On ICT law, politics and other digital stuff
Yet more evidence that Data Protection is not an absolute right. On the contrary, as the Italian Supreme Court decision n. 7783/14 said 1 a few days ago:
the interest to the protection of personal data must step back when confronted by true defense needs and other legally relevant interests, such as the fair and coherent enforcement of the right of defense in court.
From the Law Enforcement perspective, the ECJ ruling that on Apr. 8, 2014 declared invalid the Data Retention Directive didn’t harm its investigation to such a greater extent as somebody has claimed. There are, indeed, other legal tools that can be used to fit the purpose of getting traffic data of interest.
First, ISPs and telco operators might still retain traffic data for other legitimate purposes and for longer periods than the six months “sponsored” by the ECJ. This can happens either with the consent of the customer (for marketing and commercial purposes) or without (in case the traffic data have to be retained to meet under a statutory term (in Italy, ten years) the legal obligation to provide evidence to the tax authorities that the billed services have actually been provided and that the ISP is not involved in a money laundering activity. Thus as soon as some data – though not all the one retained under the now defunct DRD – are available, a prosecutor can always seize it.
Second, the Budapest Convention on cybercrime allows the public authorities to issue a “data-freeze” order to avoid the deletion. Again, this might be a second best solution, but it is currently working and viable.
Third, the national Data Protection Authorities have the power, under the Directive 95/46, to issue orders to “customize” the implementation of this legal instrument so to match the requirements of the ECJ, thus legally keeping alive, though maybe partially, the intrinsic admissibility of the data-retention as such under the current European Data Protection legal framework.
Back to one of my first love: next March 11 (Rome University La Sapienza) and 20 (Milan University Statale) I have been asked to talk about “Reverse Engineering of the gray world: Intelligence as a black-box” and “Use(less) online Open Source Intelligence”.
Another step toward the end of the Google’s “we’re just a neutral platform, ain’t nothing to do with those who publish illegal content” defense: according to The Register Google and Microsoft agreed to tweak its algorithms to prevent child-pornography-related searches.
This decision has two downfalls: the first is that in the upcoming trial it will be harder for a search-engine company to pledge innocent against the accusation of direct or contributory infringement since Google and Microsoft made deadly clear that it is actually possible to “handle” the way its engines work. The second is that by targeting the search engine result as a way to counter illegal content only stops the “casual” and final user, while the real criminal will stay free to spread their venom. In other word, focusing on content filter is just a PR stunt to lead Average Joe in believing that the Gov’s are doing fine, so no more “public scandal” ? on mainstream media will bother the Powers-that-be.
The criminals thank you all for the gift.
Axel Spies, a friend and a very skilled Washington-based lawyer just released a summary on the new French Data Protection Authority deliberation in re: transnational discovery of personal data.
Here is the summary’s full-text.