Message from the Lift

Dear reader,

I’m glad to see that today The Lift welcomed its 100.000th visitor on the site. The Lift has built up an archive of more than 2100 posts divided into more than 70 categories in 15 months, and we’re planning to expand the site even more in the future. Thank you for reading, and don’t hesitate to drop me a line with any question or comment you might have regarding the blog.

EDPS promotes ‘privacy by design’

The European Data Protection Supervisor (EDPS) adopted last week an opinion on “Promoting trust in the information society by fostering data protection and privacy” as an input to the forthcoming European Commission’s new European Digital Agenda. The opinion discusses the measures that could be either undertaken or promoted by the European Union to guarantee individuals’ privacy and data protection rights when making use of information and communication technologies (ICTs).

Although the EU has a strong data protection regulatory framework, in many instances ICTs raise new concerns that are not accounted for within the existing framework. Further action is therefore necessary to strengthen this framework. The EDPS believes that such action requires the need to provide for the principle of “Privacy by Design” whereby ICTs are designed and developed taking into account privacy and data protection requirements from the very inception of the technology and at all stages of its development.

Peter Hustinx, EDPS, says:

“The potential benefits of ICT can only be enjoyed in practice if they are able to generate trust. Such trust will only be secured if ICTs are reliable, secure, under individuals’ control and if the protection of their personal data and privacy is guaranteed. To significantly minimise the risks and to secure users’ willingness to rely on ICTs, it is crucial to integrate, at practical level, data protection and privacy from the very inception of new ICTs. This need for a “Privacy by Design” approach should be reflected in the EU data protection legal framework at different levels of laws and policy making”.

In order to further strengthen the European data protection legal framework, the EDPS calls on the European Commission to follow the following courses of action:

1.Privacy by Design general approach: Privacy by Design needs to be explicitly included as a general binding principle into the existing data protection legal framework. This would compel its implementation by data controllers and ICT designers and manufacturers while offering more legitimacy to enforcement authorities to require its effective application in practice. Privacy by Design should also be fully endorsed by the forthcoming European Digital Agenda and become a binding principle in future EU policies;

2. Privacy by design in particular sectors: in three ICT areas presenting specific risks to privacy and data protection, the EDPS recommends the implementation of Privacy by Design based on the following approach:

  • a) RFID: to propose legislative measures regulating the main issues of RFID usage in case self-regulation does not deliver the expected results (e.g. to provide for the opt-in principle at the point of sale);
  • b) Social networks: to consider legislation that would provide for the need for mandatory privacy by default settings;
  • c) Browser settings and targeted advertising: to consider legislation that would require browsers to be provided with privacy by default settings to facilitate obtaining users’ consent to received advertisement;

3. implementing the accountability principle in the existing Data Protection Directive;.

4. to start the work towards the adoption of the implementing measures of the security breach provisions of the ePrivacy Directive, and extend them to apply generally to all data controllers.

Graham proposes framework for handling terrorism suspects

(The Washington Post) Senator Lindsey O. Graham (R-S.C.) has submitted draft legislation to the White House in an effort to create a broad framework for handling terrorism suspects, mapping out proposals that appeal to the administration and others that do not.

Senior White House officials have begun briefing leading Democrats on Capitol Hill on the Graham proposal.

President Obama opposes some items that Graham has promoted publicly, such as the creation of a national security court to handle detainees, but the White House is urging Democrats to treat the proposal seriously as a way to break the logjam over the closure of the U.S. military prison at Guantanamo Bay, Cuba, and other detainee-related issues.

Certain ideas under discussion appear likely to yield a compromise. One promising area involves creating standard procedures for addressing detainees’ petitions for habeas corpus, which force the government to make its case for continued detention, rather than leaving those decisions up to individual judges. Other matters, particularly rules governing the indefinite detention of terrorism suspects, are more complicated and might not get resolved immediately.

Administration officials said that the talks were preliminary and that they were deciding whether to begin a more formal negotiation with other members of the Senate Judiciary Committee. But as they struggle with major legal dilemmas, such as where to try those accused of carrying out the Sept. 11, 2001, attacks, officials said they are eager to try to reach a bipartisan agreement on detainee policy overall.

White House officials have expressed concern that if they fail to reach a comprehensive agreement, Democratic and Republican members of Congress will block funding for closing Guantanamo and civilian terrorism trials. At the same time, a senior Obama aide said the president is seeking a “coherent and durable” framework for handling terrorism suspects, a polarizing issue that has confounded his top advisers as they have struggled to relocate detainees and shut the prison.

EFF urges Supreme Court to protect text-message privacy

The Electronic Frontier Foundation (EFF) urged the United States Supreme Court to ensure that modern communications methods such as text messages retain the constitutional privacy protections applied to earlier technologies.

In an amicus brief in City of Ontario v. Quon, EFF sided with a public employee who was allowed personal use of his work pager but then discovered that his employer had secretly obtained his communication records from his wireless provider. The U.S. Court of Appeals for the 9th Circuit ruled that the city violated the Fourth Amendment, and the Supreme Court granted the city’s request to review that ruling.

“The Constitution fully safeguards the privacy of electronic communications sent over employer-provided equipment,” said EFF Civil Liberties Director Jennifer Granick. “Text messages, like phone calls or letters, are protected from warrantless law enforcement surveillance, even if sent from the workplace or through an outside service provider.”

This case comes to the Supreme Court as Americans are adopting smart phones in record numbers, making texting and on-the-fly emailing a part of everyday life for millions of people. Most employers allow and encourage some use of workplace equipment for personal communications, instead of forcing employees to carry around multiple devices. In its amicus brief, EFF urged the court not to disturb longstanding Fourth Amendment protections against warrantless law enforcement access to these electronic communications.

“The privacy questions in this case turn on the application of settled legal principles in new technological contexts,” said Andrew Pincus of Mayer Brown LLP and the Yale Supreme Court Clinic, who worked with EFF on the amicus brief. “The court should proceed cautiously, in order to preserve constitutional protections for Americans’ most private communications.”

“People are moving away from postal mail and landline phones to electronic and mobile communications, both at home and at the workplace,” added EFF’s Granick. “We should not be forced to leave our privacy behind.”

EFF was joined on this brief by the America Civil Liberties Union (ACLU), the Center for Democracy and Technology (CDT), and Public Citizen.

Detainee abused at Guantánamo ordered freed

(Miami Herald) A federal judge on Monday ordered the Pentagon to release a long-held Mauritanian captive at Guantánamo Bay who was once considered such a high-value detainee that former Secretary of Defense Donald Rumsfeld designated him for “special interrogation techniques.”

U.S. District Judge James Robertson’s ruling was classified, so there was no immediate explanation for why he granted the habeas corpus petition of Mohamedou Slahi, 39.

Slahi is the 34th Guantánamo detainee ordered freed since the U.S. Supreme Court ruled detainees could challenge their incarceration in federal court, but his name was already well known because of investigations into detainee abuse.

Those probes found Slahi had been subjected to sleep deprivation, exposed to extremes of heat and cold, moved around the base blindfolded, and at one point taken into the bay on a boat and threatened with death. Investigators also found interrogators had told him they would arrest his mother and have her jailed as the only female detainee at Guantánamo if he did not cooperate.

The interrogations were so abusive a highly regarded Pentagon lawyer, Marine Lt. Col. Stuart Couch, quit the case five years ago rather than prosecute him at the Bush administration’s first effort to stage military commissions.

“He’s been incarcerated, tortured and interrogated and rendered illegally,” said attorney Nancy Hollander of Albuquerque, N.M., who represents Slahi free of charge. “After almost 10 years the government has not been able to meet the minimal burden to detain him that’s required under habeas. He should be free.”

According to both Pentagon and Senate investigations, Defense Secretary Rumsfeld gave permission for Slahi to be subjected to so-called “special interrogation plans” in August 2003, a year after Slahi had arrived at Guantánamo.