• Data Economy

    Why solving the PNR dilemma could help find a new balance between privacy and security

    In the overflow of ongoing debates about security and privacy in Europe, the discussion over an EU wide passenger name record system (PNR) is most telling of Europeans’ data-schizophrenia. But interestingly enough, going beyond the PNR controversy, coul [read more]
    byGuillaume Xavier-Bender | 20/Apr/20156 min read
    FacebookTwitterGoogle+WhatsAppEvernotePocketKindle ItBufferLinkedIn
    x
    Bookmark

    In the overflow of ongoing debates about security and privacy in Europe, the discussion over an EU wide passenger name record system (PNR) is most telling of Europeans’ data-schizophrenia. But interestingly enough, going beyond the PNR controversy, could also propel Europe into a new era of security, prosperity and privacy.

    It’s always a strange feeling, and it happens more often than not within the EU. From the moment you walk into the airport to the moment you exit your arrival terminal, it may happen that no one has asked you at a single time during your journey to show an ID.

    You scanned your QR code to access the departure gates, you scanned it again to go through security and then to board, you flew and crossed one or multiple borders, you exited the plane, walked through baggage claim without stopping, and then customs, and you are in another country.No one ever asked you for an ID, and when flying, it is always a strange thought to have that the passenger sitting next to you might not be the person whose name is on the ticket.

    Reality, though, is much different. Passenger information collected by airlines is accessible to law enforcement authorities who can ‘pull’ names of suspected terrorists or criminals. But suspects need to already be on a list for the system to work impermeably.

    With rising concerns throughout Europe that terror attacks may be the act of EU citizens radicalized and trained abroad, many argue for a system that would allow drawing patterns and pre-empting the worse from happening.

    It was in this spirit that an EU-U.S. PNR agreement was adopted as soon as 2007, providing a framework for the transfer of EU air passengers’ personal data to the US authorities. With such a system, airlines ‘push’ passenger information to law enforcement authorities, who are then able to identify ‘unknown’ suspects.

    Put bluntly: after analysis of their data (travel dates, itinerary, baggage and payment information, etc.) passengers can become suspects; they get on the list.

    Understandably, for security purposes, such a tool can be very useful. It makes sense between allies, and the EU has signed such agreements with Canada and Australia too. It makes even more sense between EU countries; something that has yet to be achieved.

    But understandably as well, such tool raises a number of questions when it comes to the type of data collected, the authorities who will have access to it, the duration of retention of the data, and the risks such profiling could present to individual fundamental rights.

    In the aftermaths of the Paris terror attacks of January 2015, it made renewed sense in Europe to push for a single EU wide PNR. While member states can perfectly design their own systems – and some already have – such fragmentation defeats the purpose of ensuring the same high level of security and privacy to all EU citizens in all EU countries.

    In a resolution that put an end to a long standing stalemate between EU institutions, members of the European Parliament called in February for progress to be made by the Commission and member states on issues related to data retention and data protection, with a view to adopt an EU PNR legislation by the end of the year.

    Reform of data protection rules and adoption of a necessary and proportionate PNR system should therefore be done in parallel. Such conditionality is risky on many levels. But it could also give a much awaited boost to discussions in Europe on data retention and data privacy.

    In addition, finding the right balance in the EU PNR legislation could prove valuable for negotiations with partner countries. On April 1st, Mexico could have started imposing fines of up to $30,000 per flight to European airlines if it was not given sufficient guarantees that an EU-Mexico PNR agreement would soon see the light of day.

    The EU agreed to do so, and the deadline was pushed back to July 1st. Mexico’s muscle flex is not surprising in the current global security context. Other countries, such as Japan and Korea, have asked for the same in past, and could potentially resort to the Mexican precedent.

    As it now stands, the debate over PNR in Europe reaches far beyond the borders of the EU. It reaches to the core fundamentals of both individuals and nations: liberty and security. “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety”, cautioned Benjamin Franklin.

    Perhaps, but when it comes to personal information, the assumption of an inevitable trade-off between security and privacy should not be the norm.

    The mere idea of such a trade-off makes it virtually impossible for policymakers or citizens to move forward constructively.The EU should on the contrary work towards increasing collective security by raising the standards in the protection of privacy. And the parallel discussions over PNR provide an ideal framework to do so before the end of the year.

    We still may not know who is really sitting next to us on the plane after that, but someone definitely will.

     

    photo credits: Jessica Keating Photography
    FacebookTwitterGoogle+WhatsAppEvernotePocketKindle ItBufferLinkedIn
    x
    Bookmark
  • Media

    New paradigms for a hyper-connected era

    The power of connectivity is transforming existing economic, political, and social structures. In a word, the Internet is disrupting established systems. The resulting uncertainty is as much a risk as an opportunity.We are on the hedge of a new frontier. [read more]
    byGuillaume Xavier-Bender | 15/Dec/20144 min read
    FacebookTwitterGoogle+WhatsAppEvernotePocketKindle ItBufferLinkedIn
    x
    Bookmark

    The power of connectivity is transforming existing economic, political, and social structures. In a word, the Internet is disrupting established systems. The resulting uncertainty is as much a risk as an opportunity.We are on the hedge of a new frontier.

    In December 2003, Sir Arthur C. Clarke noted that “satellite television, Internet, mobile phones, email – all these are technological responses to a deep-rooted human desire to communicate and access information. Having achieved unprecedented progress in the field of communications during the past half century, we now have to pause to think of social, cultural and intellectual implications of what we have created.”

    Let’s pause.

    As economies and societies are increasingly becoming data-driven, interactions between individuals, the groups they belong to and the institutions that govern them are evolving dramatically.

    The transformational power of connectivity is immense and resonates far beyond technology itself, as the Internet is changing existing dynamics of economic, social and political construct.

    Preconceptions of accountability, transparency, privacy, and even democracy are being reconsidered. Political systems, the fabrics of social contracts and the nation state are being challenged by an ever growing desire to know, share and control.

    As a result, the enabling power of the Internet is blurring physical borders between countries and peoples, between governments and citizens, between businesses and consumers; what used to create wealth, welfare, influence and power is no longer certain. And this uncertainty is as much a risk as an opportunity.

    These evolutions are fuelled by new technologies that disrupt established systems. In this regard, the Internet is no more different than the printing press, the telephone, the light bulb, the locomotive or the airship. These inventions not only served the technical purpose that their creators intended them to have, but also revolutionized systems all together.

    The telephone, for instance, provided a new technical way of communicating, but it also generated new rules of etiquette – a new societal way of behaving and communicating. The light bulb transformed factories, cities and homes; it changed the way people live, work and interact. Hence the power of technology lies not only in its mechanics, but also in its capacity to transform the environment it is used in.

    [Tweet “The digital revolution is transforming the way information is generated, collected, shared”]

    – whether it is between individuals, between businesses, between machines, or between citizens and governments. Information is participation. And participation leads to contribution.

    In December 2013, Jason Pontin, Editor of the MIT Technology Review, argued that these new technologies “don’t solve humanity’s big problems.” Indeed, they don’t. But perhaps their purpose is less in solving problems for now, than in creating opportunities for collective contribution.

    Ultimately, throughout the world, the big question is one of control: control of information, control of its flow, and protection of that control. As Sir Arthur cautioned, “it is vital to remember that information – in the sense of raw data – is not knowledge; that knowledge is not wisdom; and that wisdom is not foresight. But information is the first essential step to all of these.” In essence, the Information Age is much more than a big problem to be solved; it is humanity’s New Frontier.

    FacebookTwitterGoogle+WhatsAppEvernotePocketKindle ItBufferLinkedIn
    x
    Bookmark