Digital Security Governance and Accountability in Europe

Date: Wednesday, 27 March 2013, 18:00 – 20:00
Venue: Leiden University Campus – The Hague

The seminar “Digital Security Governance and Accountability in Europe: Ethical Dilemmas in Terrorism Risk Management” builds on a similar research project, which is currently being undertaken by ICCT Research Fellow Dr. Quirine Eijkman. Dr. Eijkman opened the seminar outlining the topical and timely relevance of the topic. She highlighted that states rely increasingly on innovative communication and information technologies in order to govern security and safety risk. As such, new technical tools are expected to anticipate and counter threats such as those stemming from terrorism and cyber-crime more effectively and efficiently. This has resulted in the prevalence of new practices, for example data mining, profiling by public and/or private authorities and the sharing of personal, financial or travel data. Yet the side-effects of these developments have received less attention. Henceforth this seminar focussed on some ethical dilemmas and accountability for digital security governance.

Dr. Rene von Schomberg (European Commission, participating in private capacity) discussed the ethical dilemma between security technology and privacy. He stressed that in order to understand this dilemma, fundamental questions need to be addressed. For example, it is imperative to take the definition of human security, which was introduced at the UN level, into account; this definition relates to our basic shared values such as freedom, democracy and life without fear. Building on this definition, von Schomberg stressed, we should not use security measures that curtail our fundamental liberties because we could easily lose the values which we try to defend. We thus have to make transparent what type of level of security protection we wish to  have, and this cannot be defined by legal experts or state-policy without fundamental public consent. All subsequent dilemmas arise from the assumed protection level we wish to ensure, such as when is the introduction of a new security measure proportional to a threat? In attempting to define and quantify such fundamental issues, it becomes clear that there are no one-size-fits all answers. Even within Europe, a particular security measure may comply with all necessity, proportionality and privacy requirements in one EU member state, but may be unconstitutional or illegal in another. Using examples, Dr. von Schomberg argued that we should not disregard the most fundamental questions when introducing new technologies for the sake of security. On the contrary, ethical considerations should not be seen as a barrier, but as a deciding factor in the realm of digital security governance. Public debate is central in this endeavour.

Klaas Bruin (KLM Royal Dutch airlines) shed light on the topic from the perspective of a private company. Safety and security are among the most important aspects of the airline industry. On top of this, businesses such as KLM aim to use technology and data to make the experience of travellers as enjoyable and expedient as possible. However, there are a number of tensions which place airline companies in a difficult situation. For one, governments may require airlines to collect and provide data that passengers do not willingly share with private companies. While details such as passport numbers are willingly provided when applying for visas, individuals are more reluctant to disclose other private digital personal data  when booking flights. A further dilemma arises when the laws of one country or jurisdiction conflict with obligations required from airlines by third states, for example with respect to sending Advanced Passenger Information. Balancing security and privacy as well as legal obligations and passenger trust has become a delicate task for airline companies with ever-increasing technological tools and legal obligations. While technology has certainly helped prevent illegal immigration, one easily loses sight of the goal of preventing terrorism in such a complex labyrinth of competing legal requirements, business objectives and privacy issues.

The last panellist, Henny Bakker (Financial Intelligence Unit, The Netherlands) addressed avenues of tracking and stopping terrorist activities through financial means through the involvement of the banking sector. There are many reasons why such a pursuit is not easy. For one, banks have to stay updated with a myriad of existing sanction lists, which are maintained by different governments and organisations. The information on such lists is often incomplete or too general, resulting in many more ‘false positives’ than potential leads. In order to place individuals or groups on such lists, risk profiles have to be created, which is a difficult and frequently discriminatory task. In addition to these obstacles, banks also have their own commitments, which may conflict with their tasks of tracking or freezing terrorist finances. Overall, Mr. Bakker showed the practical difficulty of tracing and preventing financing related to terrorist activity and the complexities surrounding terrorist finance tracking programmes.

The question-and-answer session particularly emphasised the different dilemmas in digital security governance and risk management. There was no consensus whether the ever-increasing reliance on information and communication technology and technological tools in Europe have enhanced security or safety in Europe.

Agenda

17:45 – 18:00: Doors open
18:00 – 18:05: Word of welcome by Dr. Quirine Eijkman (ICCT Research Fellow)
18:05 – 18:25: Dr. Rene von Schomberg (European Commission; participating in  personal capacity): “Technology and Security Governance: The Ethical Dilemmas”
18:25 – 18:45: Klaas Bruin (KLM Royal Dutch Airlines): “Sharing Travelers’ Data: Accountability and Private Companies”
18:45 – 19:05: Henny Bakker (Financial Intelligence Unit, The Netherlands): “The Pursuit of Terrorism Financing”
19:05 – 19:30: Q&A Session
19:30 – 20:00: Drinks Reception