It’s not actually banned in the EU yet—the legislative process is much more complicated than that—but it’s a step: a total ban on biometric mass surveillance.
To respect “privacy and human dignity,” MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of individuals in public spaces, saying citizens should only be monitored when suspected of a crime.
The parliament has also called for a ban on the use of private facial recognition databases—such as the controversial AI system created by U.S. startup Clearview (also already in use by some police forces in Europe)—and said predictive policing based on behavioural data should also be outlawed.
MEPs also want to ban social scoring systems which seek to rate the trustworthiness of citizens based on their behaviour or personality.
Posted on October 11, 2021 at 7:49 AM •
The EU is offering “bug bounties on Free Software projects that the EU institutions rely on.”
Posted on January 9, 2019 at 7:05 AM •
One of the effects of GDPR—the new EU General Data Protection Regulation—is that we’re all going to be learning a lot more about who collects our data and what they do with it. Consider PayPal, that just released a list of over 600 companies they share customer data with. Here’s a good visualization of that data.
Is 600 companies unusual? Is it more than average? Less? We’ll soon know.
Posted on March 14, 2018 at 6:24 AM •
We all should be concerned about the privacy settings in Windows 10. And we should be glad that the EU has the regulatory authority to do something about it.
Posted on February 28, 2017 at 6:25 AM •
There’s an excellent article in Foreign Affairs on how the European insistence on data privacy—most recently illustrated by their invalidation of the “safe harbor” agreement—is really about the US talking out of both sides of its mouth on the issue: championing privacy in public, but spying on everyone in private. As long as the US keeps this up, the authors argue, this issue will get worse.
From the conclusion:
The United States faces a profound choice. It can continue to work in a world of blurred lines and unilateral demands, making no concessions on surveillance and denouncing privacy rights as protectionism in disguise. Yet if it does so, it is U.S. companies that will suffer.
Alternatively, it can recognize that globalization comes in different flavors and that Europeans have real and legitimate problems with ubiquitous U.S. surveillance and unilateralism. An ambitious strategy would seek to reform EU and U.S. privacy rules so as to put in place a comprehensive institutional infrastructure that could protect the privacy rights of European and U.S. citizens alike, creating rules and institutions to restrict general surveillance to uses that are genuinely in the security interests of all the countries.
More broadly, the United States needs to disentangle the power of a U.S.-led order from the temptations of manipulating that order to its national security advantage. If it wants globalization to continue working as it has in the past, the United States is going to have to stop thinking of flows of goods and information as weapons and start seeing them as public goods that need to be maintained and nurtured. Ultimately, it is U.S. firms and the American economy that stand to benefit most.
EDITED TO ADD (1/13): Stewart Baker on the same topic.
Posted on January 6, 2016 at 6:14 AM •
This makes a lot of sense.
Viviane Reding dismissed recent fines for Google as “pocket money” and said the firm would have had to pay $1bn under her plans for privacy failings.
Ms Reding said such punishments were necessary to ensure firms took the use of personal data seriously.
And she questioned how Google was able to take so long to getting round to changing its policy.
Ms Reding, who is also vice-president of the European Commission, wants far tougher laws that would introduce fines of up to 5% of the global annual turnover of a company for data breaches.
If fines are intended to change corporate behavior, they need to be large enough so that avoiding them is a smarter business strategy than simply paying them.
Posted on January 28, 2014 at 6:47 AM •
Things are getting interesting in Europe:
Max is a 24 year old law student from Vienna with a flair for the interview and plenty of smarts about both technology and legal issues. In Europe there is a requirement that entities with data about individuals make it available to them if they request it. That’s how Max ended up with a personalized CD from Facebook that he printed out on a stack of paper more than a thousand pages thick (see image below). Analysing it, he came to the conclusion that Facebook is engineered to break many of the requirements of European data protection. …
The logical next step was a series of 22 lucid and well-reasoned complaints that he submitted to the Irish Data Protection Commissioner (Facebook states that European users have a relationship with the Irish Facebook subsidiary).
EDITED TO ADD (11/14): The 22 complaints are here
Posted on October 18, 2011 at 6:34 AM •
Interesting interview with Viviane Reding, the vice president of the EU Justice Commission and head of privacy regulation:
The basic values in Europe are that we have the right to our own private, personal data. It’s mine. And if one agrees to give that data,then it is available. That is known as opt-in consent and we’ve had that as law since 1995.
Protection of individuals is not the question of voluntary action. For us, it is written in our charter of fundamental rights that everyone has the right to the protection of their data.
Differences in privacy law between the US and the EU are going to be a big issue in 2011.
Posted on December 23, 2010 at 5:59 AM •
Interesting journal article evaluating the EU’s counterterrorism efforts.
Posted on July 21, 2010 at 5:50 AM •
Sidebar photo of Bruce Schneier by Joe MacInnis.