Security and privacy are not mutually exclusive says Europe’s privacy watchdog – and people should stop saying they are.
The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, told a Brussels conference he was concerned that “the objective of cyber-security may be misused to justify measures which weaken protection of [data protection] rights.”“Cyber-security must not become an excuse for disproportionate processing of personal data. Let's not forget that when the European Court of Justice (ECJ) last year found the Data Retention Directive to be invalid, one of the reasons was concern about the inadequacy of the data security provisions in the directive,” he continued . Although some commentators interpreted the ECJ ruling to mean that data must be stored within national borders, Buttarelli disagreed.
“Physical location is not the determining factor in security. Rather, it is degree of control, accountability and responsibility which data controllers demonstrate when processing personal information. They must take full responsibility for all the measures they implement, regardless of the technology they use. Responsibility must not vanish in the clouds,” said the newly appointed EDPS. Negotiations on a new Data Protection Regulation are currently underway and Buttarelli says that accountability should not be sacrificed in the inevitable compromise.
(Score: 2) by DeathMonkey on Thursday April 30 2015, @06:43PM
Security and privacy bloody well ARE mutually exclusive when the "security" forces have been allowed to redefinition "security" to include the right to examine any communication anywhere, anytime.
Yes exactly. My Security and my Privacy are both aspects of the same system and they go hand-in-hand. It's only when Security is redefined as the ability to destroy my Privacy that they become exclusive.