Workshop on Ethical and Policy Implications of Global Mobility and Security, BRUSSELS
25 & 26 March 2010
Agenda
Press Release
Workshop Presentations and Abstracts
RISE Presentation; Emilio Mordini, Centre for Science, Society and Citizenship
Global Mobility and Security: Ethics and policy of biometrics, Margit Sutrop, University of Tartu, Estonia
Session I - Identity Management: Governance and Policy making
1.Kjetil Rommetveit, (University of Bergen), Introducing Biometrics in the EU
Click here for Presentation
This presentation gives an overview of the policy process, introducing biometrics in the European Union. It outlines four phases of development, each entailing different regimes justifying political, legal and technical coordination: 1) establishing Schengen as a free and open market; 2) the Tampere vision of Freedom, Security and Justice; 3) a logic of securitisation, more prominent in The Hague Programme, and 4) efforts towards a more pragmatic compromise. Such a coexistence of regimes creates a situation of "processes upon processes" and contributes to a highly complex situation in which political vision and technical decision making are not sufficiently coordinated. This also places under question the frequently used metaphor of "balancing freedom and security."
2. John Stienen, (DG Informatics, European e-Government Services (IDABC)), Interoperable Delivery of European e-Government Services: Main Challenges
Click here for Presentation
This presentation discusses European e-government services and outlines several main challenges to governing identity management throughout Europe. It first provides - as an umbrella - an overview of ISA – a new EC-driven programme to support cooperation between European public administrations and to provide common and shared solutions for facilitating interoperability at all levels of European Public Administration. A list of ISA activities and link with other Commission initiatives are outlined, including ISA’s support of the European Interoperability Strategy (EIS). The presentation then discusses e-signature and e-identification (eID) action plans and policies, covering the directives related to the technologies, the benefits, as well as the interoperability issues and hurdles faced by their adoption. An eID study from 2009 is detailed and analysed, followed by a discussion of the STORK pilot project pertaining to e-identification management for 14 participating EU member states.
3. Max Snijder, (CEO, European Biometrics Forum), Biometrics and (e-) Identity
Click here for Presentation
This presentation discusses the use of biometrics technology in establishing identity and suggests several methods by which the efficacy of the dialogue may be increased. After a brief introduction to the history of biometrics, several current uses of the technology are listed. Questions are posed regarding what data should be collected, how best to use that data, and whether anonymity can be maintained and disconnected from actual identity. The functionality and purpose of biometrics in terms of their use in policy making is also discussed. Two use case examples of biometric technology use are presented. The first is Registered Traveler (RT) systems at airports for border control purposes. The second example concerns e-passport systems. Finally, the benefits and risks to implementing biometrics in public administrations are listed and evaluated.
4. Dr. Kai Rannenberg, (Chair of Mobile Business & Multilateral Security, Goethe University Frankfurt, Germany), Identity Assurance: Who gets the assurance? Who carries the risk?
Click here for Presentation
This presentation discusses not only the processes involved in establishing identity but also the benefits and risks to doing so. After outlining a model for establishing identity assurance, the presentation applies the theoretical methodology to an actual use case describing the steps involved in both requesting and providing “identity.” Suggestions are evaluated for how to build trust in the identity process with minimum disclosure, and a design for strong sovereign “assurance tokens” is outlined.
5. Alexander Nouak, (Fraunhofer Institute for Computer Graphics Research (IGD)), Security in Information Technology
Click here for Presentation
This presentation discusses the ethical and policy implications of global mobility and security in information technology. With the increased use of mobile phone devices across public communications networks, significant traces of data are being left behind. According to Directive 2006/24/EC, this data must be stored for a period of time in an effort to prevent crimes. But what happens to that data, and can it be used against you? Dangers do lie in the combination of data that may be accessed, and biometric systems incur the same security issues. The presentation concludes by posing several possible systems level solutions that may be implemented to protect biometric data.
Session II – Fundamental Rights, privacy and security: a multifaceted prism
Special address delivered by Siim Kallas, Vice-President of the European Commission and Transport Commissioner
6. Jean-Michel Baer, (European Commission DG Research, Directorate Science, Economy and Society), Privacy Related Research Issues under the Science in Society Programme
Click here for Presentation
This presentation provides an overview of the privacy-related research issues addressed by the EC’s Science and Society (SIS) Work Programmes since 2007, ensuring a more responsible and open governance of science. The goals of SIS are outlined, and several recent issues/technologies are highlighted in light of the international dialogue and public debate undertaken to identify legal, ethical and social issues involved. The presentation concludes with an outline of the ethical review procedure for all FP7 programme proposals, as well as a list of future privacy-related research needs.
7. Siim Kallas, Vice-President of the European Commission, Transport Commissioner, Aviation Security: Ethics and Privacy Challenges
In his key note speech, Mr Kallas discusses aviation security in terms of the overriding need to protect travellers, but at the same time properly balance the security requirements with other important aspects of travel such as convenience, privacy and the protection of personal data. Since the 11 September 2001 terrorist attacks in New York, several new European standards and new technologies have been put in place to protect citizens. One such controversial technology is the use of body scanners, or “security scanners,” that many argue infringe upon the fundamental privacy rights of the individual. Mr. Kallas presents several EU actions that deserve consideration for uniformly shaping the technologies that get put in place to facilitate aviation security, including implementing security controls in a more targeted manner and facilitating the international cooperation of information services across Member States.
8. Jan Ostoja-Ostoszewski, Member of the Cabinet of Vice-President V. Reding, Commissioner for Justice, Fundamental Rights and Citizenship, Privacy and Data Protection: The new challenges ahead
Jan.Ostoja-Ostaszewski@ec.europa.eu
This presentation discusses data protection and privacy as being top priorities of Commissioner Vivianne Reding and revealed actions being taken to address these issues, including: (1) protecting citizens’ data protection claims processed outside the EU; (2) ensuring that technology developers account for data protection at very early stages of system development; and (3) notifying individuals about privacy breaches. The presentation also highlights new technologies in light of the fundamental privacy rights they may violate, and methods we must consider to safeguard those rights. Mr Ostoja-Ostoszewsky concludes his discussion by outlining The Commission’s plan to implement certain global standards for data protection and to facilitate cooperation with the U.S. in setting up a European terrorist financial tracking program.
9. Peter Hustinx, European Data Protection Supervisor, A Privacy Framework for the Stockholm Programme
peter.hustinx@edps.europa.eu
The multiannual programme for internal affairs of the EU, the Stockholm Programme implemented for the period 2010-2014, works towards an open and secure Europe serving and protecting its citizens. The Stockholm Programme supports a strong data protection regime consistent with the strategy for protection of personal data. In his presentation, Mr. Hustinx discusses the important implications for privacy in the Stockholm Programme’s proposed action plan, which includes: (1) a coherent approach and systematic development and evaluation of policies; (2) protecting citizens’ rights in the information society; (3) a systematic way of analysing and measuring information management systems. To conclude, Mr Hustinx identifies general trends in the Stockholm Programme as they pertain to a privacy framework.
10. Margaritis Schinas, Bureau of European Policy Advisors, Principle Advisor, What Ethics Frame for Surveillance Technologies?
Margaritis.Schinas@ec.europa.eu
This presentation discusses the balance between privacy and security in the European Union, specifically in the context of values and ethics. While no one challenges the notion of a secure society, problems arise when we try to develop policy initiatives that define what it takes to live in a secure society. Mr Schinas cautions about accepting simplistic responses to the ethical implications of security policies in terms of civil liberties, and he stresses the need for multi-dimensional policies to address the many complex issues regarding ethics in security and mobility. Mr. Schinas concludes his presentation by reflecting on the balancing of values between individual rights and the common good, accommodating the diversity amongst the different European states, and striking a balance between the need to exploit technological prospects but guarantee that they are not abused.
11. Dr. Kamlesh Bajaj, (Data Security Council of India), Security and Privacy Challenges in the Unique Identification Project
Click here for Presentation
This presentation provides an overview of India’s Unique Identification Project, a project in which every Indian citizen would have a unique identification number that will establish his/her identify at any time or place. The Unique ID program offers many benefits to its citizens and the Indian government, but also faces many challenges, including India’s population of 1.2 billion and security and privacy concerns. The approach to be used for implementing the project is outlined, as is the use of biometric technology to establish identity. Questions are posed regarding the storage and security of the biometric data, and possible encryption solutions are offered.
12.Julian Jones, (Consumer Representative, BSI Consumer and Public Interest Network), Societal Aspects of Biometrics
Click here for Presentation
This presentation discusses the societal issues that must be considered when integrating biometric technology into commercial applications. The concepts of “privacy” and “identity” are explored, and the use of biometric data in light of adhering to OECD privacy principles is examined. The presentation also lists several design strategies that may be used to include the needs of people with disabilities to prevent them from being exposed to excessively intrusive procedures or excluded from the benefits of global mobility, and concludes with a list of the ISO standards that provide support for societal applications of biometrics in existing and future technologies.
13. Günter Schumacher, (European Commission Joint Research Centre (JRC), Institute for the Protection and Security of the Citizen (IPSC)), Biometrics for Hostile Intention Detection: Technology trends and policy challenges
Click here for Presentation
This presentation discusses the trend of biometric technology from being used to assess and determine identity and well-being to a technology used to detect behavior with the potential and/or intent to cause harm. A comparison is made between traditional and behavioural biometrics, after which several behavioural biometrics-related publicly funded projects are discussed in detail. The ethical concerns introduced as a result of the increasing use of behavioural biometrics cannot be neglected, and several possible remedies are suggested.
Session III – Critical Infrastructure protection: the ethical and policy context
14. Jaak Aaviksoo, Estonian Minister of Defence, Are Democratic States More Vulnerable to Cyberterrorism?
jaak.aaviksoo@kmin.ee
This presentation raises the question of whether or not democratic states – those that implement policies to protect the fundamental human rights of their citizens - are more vulnerable to cyberterrorism than non-democratic states. Mr. Aaviksoo brings up the point that in those states where ID checking is universal and common practice, terrorism as a phenomenon is nearly unknown because the possibility of criminality is greatly reduced. However, the issue of developing secure environments against different threats from cyberspace is not clear cut. Two principle aspects must be taken into consideration: 1) balancing security and civil liberties, and (2) understanding the costs and the acceptable risks. Mr. Aaviksoo also debates the issues regarding to what extent governments should legislate standards and basic critical infrastructure, and concludes with a discussion of why he believes a bottom-up approach is best, where the main responsibilities of protecting our infrastructures must remain with individuals, organisations, service providers, and then the government.
15. Christoph Kautz, (European Commission, DG Enterprise and Industry), Security and Ethics in FP7
Click here for Presentation
This presentation discusses security research and development as guided by the EC’s FP7 Security Research Agenda. A background of security research introduces the topic and illustrates how the FP7 programme evolved from a recommendation made by the Group of Personalities (GOP). An overview of the FP7 Security theme includes a list of the basic features of the programme and its critical mission areas. Several examples of FP7 funded projects are discussed in terms of their contribution to security and ethics. The presentation concludes with an overview of The European Security Research and Innovation Forum (ESRIF) and its objective to develop a strategy for civil security research and innovation.
16. François M. H. Géré, (French Institute for Strategic Analysis), The Difficult Balance Between Secret and Transparency
Click here for Presentation
This presentation explores the concepts and dimensions of privacy, secrecy, and transparency in terms of our current technological and social environment. The rise of terrorism and serious organized crime requires changes to our environment, but the challenges and risks associated with keeping all citizens protected are many. The presentation offers several suggestions to addressing security and privacy concerns, but also notes the difficulties that may be experienced by doing so.
17. Yeruham Leavitt, (Faculty of Health Sciences Ben Gurion University), Democracies restricting democratic rights: some classical sources and implications for ethics of biometrics
Click here for Presentation
This presentation reflects on democracy and biometrics using references to classical and ancient sources. Mr. Leavitt argues that democracy is not an evaluative term, but rather literally means the rule of the people: the rule of ruling some people but excluding others. According to John Locke, the social contract establishes the commonwealth. But Locke excludes various types of people from the commonwealth. Similarly, the democracy of ancient Athens was highly exclusive, where only free adult property-owning Athenian born males could participate in democracy. Mr Leavitt concludes with a discussion of several questions regarding the ethical implications of biometric technology: Why don’t we violate privacy to preserve democracy? Where are the limits to doing so? Why not include an ideology profile with information about people’s likelihood to promote and teach ideas that are dangerous to society, such as terrorism, war, etc?