|
|
|
|
Table of
contents |
Reduce traffic data Interview with Andreas Krisch from EDRi on privacy in pervasive communications
Communications is becoming pervasive. Eurescom mess@ge talked to Andreas Krisch, expert in information systems and board member of European Digital Rights, about the effects of advanced telecommunications services on the users’ privacy and trust. European Digital Rights, abbreviated: EDRi, is a civil rights association representing 17 national organisations, which aims to defend civil rights in the information society. Mr Krisch is also member of the board of the Austrian Association for Internet Users (VIBE!AT), a representative in the Information Society Advisory Council of the Austrian Federal Chancellor, and a delegate to the World Summit on the Information Society (WSIS) where he has participated in the Human Rights Caucus and the Privacy and Security Working Group. Communications will increasingly surround us wherever we are. How does this influence the users’ privacy? Krisch: While users and economy clearly benefit from the availability of modern means of communications, the developments in communications technology has clearly influenced the users’ privacy and will be a key area for privacy protection in the future. In contrast to older technologies which were more location centric, modern communication technologies are highly personalised and record by their very nature lots of privacy sensitive information. This constitutes a potential threat to user privacy. What are the main challenges to privacy in telecommunications today? Krisch: The influence of telecommunications on privacy strongly depends on the design and implementation of the technology. Besides the actual communication data, a lot of data is generated which can be used to get insights in the interests and habits of its users. Once recorded it depends on the security and data protection measures applied to which extent the users’ privacy is affected by this recording. So it is a key issue of privacy protection to minimise the data generated in the first place, since no data is as secure as data that never was recorded. Modern information technology provides many mechanisms to protect communication: starting with encryption algorithms to protect the content of communications up to mechanisms for making traffic data anonymous in order to keep habits and interests as well as communication partners private. The challenge we face today is to again strengthen the commitment to the communication secret in our society and to translate this commitment into the design of privacy supporting communication technology. Which factors negatively affect the trust of users and the adoption of telecommunication services? Krisch: Users are aware that telecommunication services collect lots of data on their private lives. Given this knowledge there are a number of factors that lead to a climate of distrust and promote the impression of pervasive surveillance. Amongst these factors are in-transparent data protection standards of telecommunication companies, data transfers within company networks and data usages for unrelated purposes, but also the increasing demand of law enforcement agencies for access to and retention of traffic data and the transfer of personal data to foreign authorities – as done with flight passenger name records. There has been a controversial discussion on the use of biometrics. How could security requirements and the protection of the citizens’ privacy be harmonised with each other? Krisch: In recent years security requirements basically translated into increased surveillance and a reduction of data protection. The recent attempts of four member states to enforce mandatory retention of telecommunication data in the EU is an example for that as well as biometric identifiers on RFIDs in EU passports are. All of these measures have a strong drawback: they do not increase security, and it is uncertain whether they increase the ability to find out what happened after a crime was committed. There is no such thing as a secure world. If modern means of communication are under surveillance, criminals will use letters instead. The innocent users of modern communication will have to pay the price by an immense reduction of their privacy. Security can rather be increased by creating a climate of mutual respect, fairness and trust than by mistrust and surveillance. What has to be done in order to increase the citizens’ trust in pervasive communication services? Krisch: To stick to the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, which were established in 1980, would be a good start. Especially in terms of use, limitation and reduction of the data collected. Encryption methods should be adopted to secure the content of communication. Traffic data, and the retention thereof, should be reduced to a minimum, and billing systems should be provided that need no recording of single usages. Finally, communication providers should comply with international privacy standards. The best privacy protection are communication technologies that are privacy friendly by design. The interview was conducted by Milon Gupta. Further information on EDRi is available at www.edri.org Please send us your comments on this article. |
