Paris attacks inflame Europe’s privacy clash

Attacks in France force MEPs and member countries to look again at data protection and Internet rules.

Before the bloody attacks in Paris, the European Union was already in the throes of a long and passionate debate over the balance between security and privacy.

As the manhunt continues and authorities race for clues, that debate is raging at every political level. The outcome will have sweeping consequences for international cooperation between law enforcement and businesses, as well as on the fundamental right to privacy and data protection.

Conservatives in the European Parliament are now pushing for a database to record the personal details of everyone flying within the EU. They also want to tear up proposed rules for protecting the data that national law-enforcement agencies share with one another.

In the U.K., where the government said Monday security services had thwarted seven attempted attacks in the past six months, the carnage in Paris may accelerate proposals to collect records of citizens’ web-surfing and bypass the encryption in their digital conversations.

Privacy clash

The Parliament’s civil liberties committee finally gave its approval in July to proposals for a passenger name record (PNR) system. Although conservatives and countries such as the U.K. wanted the program also to cover flights within the Union, left-wing parties successfully resisted.

“It’s now getting very clear that intra-EU flights is a must,” said Axel Voss, a German MEP of the center-right EPP bloc and a shadow rapporteur on the PNR plans.

The left wing needs to “take more responsibility under these conditions, not just voting down everything,” he added.

His view is shared by the interior ministers of France and Belgium, where many of the Paris attackers lived. They said Sunday they did not want to wait for the 28 EU countries to give their consent.

A PNR system must be quickly agreed that “allows an effective fight against terrorism,” said French Interior Minister Bernard Cazeneuve.

Sophie in ‘t Veld, the shadow rapporteur for the liberal ALDE group, said the French and Belgian authorities were trying to create a “smokescreen” for their own intelligence failures.

“It is so sexy setting up big IT systems, whereas what we really need is human intelligence, people on the ground who know the people in the community,” in ‘t Veld said.

Left and right parliamentarians also clashed Monday over the issue of a directive under negotiation that would protect personal data shared among law-enforcement agencies in the EU.

Voss tried to suspend the negotiations, but was rebuffed by other parliamentarians.

The Commission, Parliament and Council have pledged to wrap up negotiations by year-end.

“It would be the stupidest thing in the world to suspend the work on the data protection directive after this attack,” in ‘t Veld said. “We urgently need this instrument to facilitate the exchange of information between police forces.”

Transatlantic debate

The attacks could also have some effect on the negotiations between the EU and U.S. for a successor to the so-called safe harbor agreement.

The European Court of Justice struck down that pact last month because it lacked safeguards for Europeans’ data being handled in the U.S. The court said there were not sufficient guarantees against surveillance by the U.S. National Security Agency.

However, EU negotiators are unlikely to alter their stance.

EU Justice Commissioner Věra Jourová, traveling in Washington Monday, said there could be no “trade-off” between security and the fundamental rights to privacy and data protection.

However, Jourová also touched on another aspect of the debate: the role of the Internet in fostering extremism.

EU interior ministers raised this issue after the Charlie Hebdo and Hyper Cacher attacks in France in January.

Jourová said the Commission had for months been urging major tech firms to “help decrease the level of intolerance in society by deleting hate speech, which has the potential to incite hate and violence.”

“The companies and I spoke to the big players, they understood fully they are part of the problem so they must be part of the solution,” she said in a speech at the Brookings Institution.

Companies such as Facebook are already under great pressure in Europe over online extremism. German authorities are investigating Facebook’s regional manager over the social network’s alleged failure to remove anti-immigrant comments that other users flagged for deletion.

British authorities are focused on how jihadist propaganda spreads online. In 2014, the government got Internet service providers to filter out extremist websites.

Surveillance boost

The Paris attacks will likely help the Conservative U.K. government in its quest for new surveillance powers.

The government unveiled an investigatory powers bill this month that would force Internet service providers to store records of people’s web browsing for a year.

“We should look at the timetable,” Prime Minister David Cameron told the BBC on Monday, suggesting the legislative process may be expedited.

Under the bill, online communications services would also have to let authorities access encrypted conversations.

It remains unclear whether the government wants to weaken that encryption or more easily hack into mobile devices and computers to see what users have on their screens.

Either way, security officials have long warned of terrorist communications “going dark” thanks to encrypted services such as Facebook’s WhatsApp, Apple’s iMessage and Telegram.

These tools are not only used by terrorists, but also by the public after Edward Snowden’s surveillance disclosures about the NSA and the U.K.’s GCHQ agency.

Jan-Phillip Albrecht, a German Green MEP, is an enthusiastic proponent of encryption. He argued Snowden’s revelations were filtered by journalists who were careful not to reveal too many details of investigations. However, he acknowledged terrorists started using more encryption.

“That’s a reaction which is unfortunate, but which is also a normal reaction of all citizens,” Albrecht said.

While the British may be preparing legislation now, France’s terrorism’s policies were tightened earlier this year.

The Charlie Hebdo and Hyper Cache killings helped propel a sweeping new surveillance law through the French legislature.

The law compels Internet service providers to install equipment that lets the authorities look for suspicious patterns in domestic Internet traffic, in real-time.

While the law was passed four months ago, the French government is not believed to have issued the decree to set this surveillance in motion.

A second, newer bill, has been approved by the French parliament but has yet to clear the constitutional court. This bill would allow French intelligence to monitor Internet traffic flowing between France and other countries.

It remains to be seen whether the court will approve as the law has several key elements of the domestic surveillance law it rejected in July.

However, that may be a moot point. In reality, the law would legitimize a program that former president Nicolas Sarkozy authorized in early 2008.

Under this secret program, revealed by French magazine L’Obs in July, the intelligence services have long been tapping the Internet cables coming ashore at Marseille, Penmarch and Saint-Valéry-en-Caux.

This article was first published on POLITICO Pro.

Click Here: Cardiff Blues Store