CPDP2013 Panels at Grande Halle
8.45 The Cloud Loophole (And How To Close It)
hosted by Caspar Bowden (Independent Privacy Advocate) & Judith Rauhofer (University of Edinburgh)
panel Judith Sargentini, Member of the European Parliament – Green (NL), Vera Pozzato, EDPS (EU), Speaker from the European Commission, Speaker from a DPA, Speaker from the US
Data Protection policymakers have no clear rules for transfer of data to non-EU Cloud computing providers, citing the potential of “accountability” and “privacy-by-design” as reasons why each case must be decided ad-hoc. Some have suggested Binding Corporate Rules as a suitable paradigm, but can “audit” or technical measures that, in practice, allow the almost unlimited transfer of data to non-EU countries give any assurance against lawful but secret “Cloud-veillance” by a foreign state? And just how much awareness do EU cloud customers (both individuals and companies) have of this when they upload their personal data to the Cloud?
Because of this real and pressing risk to human rights and democracy, should Cloud data be eligible for any of the legal bases for transfer outside the EEA, unless purely political mass-surveillance in pursuit of foreign state interests can be averted? The panel will discuss technical and political developments in large-scale network surveillance, the evolution of the concepts underlying the legal structures envisaged for Cloud transfers, and the real impact on privacy rights and sovereignty over European data.
10.15 Coffeee break
10.30 Cloud, Trust and Privacy: Towards The InterCloud
co-organised by the EU FP7 project TCLOUDS and CPDP
hosted by Roland A. Burger (Innova SPA) & Marit Hansen (Unabhaengiges Landeszentrum fuer Datenschutz Schleswig-Holstein)
panel Aleardo Furlani, International Association of SMEs, Birgitta Jónsdóttir, Member of the Parliament, Icelandic Modern Media Initiative (Iceland), Chris Hopfensberger, Business Software Alliance (US), Guo Liang, China Internet Project (US) and Chinese Academy of Social Sciences (CASS) (CH), Eva Salzmann, IBM (FR)
The panel will focus on the intersections between Cloud computing (and especially the new paradigm of Cloud of Clouds) and Trust and Privacy.
The state-of-the-art cloud computing enables seamless access to services and global availability of information, but inherent risks severely limit the application of this technology. The benefits of increased storage at reduced cost allow information to be made readily available. However, the current cloud computing model comes with perceived risks concerning resilience and privacy. There are three fundamental trends in ICT whose risks mutually reinforce each other: (i) the push towards an Internet of Services – most services are provided on the web as a platform; (ii) cost pressures drive a migration of ICT into so-called Infrastructure clouds; (iii) growing importance of ICT as the critical “nervous system” for socially relevant “smart” infrastructures – such as healthcare, energy, environmental monitoring, or mobility.
Protecting data and services in the cloud is important to governments, organizations and enterprises across all industries, including healthcare, energy utilities, and banking. Thus, the perceived security and dependability risks of cloud computing are limiting its application.
The TClouds project targets cloud computing security and minimization of the widespread concerns about the security of personal data by putting its focus on privacy protection in cross-border infrastructures and on ensuring resilience against failures and attacks.
11.45 Data Protection in Latin America
co-organised by the Council of Europe and CPDP
hosted by Sophie Kwasny (CoE) & Artemi Rallo Lombarte (Universidad Jaume I)
panel Sigrid Arzt, Federal Institute for access to information and data protection of Mexico (IFAI) (MX), Danilo Doneda, Department of Consumer Protection and Defense of the Ministry of Justice (BR), Alejandro Bermúdez Durana, Office of the Superintendent for Industry and Commerce of Columbia (COL), Felipe Rotondo, Personal Data Control and Regulatory Unit of Uruguay (URU).
The right to data protection has been increasingly regulated and specifically protected in Latin America over the past years and whether it is constitutionally upheld or not, articulation with the legal traditions (in particular habeas data) is being witnessed at national or sectoral level. This panel will explore:
- the evolution of the right to data protection and its impact on Latin America: new legislation and institutional developments, as well as reasons for the legislative lacuna in some countries;
- the challenges faced in Latin America in the context of data protection : what are the main features of data protection in the region as well as the main obstacles to this right;
- the role of the Ibero-American network of data protection in the development of data protection in Latin America and reference models in the emergence of national data protection legislations;
- the influence of the European Union’s framework as leitmotiv of the South American Development of the right to data protection;
- the influence of Convention 108 of the Council of Europe on the current developments of data protection in Latin America.
14.00 The Proposed Data Protection Regulation: Key Challenges
hosted by Marie-Hélène Boulanger (DG Justice, EC) and Paul De Hert (VUB-Tilburg University)
panel Gerrit Hornung, Universität Passau (DE), Jean Gonié, Microsoft (BE), Mario Oetheimer, FRA (EU), Christopher Wolf, Future of Privacy Forum (US)
In January 2012, the European Commission released the proposal for the reform of the European Data Protection Directive: whilst the principles and many key definitions have been retained, the proposal also contains significant changes. The balance in many key relationships has been changed – there is an increased focus on the fundamental rights of the citizen – there has been a move away from bureaucracy to a more ‘accountability’ based approach and a number of novel systems and features have been introduced to deal with the changing nature of data and data processing. One year on from its initial publication, this panel will evaluate the reaction to this proposal and consider its future.
One year on from its initial publication, this panel will evaluate the reaction to this proposal and consider its future.
15.00 Coffee break
15.30 The Proposed Data Protection Directive: Key Challenges
co-organised by Max Planck Institute for Foreign and International Criminal Law and CPDP
hosted by Els De Busser (MPICC) & Guy Stessens (Council)
panel Franziska Böhm, University Münster (DE), Daniel Drewer, Europol (EU), Caroline Goemans-Dorny, Interpol (UK) [tbc], Christopher Kuner, Centre for European Legal Studies of the University of Cambridge (UK)
The panel will join representatives from law enforcement with representatives from the academic and the private sector. The discussion will focus on the key issues that law enforcement agencies are confronted with when it comes to data protection in criminal matters and to what extent the proposed EU data protection directive is or is not providing in solutions.
16.45 Public Perception(s) of Privacy and Security
co-organised by EU FP7 projects PRISMS and PACT, and CPDP
hosted by Anthony Amicelle (PRIO & CESDIP) & Jason H. Pridmore (Zuyd University)
panel Alessandro Acquisti, Carnegie Mellon University (US), Daniel Trottier, Uppsala Universitet (SW), Kristof Verfaillie, Vrije Universiteit Brussel (BE)
Privacy’s significance in the eyes of the public is often debated, and sometimes contested. This panel will focus on the following issues:
- How can the perception of privacy by society be assessed?
- How can the relationship between privacy and security be grasped?
- And what can (or should) be done with any of such assessments?
18.00 Concluding Notes
Peter HUSTINX, European Data Protection Supervisor, EDPS (EU)
18.30 Cocktail introduced by Luciano Floridi (University of Hertfordshire and University of Oxford) and offered by Digital Enlightenment Forum
CPDP2013 Panels at Petite Halle
8.45 Emerging Challenges Of Information Security And Privacy
co-organised by LSEC and CPDP
hosted by Ulrich Seldeslachts (LSEC)
10.15 Coffee break
10.30 ‘Internet Freedom, Copyright and Privacy’: Philosophers of Law Meet Philosophers of Technology
FULLDAY SESSION Friday JANUARY 25th 2013 (10:30 – 17:00)
LIMITED PARTICIPATION !
co-organised by Leiden University and CPDP
hosted by Mireille Hildebrandt (Radboud University Nijmegen-VUB) & Bibi van den Berg (Leiden University)
panel Julie E. Cohen, Georgetown University Law Center (US), Kenneth Einar Himmar, Seattle Pacific University (US), David Koepsell, Delft University of Technology (NL), Luciano Floridi, University of Hertfordshire and University of Oxford (UK), Gary T. Marx, Massachussets Institute of Technology (US)
In this seminar we will investigate the effect(s) of the architectural choices made to construct, sustain and expand the Internet on the shape, breadth and content of Internet freedom. More specifically, we hope to gain insight into the ways in which architectural choices lead to (im)possibilities into the protection of, and/or expansion of copyright, privacy and data protection. For legal philosophers this seminar offers a unique opportunity to come to a more refined understanding of the relevance of architectural choices as fundamental determinants of both legal problems and their possible solutions. For philosophers of technology this seminar offers a unique opportunity to come to a more refined understanding of the legal-philosophical intricacies of the current debate on Internet freedom.
Previous Reading Panels have resulted in: Law, Human Agency and Autonomic Computing (Routledge 2011) and Privacy, Due Process and the Computational Turn (Routledge forthcoming), see
14.00 ‘Internet Freedom, Copyright and Privacy’: Philosophers of Law Meet Philosophers of Technology
continuation of the morning session
15.15 Coffee break
15.30 ‘Internet Freedom, Copyright and Privacy’: Philosophers of Law Meet Philosophers of Technology (till 18.00)
continuation of the morning session
CPDP2013 Workshops at La Cave
10.15 Lab Workshop: Can Smart Surveillance Systems Enhance Privacy?
co-organised by EU FP7 project ADDPRIV and CPDP
hosted by Daniel Neyland (Goldsmith University of London) and Dara Hallinan (Fraunhofer ISI)
panel Gemma Galdon Clavell, University of Barcelona (ES) [tbc], Achim Klabunde, EDPS (BE), Clive Norris, University of Sheffield (UK) [tbc], Charles Raab, University of Edinburgh (UK) [tbc]
Privacy Enhancing Technologies (PETs) and Privacy by Design (PbD) initiatives have been heralded as a way forward for addressing privacy concerns raised by the introduction of security camera surveillance systems. This workshop will focus on the development of one particular ‘smart’ surveillance system which attempts to:
- (i) use algorithms to narrowly focus operatives’ attention to only those incidents pre-designated as ‘suspicious’;
- (ii) delete footage that is not connected to an incident;
- (iii) provide a sophisticated access management system to limit access to any data that is stored.
The workshop will feature a demonstration of the technology in order to foster discussion of questions such as:
- Can algorithms limit the extent of intrusive surveillance?
- Can suspicious activities be successfully tracked by algorithms?
- Does deletion provide a solution to privacy concerns?
- Can technologies (such as access management systems) guarantee privacy or are technologies always open to other uses?
11.45 Introducing Drones in The EU Civilian Airspace
co-organised by EMSOC and CPDP
hosted by Mathias Vermeulen (EUI-VUB)
panel Geoffrey Delcroix, CNIL (FR), Jean-Pierre Lentz, European Commission (BE), Margot Kaminski, Yale University (US), Jorrit Rijpma, Leiden University (NL)
The use of unmanned aerial vehicles, commonly known as drones, has been widely discussed in the context of the fight against terrorism, but there has been little debate yet about their use in a civilian setting. Drones can be used for a wide variety of civilian applications that range from terrain cartography to goods transport and from disaster assistance to the monitoring of borders. Questions that this panel will address are the following:
- What are the potential privacy implications that come along with the use of drones in the EU’s civilian airspace?
- What are the limits to their use?
- Which safeguards need to be put in place in order to avoid privacy and/or data protection violations?
- What can we learn from the US experience so far of introducing drones in civilian airspace?
14.00 Cyberwar and the Changing Nature of Warfare
co-organised by VU University Amsterdam and CPDP
hosted by Wouter Werner (VU University Amsterdam) & Lianne Boer (VU University Amsterdam)
panel Lianne Boer, VU University Amsterdam (NL), Paul Ducheine, Dutch Royal Army, and Faculty of Military Sciences, Dutch Defense Academy (NL), Arno Lodder, VU University Amsterdam (NL), Stephen Neff, University of Edinburgh (UK), Ronald Prins, CEO at FOX-IT (NL)
This panel focuses on cyberwar as one of the drivers for the changing nature of war. Cyber attacks affect the hallmarks of war as set out by Stephen Neff in his ‘War and the Law of Nations’: they blur the distinction between war and peace; conflict is neither necessarily violent nor taking place between communities; enemies are oftentimes unknown and fervent debates on the application of the current jus ad bellum have been taking place for ten years at least. This panel seeks to assess the impact of these debates on the (legal) concept of war, including questions regarding the use of force, armed attacks and legitimate military targets. Furthermore, it aims to challenge mainstream focus on death and destruction as determinative of a cyber attack’s qualification as falling under article 2(4) of the Charter or not.
15.15 Coffee break
15.30 Academic Papers Session (till 18.00)
hosted by Ronald Leenes (Tilburg University)
Session 3: Big data and surveillance • Papers
- Data mining and Its Paradoxical Relationship to the Purpose Limitation Principle, Liane Colonna (Stockholm University, SWE)
- Big Data: The End of Privacy or a New Beginning? Ira Rubinstein (New York University, US)
- Surveillance of Communications Data and Article 8 of the European Convention of Human Rights, Nora Ni Loideain (University of Cambridge, UK)
Session 4: The right to be forgotten • Papers
- Stage ahoy! Deconstruction of the “drunken pirate” case in the light of impression management, Paulan Korenhof (Tilburg University, NL)
- The EU, the US and the Right to be Forgotten, Paul Bernal (University of East Anglia, UK)
- Forgetting, Non-Forgetting and Quasi-Forgetting in Social Networking: Canadian Policy and Corporate Practice, Colin Bennett, Christopher Parsons and Adam Molnar (University of Victoria, CA)
CPDP2013 side events third day
20.00 Privacy Party (till 02.00) at BOZAR, entrance at Rue Terarken, 1000 Brussels