Estonian President: EU citizens should trust the state on data rights
24.01.13 @ 09:04
BRUSSELS - Estonia's President told data protection experts in Brussels on Wednesday (23 January) that the state is the only "fundamental guarantor of a citizen's digital life."
Toomas Hendrik Ilves, who also chairs a steering group that advises the European Commission on cloud computing, said the state has to step in where the market has failed to protect people's online data.
"We need to be much less concerned today about the state being the bad guy. It's not gone away, but that's not the big problem," said Ilves at a panel on cyber security moderated by Dutch Liberal MEP Sophie In't Veld.
For their part, other panellists noted that state sanctioned digital espionage is on the rise.
Professor Bart Jacobs, a cyber security expert at the Radboud University Nijmegen in the Netherlands, said that Chinese hackers last summer broke into EU Council chief Herman Van Rompuy's email account.
The Chinese deny the attack.
But as well as accusing Beijing, Jacobs claimed the information was used to speculate on the market and to make a lot of money.
"Mr Van Rompuy, whose email server was hacked this summer, I even heard that the information from this server which was of high value at the time was subsequently used to speculate on the market and make a lot of money," said Jacobs.
He said that while the Chinese are probably the biggest culprits in digital espionage, they are not alone. Countries in the West are also implicated.
In some cases, the debates are shifting towards allowing the police, for instance in the Netherlands, to hack into people's computers even if they live outside the country, for the sake of criminal investigations.
"It's really far reaching," said Jacobs.
EU states want IT companies to hand over data
Meanwhile, a transparency report released by Internet giant Google the same day said EU governments are making a record number of demands to obtain data on its citizens.
Requests for Google users' browsing history, email communications, documents and IP have jumped by 100 percent since the Internet company started publishing the transparency reports three years ago.
Some 7,254 requests were made on 9,240 users in the EU between July and December 2012, averaging over 1,200 requests a month.
UK-based NGO Privacy International (PI) said the figures represent over a third of all requests made by governments worldwide during the same period.
Google refused to comply with over 50 percent of all requests from Italy, France, Spain and Germany because their demands were disproportionate in scope, unlawful or submitted incorrectly, said the NGO.
The company also fulfilled just 17 percent of user data requests from the Polish government.
"Governments must stop treating the user data held by corporations as a treasure trove of information they can mine whenever they please, with little or no judicial authorisation," said PI’s head of international advocacy, Carly Nyst, in a statement.
Google said the requests primarily involve criminal investigations.
It added that a single request is sometimes made for several types of data and that in some cases they notify the user in advance that a government police agency wants to pry into their accounts.
But with companies often hushing-up data breaches for the sake of their reputations, the EU is keen for more transparency on who can be trusted to protect consumer's rights.
The European Commission plans to issue later this month a new cyber security policy that will require companies like Google, Facebook and Microsoft to disclose if hackers break into their systems and to face sanctions if they were at fault.