First PrivacyOS Conference: different privacy approaches in synergy

By EDRi · November 5, 2008

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

The first Open Space conference of the PrivacyOS project was held in
Strasbourg on 13-15 October 2008, in the European Parliament premises.
PrivacyOS is a project funded under the European Commission’s ICT Policy
Support Programme, started on 1 June 2008 for a total duration of 24 months.
Seventeen partners have joined forced in this project aiming at bringing
together industry, SMEs, Government, Academia and Civil Society to foster
development of privacy infrastructures for Europe. The project is
coordinated by Jan Schallaböck and Katalin Polgar, both from the
Schleswig-Holstein (Germany) Data Protection Authority.

The general objectives of PrivacyOS are to create a long-term collaboration
in the thematic network and establish collective interfaces with other EU
projects. Participants exchange research and best practices, and develop
strategies and joint projects following four core policy goals:
awareness-rising, enabling privacy on the Web, fostering privacy-friendly
Identity Management, and stipulating research.

The Open Space conference format has proven a powerful mean to share
participants’ achievements, research and developments questions, and social
concerns with respect to privacy. It also allowed to mix technical, legal
and political approaches of privacy protection issues. It was a good venue
to learn from other EU funded projects related to privacy, like the
EuroPriSe (European privacy seal), PrimeLife, and others. This first edition
was organized into 12 timeslots of 45mn each. Participants, including non
project partners attending the conference, distributed the slots according
to their proposed activities.

While most thematic sessions were introduced by one or two presentations,
some timeslots took a more interactive form, like the one coordinated by the
Oxford Internet Institute, a project partner, on ‘Mapping the Database
State’:
participants were invited to form three groups to discuss what central
databases are setup in the framework of EU member states e-government
developments.

Privacy enhancing technologies (PETs) were intensively discussed during the
conference. Technical solutions were presented, like the SWIFT project
consortium’s proposal for identity management or the ‘Silent Tag’ project
presented by Friendly Technologies Ltd, aiming at defining RFID chips that
do not reply to generic interrogation, but only to identified and
authenticated ones. Legal, ethical and political requirements were also
discussed, following a presentation by Microsoft’s Chief Privacy Advisor
Caspar Bowden. Caspar Bowden’s idea of interpreting article 8 of ECHR as a
mandatory requirement for PETs implementation probably fall into
technological determinism, but his suggestion to regulate data mining as a
technology nicely converge with the concept of ‘design liability’ advocated
by Law Professor Joel Reidenberg at the 2007 International Conference of
Data Protection and Privacy Commissioners in Montreal. The only remaining
issue being that regulation implies control and such control is necessarily
based on open access to the software to be examined..

As a PrivacyOS project partner, EDRI participated to this conference with a
delegation of 4 persons representing its members FifF (Germany), IRIS
(France), IuRe (Czech republic), and NNM (Germany). Two of them gave
presentations: Ralf Bendrath (NNM) on “The new Privacy Movement – how to
link & use the energy” and Meryem Marzouki (IRIS) on “ICTs and Security
Policies: Trends and Needs for Specific Guarantees”. Other EDRI members are
also partners of this project on their own: Metamorphosis (Macedonia) and
Quintessenz (Austria).

PrivacyOS is planning 3 other such conferences before the end of the project
duration. Next conference will be held in Berlin, Germany, in April 2009.

PrivacyOS project (with conference presentations online)
http://www.privacyos.de

EDRI-gram: ENDitorial: Montreal Privacy Week: Terra Incognita Or Deja Vu?
(10.10.2007)
http://www.edri.org/edrigram/number5.19/montreal-privacy-week

(Contribution by Meryem Marzouki – EDRi-member IRIS – France)