130 likes | 268 Views
“I have a gun so I have the right to shoot!”. Nataša Pirc Musar Information Commissioner, Republic of Slovenia. Rome, 15-16 April, 2008. Modern Digital Technologies. Legislative Framework (always lags ages behind the IT) Law of the Net (Global Agreement)
E N D
“I have a gun so I have the right to shoot!” Nataša Pirc Musar Information Commissioner, Republic of Slovenia Rome, 15-16 April, 2008
Modern Digital Technologies • Legislative Framework (always lags ages behind the IT) • Law of the Net (Global Agreement) • “We might not be able to stop you from doing bad things, but if we catch you, there will be consequences” • If we…, regarding data protection, strong inspection tools are needed • A lot of media support, quality prevention, awareness campaigns
NO Entrance DPA DPA DPA
How to fight • Law Enforcement • To be effective it also has to be preventive • Shout loud when we (DPAs) find breaches of the law, especially when the violations are hard
Employer v. Employee How to strike the right balance? • Internet • E mail • Telephones • GPS • RFID • CCTV • Microsoft Software (heart beat)
YES, WHY NOT, let’s do it all • It is scary all this is actually possible… • BUT… Are we allowed to use modern technology just because we have it at hand??? • Privacy at work – YES (ownership of the medium for communication is not relevant) • Rights of the employers – YES • Proportionality – definitely YES
Telephone Traffic Data • Facts: • Diplomatic mail was secretly given to the media • Ministry wants to catch a bad guy • Let’s check all the telephone calls - data base with 110.000 calls (in house telephone system) • - No need to contact the operator • Who out of 700 employees was calling the media
Supervision • Confiscation of the CD with the data • Misdemeanor procedure (penalty possible) Why was this action of the ministry unlawful: • Traffic telephone data has double constitutional protection – Information and Communication Privacy • Control of billing of the services – allowed – not thecasehere • The document was not classified as secret
All employees are potential offenders • Even if legally admissible the action must be limited to a narrow circle of persons and the “prosecutor” must not include as suspects the entire population of all the employees (SlovenianSupremeCourt). • How to preservethe evidence ofpotentialcrime? • The law in no way transfers the powers and tasks of law enforcement to the state bodies and organisations holding public powers (or privateemployers)
Danger Ground When illegal intervention in the communication privacy happens this causes violation of constitutional right on both sides, namely on the side of the person who calls and who is being called. In that context the existence of unavoidable damage (so called collateral damage) might only be acceptable when it is caused to the accidental participant of legitimate intervention into the constitutional right to privacy of correspondence and other means of communication.
…AND CONCLUSIONS Call police Do not collect evidence on your own when a criminal offence is in question! Protect the documents which are not meant to be public Tracebility rule can than be used, less suspects
Going back to internet… German Constitutional Court has set strict limits to the law enforcement authorities (especially to the secret services) with regard to secret supervision of the computers. They are only in extreme cases when concrete threat to life or state exists, allowed to supervise the computers in possession of individuals with special programmes (types of Trojan horses). Collection of data in advance ‘to have in stock’ and from randomly chosen individuals should thus not happen.
“I have a gun so I have the right to shoot!” Thank you for the attention The article…