The collection, sharing and projection of data
ADVANCES in technology mean people now generate much more personal data. There is also a greater appetite for that data -- the basic raw material in the fight crime and terrorism -- in today's globalised world. However, there is also greater sensitivity about how that data used within the paradigm of justice, freedom and security.
This aspect of our lives has come under serious scrutiny within the European Union and also to some extent in India and Pakistan. Bangladesh, subject to strict emergency provisions for more than a year, has discussed the principles of Right to Information but has not proceeded to the next stage of engagement. The EU on the other hand has developed data protection rules designed to balance respect for citizens' right to privacy with protecting their security.
Recently, Jonathan Faull, Director-General for Justice, Freedom and Security, European Commission has correctly pointed out that thanks to new technology, we live in a world where data is generated every time we switch on a computer, use our credit card or mobile phone. It may be noted in this context that in the EU, because of the 'Schengen' agreement, which provides borderless travel across many EU Member States, information is shared as an integral part of common management of borders and visas. As a result of all this, there is a great deal more data available than in the past.
In an era of globalisation, such a measure has been agreed upon because data in not only a fundamental factor in law enforcement but also plays an active part in the prevention of international crime and terrorism. This means that the appetite for such information is increasing with every passing day.
However, there is also great sensitivity about data protection: While agreeing that personal data can be collected, we are sensitive about how and why it is used and for how long. To deal with these concerns, the EU has introduced a sophisticated and interesting system of data protection regulations.
Data protection rules have been introduced under different "pillars" of the EU Treaty: the first (European Community laws) has a 'mother law' on data protection, which has been transposed into national legislation, supported by an EU-wide data protection agency. This system has worked well for more than a decade. Other initiatives have been taken under the third pillar on police and judicial cooperation in criminal matters. The Council of Europe also has a Convention on Data Protection.
This is a complex process. It is also challenging. European citizens are consequently faced with the conundrum of both data protection and security. Like other citizens all over the world, including terrorist prone states in South Asia, Europeans want to be protected from international terrorism, but do not want their data made freely available. Consequently, the EU has to balance making data exchange work on the one hand and also, on the other, protect its citizens and regulate how much data EU member states should share among themselves, and with foreign partners.
Accordingly, domestic and international arrangements have been put in place to ensure that European countries only share information needed for the fight against crime, and that this is only kept for a specified time. This has, however, raised some tricky questions. That includes the significant issue of whether telephone company records of phone calls should be destroyed immediately after use, or whether there are legitimate reasons for keeping them -- and what counts as legitimate? Such a possibility requires hard decisions. It will also need negotiating the details, and striking a balance between protecting the individual's fundamental right to privacy and the public interest of allowing law enforcement agencies to do their job. This has already led to the identification of a set of common principles across EU Member States, with laws adapted to the national context.
I am writing this week on this sensitive subject because of the great interest being taken in Bangladesh as well as in India, Pakistan, Sri Lanka and Nepal with regard to efforts directed towards countering terrorism. We have recently had very high level visits to Bangladesh of senior officials from Great Britain as well as from the USA. Their discussions in our country have underlined the need for Bangladeshi authorities to be more careful in monitoring internal developments. It has also been suggested that both the USA and the UK are willing to extend all possible assistance in this regard. I can understand the anxiety of these development partners. However, I would like to under line that we should, in addition to the USA and also the UK, also try to ascertain and study how the authorities in the European Union are handling this critical issue.
At present the system for data protection is in a state of flux within the European Union. Next year will see a new European Parliament, a new Commission and a new Treaty, assuming it completes the ratification process successfully. The Lisbon Treaty abolished the pillar system and introduced changes in data protection. I double, however, whether the new regime will be "very different" from the current one (EC Directive 95 on Data Protection), considering that it works well.
The Council will probably discuss an additional 'third pillar framework' decision on the matter and suggest one change under the new Treaty. In such a changed circumstance, the European Parliament will have a new role as a fully-fledged actor in data protection. It should herald a more accountable, transparent and effective system. It is also anticipated that under this revised arrangement, data would be sent outside the EU to receiving countries only if they have similar systems to protect it when such data arrives on the other side.
The EU is also considering and negotiating other forms of legislation pertaining to data protection rules. This includes arrangements with North America and Australia on Passenger Name Records (i.e. retaining flight lists). The European Commission, in addition, is drawing up proposals on the visa information system, which will provide for an automated processing system for Schengen visas and could provide a "window" for others to access this, under strictly limited circumstances.
South Asian countries should also try to evolve their own system that can be appropriate in the meeting of their needs. Consensus and dialogue could be the basis for formulation of common rules. For example, this could start with the storing of information related to the biometric identifiers in passports. Modern technology could be used to gather information, which could then be made available on request to enforcement authorities to prevent international or regional crime.
The focal point for such a common exercise should be the SAARC Secretariat and its Secretary General. We need to view this process with urgency and as a constructive engagement. All members of SAARC should extend necessary cooperation in this regard. The SAARC Secretariat on its part, could also engage with the European Commission and other important Observers within SAARC, and seek not only additional resources and technological cooperation from them, but also request them to support such an effort. This, I am confident, will ensure success.
Comments