On 19-20 May, Europol in cooperation with the European Institute of Public Administration organised a conference on privacy in the digital age of encryption and anonymity online.
The conference saw participation from different organisations, public and private, such as the European Data Protection Supervisor, the Europol Joint Supervisory Body, the EU Agency for Network and Information Security -ENISA, Eurojust, Amnesty International, the EastWest Institute and many others from a broad range of professional backgrounds, representing private industry, academia, privacy advocates and law enforcement.
In several high-level discussion panels and workshops lively discussions took place on the polarizing challenges around privacy versus security online, and the need to protect citizens’ privacy while giving law enforcement the means to investigate crime. There was general consensus that the availability and use of encryption and anonymity technologies is not only important and legitimate in many circumstances but essential to a secure and safe cyberspace.
One of the main themes at the conference was the dichotomy that encryption and anonymity online presents for law enforcement in terms of supporting strong encryption and opposing any technical solution that would weaken security in cyberspace for everyone, and the criminal abuse of these technologies, which seriously impedes on law enforcement’s ability to protect citizens from criminal and extremist behaviour, and to bring those responsible to justice.
As highlighted by Europol’s Director Mr Wainwright, the challenges for law enforcement are very real and lead to a loss of investigative opportunities as a result of the growing misuse of legitimate anonymity and encryption services and tools for illegal purposes. For law enforcement, therefore, the key aspect is to define the modalities of lawful access, within well-defined and regulated boundaries, while fully respecting fundamental rights.
Echoing the need for well-defined and regulated boundaries, ENISA's Executive Director Mr Helmbrecht advised: “Do not weaken encryption on purpose; do not inhibit the use of tools for data protection and privacy: promote secure IT. Rushed legislation is often inadequate legislation, we need to give time to discuss and invest into R&D”
The event provided a unique opportunity to have an open, inclusive and transparent debate among different viewholders towards finding a way to strike the right balance between freedom and security online.
At the end of the conference, Mr Helmbrecht and Mr Wainwright issued a joint statement describing the challenges and proposing possible avenues of solutions for lawful criminal investigations that respect 21st century data protection.
Europol is the EU's law enforcement agency, assisting national authorities by exchanging information, intelligence analyses and threats assessments. The agency deals with terrorism and international crime such as cybercrime, drug smuggling and people trafficking. Europol, which has over 1 000 staff members, has its headquarters in The Hague in the Netherlands.
ENISA is a centre of expertise for cyber security in Europe. ENISA’s mission is to contribute to securing Europe’s information society by raising “awareness of network and information security and to develop and promote a culture, of network and information security in society for the benefit of citizens, consumers, enterprises and public sector organizations in the Union.
Tel. +30 2814409576