Article 21.01.2015 5 min. read Text Image "All indications are that the attack on the editorial offices of satirical magazine Charlie Hebdo will provide a pretext for the introduction of further limits on our civil liberties - a new order the victims of which are unlikely to be terrorists … Independent analyses confirm that data inflation and the growing use of algorithms in intelligence work do not improve the effectiveness of threat detection. Analyses of 225 cases of persons who have been convicted or killed in connection with terrorist activity shows that mass surveillance tools were used in only four cases. In several high-profile cases, these tools have evidently failed. … We have a right to a thorough justification for measures that will limit our rights and freedoms. In a democratic debate, we must demand evidence of their effectiveness." All indications are that the attack on the editorial offices of satirical magazine Charlie Hebdo will provide a pretext for the introduction of further limits on our civil liberties - a new order, the victims of which are unlikely to be terrorists. It took only two days for European Union leaders to take advantage of these tragic events and launch a new push for controversial notions on data collection. This time it relates to a European system to integrate airline passenger data, the so called PNR (Passenger Name Records). How will traveler profiling protect us from assassins who live next door to us and operate locally? European Commission President Jean-Claude Juncker and European Council President Donald Tusk don’t deal with such details. In their quest for a rapid response, they reach for well-known means: more powers for police and the intelligence services. Is it really the case that the European Union, with rather mediocre results after more than a decade testing this approach, cannot muster a more thoughtful response? The idea of creating a European system of the collection and sharing of PNR data is not new. Discussions on a draft of such a law has long been discussed in Brussels. Up to now, however, the European Parliament resisted the arguments put forward by the European Commission and intelligence services, who would gladly accept such an extension of their powers. Last year, European Parliament deputies [MEPs] blocked the draft directive due to the disproportionality of its proposed solutions. There are many indications that now, under the pressure of public opinion, the Parliament will cave in and European Union leaders will dress up an old anti-terrorism policy in new clothes. Strikingly similar dynamics accompanied the adoption of the so-called Data Retention Directive - forcing telecommunications operators to collect and store data on citizen telecommunications. Substantive debate on its merits was cut short right after the terrorist attacks on Madrid and London. The directive, adopted in 2006, was last year nullified by the European Court of Justice, as it was deemed inconsistent with the European Charter of Fundamental Rights. The legislative process has thus come full circle. Nonetheless, this political experiment came at a real cost, both in economic and social terms. It still burdens operators and citizens of those countries (including Poland) that continue to require the retention of telecommunications data. A tool once adopted is very difficult to withdraw. A European PNR system would gather all data from reservation engines: the names of people traveling (including information about whether they are traveling together), their departure point and destination, their meal choices (which could suggest their religions), the language the reservation is made in, contact details (including telephone numbers and e-mail addresses), the credit card numbers used and details on their holders, information on related reservations(hotel rooms, etc.), notes on telephone conversations (if any) and metadata, such as the IP address used at the time of booking. For good measure, the European Commission proposes to store this data for a length of time that is unprecedented - five years. If the preventive collection of telecommunication data didn’t protect us from subsequent terrorist attacks, why does the E.U. want another mega database, this time on airline passengers? According to Juncker and Tusk, the European PNR system would help identify E.U. citizens who participate in the fighting in Iraq and Syria. Thus, they uncritically assume that this category of citizens constitutes the greatest threat to our security. Even if that were true, the experience of recent years shows that the creation of additional haystacks doesn't facilitate the location of lost needles. Trying to predict terrorist intentions from the profiles of travelers resembles the divination of tea leaves. If I travel frequently from London to the Middle East, have roots in a Muslim country, order a Halal meal and don't pay for my ticket myself – should that automatically make me suspect? According to American and British intelligence, which have been using PNR data for years, the answer is likely to be yes. As a result, every year there are an ever-larger number of people who, upon crossing a border, are discriminated against due to their ethnic origin or declared religion. Human rights activists, academics, journalists and even children are treated as potential terrorists – detained, interrogated, searched – due to a “suspicious” profile. What do we get in return? Independent analyses – including a report from the New America Foundation – confirm that data inflation and the growing use of algorithms in intelligence work do not improve the effectiveness of threat detection. Analyses of 225 cases of persons who have been convicted or killed in connection with terrorist activity shows that mass surveillance tools (such as the analysis of telecommunication or PNR data) were used in only four cases. In several high-profile cases, these tools have evidently failed. Anders Breivik went undetected by the intelligence services despite the fact that on the Internet he did nothing to conceal his radical views, and the Tsarnaev brothers, responsible for the Boston Marathon bombing, disappeared from the police database due to a spelling error. On the other hand, we know from the documents disclosed by Edward Snowden that the targets of surveillance are often political leaders, lawmakers, negotiators and diplomats. Perhaps that's because they are easy to track. We have a right to know what the policy objectives are behind enhanced cooperation among European intelligence agencies and the creation of new surveillance tools. We have a right to a thorough justification for measures that will limit our rights and freedoms. In a democratic debate, we must demand evidence of their effectiveness. If the rationality of proposed legislation is in doubt, we retain the instinct of self-preservation. That requires us to oppose the plans of politicians that, instead of combating the roots of extremism, reinforce stereotypes and provide an easy pretext for discrimination. Katarzyna Szymielewicz Translated by Halszka Czarnocka The arcticle was originally published in Gazeta Wyborcza, January 15, 2015 (in Polish), then translated and published on WorldMeets.us, January 21, 2015. Fundacja Panoptykon Author Topic mass surveillance personal data databases Previous Next See also Article Activists v. Poland. European Court of Human Rights hearing on uncontrolled surveillance On 27 September the hearing was held at the European Court of Human Rights, following the application against Poland lodged by activists from Poland’s Panoptykon Foundation and Helsinki Foundation for Human Rights, joined by a human rights attorney. The group alleges that the state violated their… 04.11.2022 Text Article Polish Senate calls Pegasus illegal and demands scrutiny over secret services The Senate of Poland concluded its investigation on the use of Pegasus by Polish secret services to spy on ia. opposition politicians and unapologetic public persons. They declared that Pegasus should be considered illegal in Poland and the secret services should be put under strict and independent… 12.09.2023 Text Article Panoptykon files complaints against Google and IAB Europe On the International Data Protection Day, 28 January 2019, Panoptykon Foundation filed complaints against Google and IAB Europe under the General Data Protection Regulation (GDPR) to the Polish Data Protection Authority (DPA). The complaints are related to the functioning of online behavioural… 28.01.2019 Text