Let me be honest with you: talking about data protection in the law enforcement community is sometimes still difficult. Since taking over the position of Executive Director in May 2018, I have travelled extensively across Europe. I have spoken to countless law enforcement representatives in order to understand what their precise needs are. I wanted to know their views on how we at Europol can provide them with even better support. Some of these conversations have rather quickly revolved around issues that have a very close link to data protection.
I have enjoyed these discussions as I consider myself a ‘data protection believer’. Some might argue that in this sense I represent a minority in the law enforcement community – whether this is true or not does not even matter: I am used to representing minorities and proud to do so!
The concerns I have listened to across the continent are valid and deserve proper reflection. For instance, many online investigators feel that their work has become almost impossible ever since more and more forms of online communication are by default end-to-end encrypted. Furthermore, the internet offers anonymous marketplaces on the Darknet, which are used by criminals to trade all sorts of illegal commodities. This often leaves us with little or no chance to tackle issues such as the sexual exploitation of children but also the investigation of other forms of serious crime and terrorism, which nowadays often have an online communication component.
Another challenge for law enforcement is the difference between the various data retention regimes at national level. We are confronted with a situation in which we often have to prioritise our crime analysis based on the shortage of retention periods in a given Member State rather than on operational and crime connected consideration points.
I fully understand the need for encryption technologies in our digital information age and the many circumstances in which the legitimate use is essential, for instance for those individuals who have to survive in oppressive regimes. However, law enforcement agencies also need the tools to investigate serious crime and terrorism. Access to retained data, based on an EU legal framework respecting our fundamental rights including the right to data protection, would be essential in this context.
Having a legal background myself, I am convinced that as European law enforcement we do not advocate general or indiscriminate data retention. In fact, we are committed to identifying practical ways in order to meet the criteria established by the European Court of Justice is we can ensure a proportionate approach.
Last November I had the pleasure of hosting a conference here at Europol addressing the intense public debate about the right balance between freedom and security. This discussion often follows an “either/or logic” along the lines of “You can never have it all!” However, at Europol meanwhile, we are trying to move away from the traditional “balancing” tune.
Any notion of balancing “freedom versus security” wrongfully implies a unitary dial: if we turn up our freedoms, we get less security, and if we turn down freedom, we get more security. Freedom and security are viewed as a zero-sum trade-off.
There is no doubt that there is a relationship between freedom and security: A change to one will sometimes affect the other. But often it is also possible to increase security without decreasing our freedoms, and sometimes a decrease in privacy leads to no meaningful increase in security.
The message I would like to give to you today is: at Europol we work hard to do our job in the right way. We are determined to make Europe a safer place, and full compliance with fundamental rights in Europol’s activities is a part of this safer Europe.
I wish you all a happy Data Protection Day!