox: ten criteria for a socially informed
security policy
Abstract
This paper investigates the normative and procedural criteria adopted by European
citizens to assess the acceptability of surveillance technologies. It draws on qualitative
data gathered at twelve citizen summits in nine European countries. The analysis
identifies ten criteria, generated by citizens themselves, for a socially informed security
policy. These criteria not only reveal the conditions, purposes and operation rules that
would make current European security policies and technologies more consistent with
citizens’ priorities. They also cast light on an interesting paradox: although people feel
safe in their daily lives, they believe security could, and should, be improved.
Keywords
Public engagement, surveillance technology, security, privacy preference
2
Introduction
Over the past twenty years, but especially since 9/11, security policies in western societies
have increasingly adopted pre-emptive measures which are reliant on Surveillance-
Oriented Security Technologies (SOSTs). This shift has had controversial consequences,
with scholars highlighting a variety of concerns they associate with pre-emptive security
and surveillance practices (Hoijtink, 2014, De Goede, 2014, De Goede and Randalls,
2009). As new SOSTs facilitate the collection, storage, processing and combination of
personal data by security agencies and commercial organizations, their impact on
established civil and political rights (Friedewald et al., 2010), social sorting (Strauß and
Nentwich, 2013, Lyon, 2007a), and on individual privacy (Lyon, 2002)
1
has been
criticized.
With so many concerns raised by technologies over which citizens have little
control, it would be reasonable to expect Public Engagement with Science (PES) studies
to have scrutinised how people assess these technologies and their implementation.
However, SOSTs have so far received relatively little attention (Martin and Donovan,
2014, Pavone and Degli Esposti, 2012). Inspired by an unquestioned acceptance of the
trade-off between privacy and security, early studies tend instead to consider the extent
to which citizens are willing to trade their privacy in exchange for greater security
(Bowyer, 2004, Jain et al., 2005, Strickland and Hunt, 2005). More recent studies have
focused on the decision-making process involved in the development and implementation
1
Many of these concerns have been recently confirmed by the scandals and abuses revealed by
whistleblowers like Assange, Snowden and Manning in LANDAU, S. 2013. Making sense from
Snowden: What's significant in the NSA surveillance revelations. IEEE Security & Privacy, 54-63,
LYON, D. 2014. Surveillance, snowden, and big data: capacities, consequences, critique. Big Data &
Society, 1, 2053951714541861, BAUMAN, Z., BIGO, D., ESTEVES, P., GUILD, E., JABRI, V.,
LYON, D. & WALKER, R. B. 2014. After Snowden: Rethinking the impact of surveillance.
International political sociology, 8, 121-144.
3
of SOSTs (Hempel et al., 2013, van Lieshout et al., 2013, Wright and Friedewald, 2013,
Wright et al., 2014, Michael Friedewald et al., 2017).
The present study hopes to contribute to this line of inquiry by focusing on an
interesting paradox: although people feel safe in their daily lives, they believe security
could, and should, be improved. Evidence of this paradox can be found in Eurobarometer
432—Europeans’ attitudes towards security (EC, 2015). The report indicates that,
although the large majority of respondents consider their countries secure places (89
percent; n = 28,082), and agree on saying that their immediate neighbourhood, city, town
or village are safe places to live in (82 percent), a large percentage of them think that
security agencies are not doing enough to fight crimes such as corruption (52 percent),
human trafficking (47 percent), money laundering (46 percent), drug trafficking (41
percent), or cybercrime (40 percent), and that citizens (79 percent) and citizens’
associations (64 percent) could also help and play a role in safeguarding public security.
Furthermore, the majority of European citizens (55 percent) consider that fundamental
rights and freedoms have been restricted as a result of current security policies. This
negative perception of the effect of security policies on individual freedoms seems to be
worse in 2015 than it was in 2011, when only 48 percent considered their liberties to have
been restricted for reasons related to the fight of crime and terrorism (EC, 2014). These
findings seem to suggest that current security policies and solutions are somehow
perceived as inadequate by citizens, whose demands, opinions and perceptions need to be
further explored and included in future security policies. In pursuing this objective, PES
studies can stimulate productive and insightful discussion about the politics and purposes
of science and technology (Stirling, 2008). They also have a role in producing new and
socially responsible knowledge that can underpin innovation (Owen et al., 2012),
4
governance (Macnaghten and Chilvers, 2014) and policy-making (Jasanoff, 2003,
Hagendijk and Irwin, 2006).
Through the adoption of an adapted version of the citizen summit methodology,
this paper analyses the multiple ways in which citizens interpret security and privacy and
assess and evaluate SOSTs. Drawing from qualitative data gathered at twelve citizen
summits in nine European countries, this article presents ten general criteria used by
citizens to assess the adequacy of SOSTs. On the one hand, the analysis confirms the
appropriateness of policy actions undertaken in the area of data protection; on the other
hand, it also suggests alternative normative and procedural principles, which could be
adopted in the design, deployment and management of security technologies and that can
increase the acceptability of future security solutions.
Exploring SOSTs from a public engagement perspective
Over the past twenty years, the concept of security has undergone multiple
reformulations. It has shifted from territorial integrity and national sovereignty to human
security and, after 9/11, to a new concept of homeland security. New security policies
have particularly encouraged pre-emptive security measures, enacted through the
development of data-intensive security technologies and public-private security
collaboration. These measures have been introduced within policy frameworks which
justify the restriction of individual privacy and freedom; a matter of political concern
(Beck and Lau, 2005, Richards, 2012, Cohen, 2014, Lyon, 2007b, Lyon, 2013,
Friedewald et al., 2010). Some scholars argue that new holistic security policies suffer
from a democratic deficit (Zwolski, 2012, Eriksen et al., 2003, Tonra, 2011); they aslo
tend to reduce democratic scrutiny in other policy domains by framing social problems
5
as security problems (Huysmans, 2006, Huysmans, 2000, Loader, 2002, Balzacq, 2010,
Balzacq, 2008). Several studies have shown how the security agenda increasingly
constructs migration, crime and social integration as existential threats, addressing them
in very narrow security terms and shifting attention away from the role played by social,
political and economic factors (Léonard, 2010, Karyotis, 2011, Boswell, 2007, Dover,
2008).
Security solutions which rely heavily on digital surveillance have been especially
criticized for different reasons. First, they privilege pre-emptive approaches based on
pattern discovery over forms of targeted and historically motivated tracking (Lyon, 2014).
Furthermore, their impact on crime reduction is contested (Welsh et al., 2015) and can
encourage crime displacement (Johnson et al., 2012). Finally, more recent studies of
privacy concerns demonstrate that most people feel resigned and powerless when
confronted with the current reality of mass dataveillance (Degli Esposti, 2014, Turow et
al., 2015).
Despite the relevancy of the topic and the need to investigate public perceptions of
security technologies, most studies in the area suffer the limitations of having replicated
policymaker discourses concerning the existence of a trade-off between privacy and
security (Strickland and Hunt, 2005). In framing security and privacy as interchangeable
goods, these studies have not explored, for instance, whether security technologies
actually address citizens’ security needs and priorities (Jain et al., 2005), how privacy is
conceptualized, or whether citizens actually frame the latter in opposition to security
(Strickland and Hunt, 2005). Furthermore, these studies have contributed to perpetuate
security policies that considerably reduce privacy without offering significant gains in
security (Mitchener-Nissen, 2014, Pavone et al., 2016). In fact, studies based on the
