GDPR, safe harbour and terrorism.

By | Thursday November 19th, 2015

Cyber intelligence is probably one of the important weapons against terrorism.

GDPR is a barrier against the freedom of intrusion of a wide variety of powers in the personal life of common people.

These two statements are strictly connected: that’s why one of the most heard statements in these dark days is “less privacy for more security”.

Looking more in depth at the variety of powers mentioned above, we find governmental intelligence agencies first, followed by anti-crime organizations but the list doesn’t stop here: terrorism supporting organizations are at work as well with cybercrime. Finally there is the business either to self protect or to expand its reach.

A lot of different powers, some good, some bad, some grey. Are we able to distinguish? Are we able to keep a different approach towards each of them, or the security push is going to crush every defence, including, perhaps, also the GDPR?

This the first issue but not the only one.

The GDPR approval process is happening while:

  • the safe harbour agreement is cancelled making transatlantic relations more difficult
  • the cloud strategy is entering its main course with its potentially uncontrolled data export implications,
  • Russia approves a privacy bill that imposes to keep Russian citizens’ data inside Russian borders, and
  • US re-states that data stored on a server owned by an US Company are under US legislation regardless where the server is located.

Free information movement across borders is one of the cornerstones of the internet era and for a long time we have been used to reading stories about social media helping people movements against dictatorships.

Now it seems that Governments are realizing that information is really a relevant piece of their power and that they are starting to look at the noble data protection right in a new way: as a useful tool to control somehow the cross border information flow or, otherwise, as a constraint to the possibility to benefit from such a flow.

It’s really difficult to foresee the end of this story and probably it is also useless. What is really crucial is the awareness that our discussion on GDPR is not just a technical issue for a small group of professionals but a key issue which our future of citizens, not only of professionals, will be built on.

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook
Category: Open Forum Tags: , , , , , ,

About Sergio Fumagalli

Vice President Zeropiu Spa, system integrator specialized in digital identity and data security with operations in Italy and in the Nordics. After serving as MP in the Italian Parliament, I started a professional collaboration with the Data Protection Italian Authority and a professional activity on these topics. Co-author of “Privacy guida agli adempimenti”, IPSOA, 2004, 2005 a book on compliance to the Italian Law. Since 2008 member of the Oracle Community for Security - http://c4s.clusit.it/views/Homepage.html - and since 2014 member of the board of Clusit a leader association on IT Security in Italy Between 2004 and 2012 member of the board of Webank Spa, the online banc of the Banca Popolare di Milano group.

One thought on “GDPR, safe harbour and terrorism.

Leave a Reply