Reconciling freedom AND Security was the theme of this year's data protection conference organised by the Europol Data Protection Experts Network (EDEN) and the Academy of European Law (ERA). Held at Europol headquarters on 22 and 23 November, the conference looked at the work of law enforcement and security authorities, and the impact this has on fundamental rights.
In an era of globalised terrorism and ever increasing cyber-crime, the use of state-of-the-art investigative techniques and certain forms of surveillance by law enforcement and security services is seen byt them as absolutely crucial to safeguard security. Simultaneously, individuals highly value their right to personal privacy – including in the cyber-space. Consequently operations by the authorities are frequently questioned in terms of data protection compliance. This public debate is often framed as an "either/or " suggesting that if we turn up freedom, we get less security, and if we turn up security, we get less freedom.
This view was countered by Catherine De Bolle, Europol executive director, who opened the conference saying: "We don't have to choose freedom or security. There is no need to compromise on individual privacy for the sake of public security. In the fulfilment of our mandate, Europol is working to increase the synergies between these two fundamental rights. We want and need to be innovative in implementing privacy by design. We need to continue the discussion between law enforcement, the private sector and the academic world."
Wojciech Wiewiórowski, assistant supervisor at the European Data Protection Supervisor (EDPS), in his key note speech agreed, emphasising that we need to move away from the ‘freedom vs. security’ tune: "There is no privacy without security and no security without privacy." He highlighted that achieving increased security without decreasing data protection rights also forms the very basis of ‘data protection-by-design’.
Henrik Saugmandsgaard Øe, advocate general of the European Court of Justice, elaborated relevant case law dealing with the controversial topic of data retention. The European Court of Justice has in fact not considered data retention as non-compliant with the EU Charter of Fundamental Rights by default. The advocate general in this context referred to pending legal proceedings which will further specify the criteria for a fundamental rights compliant data retention regime.