The aim of this conference is to explore the practical implementation of EU data protection rules within the law enforcement sector and highlight some of the challenges that data protection experts face in light of developments in policing, society as a whole, and a rapidly changing criminal environment.
The conference will bring together internationally renowned practitioners from law enforcement and security authorities with privacy experts, academics and representatives from private industry and civil society.
Who should attend?
Law enforcement officials, data protection officers, members of Europol's Data Protection Experts Network (EDEN), data protection professional in the private and public sector, lawyers and other advisers in the area of data protection and compliance, academics.
- Predictive policing: policy and technical measures to respect fundamental rights
- The retention of telecommunication data – EU policy state of play and effect on criminal investigations
- The use of open sources in investigations in the digital space
- Data protection by design: Passenger Name Record (PNR)-data and how to build a compliant mass-surveillance system
- The globalization of criminal evidence: The CLOUD Act and eEvidence and their effects on private business and data protection obligations
- Cooperation with third state authorities in the law enforcement sector: what are the limits?
- Panel 1: A take on predictive policing
- Panel 2: Behind the scenes: The journey of the Danish National Police towards a data-driven police force.
- Panel 3: Building a mass surveillance system – the case of PNR
- Panel 4: Retention of telecommunication data
- Panel 5: Q & A with The Ethical Hacker – What is the price of privacy?
- Panel 6: Using open sources while investigating in the digital space
- Panel 7: Privacy challenges in cross-border sharing of e-evidence
- Panel 8: Law enforcement cooperation with third states
- Closed session – Law enforcement only
Thursday, 19 SEPTEMBER 2019
08:00 - Arrival and registration of participants
Panel 1 (09:30): A take on predictive policing
“Knowledge forbidden? Suspicious, reasonless. [...] Can it be a sin to know? Can it be death?”
Prediction is a core part of policing: where should law enforcement resources be deployed to deter future crime? Where is a fugitive/suspect likely to be apprehended? Who is a potential next victim in need of protection? At the same time, there is justifiable concern over just how far to take prediction when backed by sophisticated computer analytics – when do you go too far in effectively trying and condemning an individual based only on a computer-calculated probability that a crime will be committed?
In this panel, we discuss the nuances of prediction in policing and the policy and technical measures that can help us respect fundamental rights.
Panel 2 (11:00): Behind the scenes: The journey of the Danish National Police towards a data-driven police force
“Our torments also may in length of time Become our Elements.”
How does an organisation implement a data-driven approach?
This presentation will focus on the challenges to governance and organisation when pushing a traditionally analogue institution into the digital data-driven age.
Panel 3 (11:30): Building a mass surveillance system – the case of PNR
“Ah, why should all mankind for one man’s fault, be condemned, if guiltless?”
Since the entry into force of the EU PNR Directive in May 2018, EU law enforcement authorities have collected personal data of more than 350 million flight passengers. This information is i.a. used to identify “unknowns” – criminals, who are not yet known to law enforcement – using profiling and rules-based targeting. Critics claim that this “mass surveillance” of mostly innocent citizens violates the fundamental right to privacy.
In this debate, we explore what is arguably the most advanced example of big data analytics designed to meet the highest standards of data protection.
Panel 4 (13:15): Retention of telecommunication data
After having been on the agenda for more than a decade, the utility and lawfulness of retained telecommunications data is still being debated in court rooms and legislatures across Europe. Some argue that this is creating a mosaic of different national practices, hindering the transnational prevention and investigations of serious crime and terrorism. For others, this mosaic reflects a state of play where EU citizens cannot rely on their fundamental rights being equally protected in all EU member states.
In this panel, we will discuss the state of play and way forward. We explore how criminal investigations have been affected in Germany, which has severely restricted the use of communications data by the police.
14:30 - Networking coffee break
Panel 5 (14:45): Q & A with The Ethical Hacker – What is the price of privacy?
"For so I created them free and free they must remain."
Panel 6 (15:15): Using open sources while investigating in the digital space
"What is dark within me, illumine."
A stolen bike sold on Ebay – may the police save information about sellers and buyers? What about all public information on Ebay? Or what about a database of hacked Gmail-accounts which has been published on the so-called Dark Web? In this panel, we will discuss real life examples of the use of open sources in digital investigations. To what extent does data protection legislation apply to information which is already public? How can organisations like law enforcement tackle the technical obstacles of using open source information and work with large data sets?
16:30 - Closing of day one and social event
Friday, 20 September 2019
Panel 7 (08:30): Privacy challenges in cross-border sharing of e-evidence
"Solitude sometimes is best society."
The globalisation of criminal evidence is creating significant challenges for law enforcement. Traditional cross-border mechanisms such as Mutual Legal Assistance Treaties are too slow and not suited to the type of evidence requested. Recently, the US and the EU Commission responded with legislation which will equip law enforcement authorities with the powers to gather data outside their territories.
This panel explores the conflicts of laws that might arise when police seek to obtain data subject to foreign jurisdictions. Specific emphasis will be placed on the consequences for private companies caught between competing jurisdictions of national data protection regulation blocking disclosure of data and legal mandates compelling them to provide personal information to foreign law enforcement authorities.
Transnational crime requires transnational cooperation between law enforcement authorities both inside and outside the territory of the EU. While EU law enforcement authorities receive personal data from partners outside the EU, they are reluctant to share data with those partners. EU data protection legislation requires either an EU Commission adequacy decision or that partners guarantee essential data protection standards. However, the EU Commission has not passed any adequacy decision that includes law enforcement yet. How does this legal void affect long-standing law enforcement working relationships with essential partners in the fight against transnational crime and terrorism? How can law enforcement ensure transnational cooperation going forward?
11:00 - Closing session
Closed session (12:00) – Law enforcement only
- Everyday challenges in the life of a law enforcement DPO: workshop on the practical implementation of the Law Enforcement Directive
- Data protection by design – the ADEP-project
- Pro-active auditing of data processing in interoperable information systems
Courtney Bowman, Privacy and Civil Liberties Specialist, Palantir Technologies, Palo Alto
Tjabbe Bos, Policy Officer, Cybercrime Unit, DG Migration and Home Affairs, European Commission, Brussels
Daniel Drewer, Data Protection Officer, Europol, The Hague
Ralph Echemendia, “The Ethical Hacker”, Los Angeles
Nico van Ejik, Professor of Media and Telecommunications Law and Director of the Institute for Information Law, University of Amsterdam
Jan Ellermann, Senior Specialist, Data Protection Office, Europol, The Hague
fukami, Senior Security Consultant, Chaos Computer Club, Brussels
Stefano Fantin, Researcher, Catholic University Leuven
John Grant, Privacy and Civil Liberties Engineer, Palantir Technologies, Palo Alto
Peter Kimpian, Data Protection Unit, Council of Europe, Strasbourg
Hiroshi Miyashita, Associate Professor of Law, Chuo University, Tokyo
Nora Ni Loidean, Lecturer in Law and Director of the Information Law and Policy Centre, Institute of Advanced Legal Studies, University of London
Cornelia Riehle, Deputy Head of Section, European Criminal Law, ERA, Trier
Jana Ringwald, Public Prosecutor, Cybercrime Center, Frankfurt am Main Prosecutor General’s Office, Gießen
Sophie in't Veld**, MEP, Brussels/Strasbourg
Christian Wiese Svanberg, Data Protection Officer, Danish National Police, Copenhagen
*additional speakers will be added