Digital ID – civil society demands protection of Users
One single app to rent a hotel room, prove your age, your educational, financial or health certificates, or to access digital public and private services? Sounds convenient? Well, it is. But if done wrong, it will be equally easy for corporations, authorities or even bad actors to create highly detailed profiles about yourself – spanning a vast area of your everyday life – or abuse this treasure of sensitive personal information in other ways.
Filter resources
-
Digital ID – civil society demands protection of Users
One single app to rent a hotel room, prove your age, your educational, financial or health certificates, or to access digital public and private services? Sounds convenient? Well, it is. But if done wrong, it will be equally easy for corporations, authorities or even bad actors to create highly detailed profiles about yourself – spanning a vast area of your everyday life – or abuse this treasure of sensitive personal information in other ways.
Read more
-
Voluntary detection measures still on the table for the CSA Regulation
Whilst the draft EU CSA Regulation is intended to replace current voluntary scanning of people's communications with mandatory detection orders, lawmakers in the Council and Parliament are actively considering supplementing this with "voluntary detection orders". However, our analysis finds that voluntary measures would require a legal basis in the CSA Regulation, which would likely fall foul of the Court of Justice. Content warning: contains discussions of child sexual abuse and child sexual abuse material
Read more
-
Open letter: Hundreds of scientists warn against EU’s proposed CSA Regulation
Over 300 security researchers & academics warn against the measures in the EU's proposed Child Sexual Abuse Regulation (CSAR), citing harmful side-effects of large-scale scanning of online communications which would have a chilling effect on society and negatively affect democracies. The letter remains open for signatures.
Read more
-
Despite warning from lawyers, EU governments push for mass surveillance of our digital private lives
Whilst several EU governments are increasingly alert to why encryption is so important, the Council is split between those that are committed to upholding privacy and digital security in Europe, and those that aren’t. The latest draft Council text does not go anywhere near far enough to make scanning obligations targeted, despite clear warnings from their own lawyers.
Read more
-
Guarding health data privacy in Europe: The limits and challenges of current regulations
The GDPR demonstrates the capacity of the European Union to prioritise data protection and privacy. The collection and use of health data by private corporations makes privacy protections critically important. Taken together, the provided policy recommendations here create comprehensive steps forward.
Read more
-
Civil liberties MEPs warn against undermining or circumventing encryption in CSAR
MEPs from the European Parliament’s Civil Liberties committee have thrown down the gauntlet with their amendments to one of the EU’s most controversial proposals: the Child Sexual Abuse Regulation (CSAR). These amendments show a clear majority for fully protecting the integrity of encryption. Content warning: contains discussions of child sexual abuse and child sexual abuse material
Read more
-
Open Letter: Make vulnerability disclosure in the Cyber Resilience Act more secure, not less
The CRA would require organisations to disclose software vulnerabilities to government agencies within 24 hours of exploitation. However, such recently exploited vulnerabilities are unlikely to be mitigated within such a short time, leading to real-time databases of software with unmitigated vulnerabilities in the possession of potentially dozens of government agencies. Read the open letter.
Read more
-
Snowden revelations: ten years on
Ten years ago, the first revelations about US mass surveillance were published in the UK and USA. The revelations swiftly widened to encompass details about the role of the UK’s GCHQ (Government Communications Headquarters) in the global gathering of vast amounts of communications data.
Read more
-
Europol data deals with violent police forces need “strong data protection safeguards”
Proposed data-sharing deals between Europol and five states in Central and South America needs explicit safeguards if they are to uphold fundamental rights, the European Data Protection Supervisor said at the beginning of May. Police forces in those states have brutal records of violence and torture.
Read more
-
Bits of Freedom monthly update on human rights & tech: April 2023
Read through the most interesting developments at the intersection of human rights and technology from the Netherlands. This is the fourth update in this series.
Read more
-
The Belgian government is failing to consider human rights in CSA Regulation
Despite the clear warnings, Belgium has taken a position calling on the EU to adopt the CSA regulation as quickly as possible, dismissing the technical problems, and without addressing the serious legal concerns that have been raised.
Read more
-
Open letter: e-Evidence package lacks appropriate safeguards, EU Parliament must reject it
Civil society, doctors, lawyers and journalists associations and internet service providers are calling on MEPs to reject the so-called “e-Evidence” package during the plenary vote on June 13 because the proposed system of cross-border access to data in criminal matters would severely undermine fundamental rights.
Read more