Security and privacy not mutually exclusive says Europe’s privacy regulator
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
April 29, 2015
Security and privacy are not mutually exclusive says Europe’s privacy watchdog Giovanni Buttarelli.
He added that people should stop saying they are when they're not. Buttarelli was speaking at a Brussels conference.
He is concerned that “the objective of cyber-security may be misused to justify measures which weaken the protection of data protection rights.”
“Overall, cyber security must not become an excuse for disproportionate processing of personal data.”
“Let's not forget that when the European Court of Justice (ECJ) last year found the Data Retention Directive to be invalid, one of the main reasons was concern about the inadequacy of the data security provisions in the directive,” he continued.
And although some commentators interpreted the ECJ ruling to mean that data must be stored within national borders, Buttarelli disagreed.
“Physical location isn't the determining factor in internet security. Rather, it is a degree of control, of accountability and responsibility which data controllers demonstrate when processing personal information.”
“They must take full responsibility for all the measures they implement, regardless of the technology they use. Responsibility must not vanish in the clouds,” said the newly appointed regulator.
Negotiations on new data protection regulations are currently underway and Buttarelli says that accountability should not be sacrificed in the inevitable compromise that is bound to happen.
“One tool for greatly reinforcing the accountability process is the introduction of a general data breach notification obligation, which will force controllers to take the necessary organizational and procedural measures,” he said.
Source: The European Court of Justice.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!