Journal Article•
Privacy and Law Enforcement in the European Union: the Data Retention Directive
01 Jul 2007-Chicago Journal of International Law (University of Chicago Law School)-Vol. 8, Iss: 1, pp 233
TL;DR: The Data Retention Directive (or "Directive") as discussed by the authors is the first data protection law to address data privacy in law enforcement, which was proposed by the European Parliament and the Council of Europe's Convention on Data Protection.
Abstract: This Article examines a recent twist in European Union ("EU") data protection law. In the 1990s, the European Union was a market-creating organization and the law of data protection was designed to prevent rights abuses by market actors. Since the terrorist attacks in New York, Madrid, and London, however, cooperation in law enforcement has accelerated. Now the challenge for the European Union is to protect privacy in its emerging system of criminal justice. This Article analyzes the first EU law to address data privacy in law enforcement-the Data Retention Directive (or "Directive"). Based on a detailed examination of the Directive's legislative history, this Article finds that privacy-as guaranteed under Article 8 of the European Convention on Human Rights and the Council of Europe's Convention on Data Protection-is adequately protected in the Directive. This positive experience can serve as guidance for guaranteeing other fundamental rights in the rapidly expanding area of EU cooperation on criminal matters. I. INTRODUCTION Data privacy is one of the oldest human rights policies in the European Union. The European Union was born as an international organization dedicated to the creation of a common market. Rights emerged only gradually, as it became apparent that market liberalization could come into conflict with rights and that the safeguards available under national constitutional law were inadequate. At first, the European Court of Justice took the lead in establishing rights. By the mid-1990s, however, the European legislature had also become active. One of its first forays into the human rights realm was the Data Protection Directive. The Data Protection Directive, proposed in 1990 and passed in 1995, set up a complex regulatory scheme at the national level to protect individual rights.1 At that time, as was to be expected in a European Union still focused on the common market, data protection was aimed at preventing rights abuses by market actors and by government agencies operating as service providers. Recently, however, EU data protection has taken a new turn. Now, the challenge is to safeguard privacy when governments exercise their core sovereign powers of national security and law enforcement. This Article examines the European Union's new turn toward protecting privacy in law enforcement activities. The first part explores the developments that have given rise to these policies, namely the growing importance of digital technologies in police investigations and the intensification of police cooperation in the European Union following the terrorist attacks in New York, Madrid, and London. The second part analyzes the Data Retention Directive, the legislation with the most significant data protection ramifications to be enacted at the time of this writing.2 The Article concludes with some thoughts on how the largely positive experience of the Data Retention Directive can inform the protection of other classic liberal rights in the rapidly growing domain of European cooperation on fighting crime. II. LAW ENFORCEMENT IN THE DIGITAL EUROPEAN AGE To understand the challenges of data protection today, a bit of history is necessary. The first European data protection laws date to the early 1970s. Their focus was large-scale data collection by the government and by the few private actors with the resources and technology to engage in such data processing-mostly banks and telecommunications providers. On the public side, these early laws largely affected those parts of government administration that routinely collected large amounts of information from citizens for purposes of providing services such as health care, education, and welfare. For the most part, intelligence and law enforcement officials were untouched by these early data protection regulations. Under their respective national laws, intelligence and law enforcement officers were generally prohibited from accessing without cause the records of other government agencies. …
Citations
More filters
TL;DR: This work aims to review the methods and techniques that have been implemented to discover knowledge from mobile phone data, classify these existing methods and present a taxonomy of the related work by discussing their pros and cons.
Abstract: Data volume grows explosively with the proliferation of powerful smartphones and innovative mobile applications. The ability to accurately and extensively monitor and analyze these data is necessary. Much concern in cellular data analysis is related to human beings and their behaviours. Due to the potential value that lies behind these massive data, there have been different proposed approaches for understanding corresponding patterns. To that end, analyzing people ʼ s activities, e.g., counting them at fixed locations and tracking them by generating origin-destination matrices is crucial. The former can be used to determine the utilization of assets like roads and city attractions. The latter is valuable when planning transport infrastructure. Such insights allow a government to predict the adoption of new roads, new public transport routes, modification of existing infrastructure, and detection of congestion zones, resulting in more efficient designs and improvement. Smartphone data exploration can help research in various fields, e.g., urban planning, transportation, health care, and business marketing. It can also help organizations in decision making, policy implementation, monitoring, and evaluation at all levels. This work aims to review the methods and techniques that have been implemented to discover knowledge from mobile phone data. We classify these existing methods and present a taxonomy of the related work by discussing their pros and cons.
46 citations
Posted Content•
TL;DR: In this paper, the authors present a taxonomy of the related work by discussing their pros and cons, and a review of methods and techniques that have been implemented to discover knowledge from mobile phone data.
Abstract: Data volume grows explosively with the proliferation of powerful smartphones and innovative mobile applications. The ability to accurately and extensively monitor and analyze these data is necessary. Much concern in mobile data analysis is related to human beings and their behaviours. Due to the potential value that lies behind these massive data, there have been different proposed approaches for understanding corresponding patterns. To that end, monitoring people's interactions, whether counting them at fixed locations or tracking them by generating origin-destination matrices is crucial. The former can be used to determine the utilization of assets like roads and city attractions. The latter is valuable when planning transport infrastructure. Such insights allow a government to predict the adoption of new roads, new public transport routes, modification of existing infrastructure, and detection of congestion zones, resulting in more efficient designs and improvement. Smartphone data exploration can help research in various fields, e.g., urban planning, transportation, health care, and business marketing. It can also help organizations in decision making, policy implementation, monitoring and evaluation at all levels. This work aims to review the methods and techniques that have been implemented to discover knowledge from mobile phone data. We classify these existing methods and present a taxonomy of the related work by discussing their pros and cons.
23 citations
Journal Article•
TL;DR: The suitability, necessity, and proportionality of the interference with the fundamental rights to privacy and data protection as guaranteed by the Charter of Fundamental Rights of the European Union are examined.
Abstract: The EU Data Retention Directive (2006/24/EC) provides an obligation for providers of publicly available electronic communications services and of public communications networks to retain traffic and location data for six months up to two years for the purpose of the investigation, detection, and prosecution of serious crime. Considering potential uses and misuses of retained data such as traffic analysis, social network analysis, and data mining, this paper examines the suitability, necessity, and proportionality of the interference with the fundamental rights to privacy and data protection as guaranteed by the Charter of Fundamental Rights of the European Union.
23 citations
TL;DR: An approach to privacy enhancing technologies that sees privacy not merely as an individual right, but as a public good is introduced.
Abstract: The paper introduces an approach to privacy enhancing technologies that sees privacy not merely as an individual right, but as a public good This idea finds its correspondence in our approach to privacy protection through obfuscation, where everybody in a group takes a small privacy risk to protect the anonymity of fellow group members We show how these ideas can be computationally realised in an Investigative Data Acquisition Platform (IDAP) IDAP is an efficient symmetric Private Information Retrieval protocol optimised for the specific purpose of facilitating public authorities' enquiries for evidence
15 citations
24 Jun 2013
TL;DR: A novel algorithm for solving a cyber security problem which utilizes well-known and widely used branch and bound technique and depth-first search strategy and finds all trade-off solutions and the extension of this algorithm is proposed which utilizes a preprocessing technique called soft Arc Consistency.
Abstract: A cyber security problem is an important application domain for systems resilience. The increase of malware, computer viruses, and intensive cyber attacks are serious problems for our information society. In this paper, we introduce a new presentation of a cyber security problem. Our model is based on a Multi-Objective Distributed Constraint Optimization Problem (MO-DCOP) which is a fundamental problem that can formalize various applications related to multi-agent cooperation. MO-DCOP is suitable for modeling a cyber security problem, since cyber security problems involve multiple criteria, e.g., risk (security), surveillance (privacy) and cost. Furthermore, MO-DCOP is a decentralized model. In this model, variables and constraints are distributed among agents. Since there exists no single agent which maintains all informations, it is resilient against intensive cyber attacks. Furthermore, we develop a novel algorithm for solving a cyber security problem which utilizes well-known and widely used branch and bound technique and depth-first search strategy and finds all trade-off solutions. We also propose the extension of this algorithm which utilizes a preprocessing technique called soft Arc Consistency. The softAC is a well-known preprocessing technique which transforms a constraint optimization problem into a simplified problem that can be solved efficiently. In the experiments, we examine the run time of our proposed algorithms in cyber security problems and show that our algorithms can solve cyber security problems quickly.
12 citations