Read news from:
Austria
SHARE
COPY LINK

INTERNET

A new basic right for IT privacy

Monika Griefahn and Jörg Tauss, members of parliament for Germany’s Social Democratic Party (SPD), welcome the Constitutional Court’s ruling restricting online surveillance by government authorities.

Published: 28 February 2008 16:42 CET

The Federal Constitutional Court has ruled that plans for online surveillance in North Rhine-Westphalia are unconstitutional. In doing so, the Constitutional Court has vindicated the SPD’s parliamentary group’s criticism of Interior Minister Wolfgang Schäuble.

Schäuble’s plans raised considerable legal and technical concerns about infringing on privacy protection for both private persons and data. That’s why we demanded putting off the decision to authorize this covert investigation method in federal police investigations until the court made its decision.

But above all, the Constitutional Court has confirmed for the first time that there is a basic right protecting the confidentiality and integrity of information technology systems.

This new basic right joins other protected liberties, in particular the confidentiality of telecommunications, the inviolability of the home, as well as the right to control personal information, so long as these don’t offer enough protection on their own. This new basic right is of fundamental importance to media policy and it must now be determined which consequences there are beyond that of the impact on online surveillance.

The Court has also declared that in light of this newly-formulated basic right ensuring the confidentiality and integrity of IT systems, online investigations will only be allowed in very few cases in order to prevent serious crimes. Infringing on this basic right will only be possible with the strictest legal safeguards.

Moreover, any online surveillance must still ensure that private matters are kept confidential of private matters and, if possible, any limits on investigations and admissibility of evidence must be given precedence. Any use of this controversial investigation method requires a court order. This legal safeguard will help maintain the balance between liberty and public safety.

As far as the implementation of the Constitutional Court’s ruling goes, the guiding principle must remain thoroughness before speed. Overly hasty decisions are neither necessary nor appropriate.

The guidelines set out by the judges must now be carefully evaluated in the context of this new basic right protecting the confidentially and integrity of data. The BKA bill put forth by Interior Minister Wolfgang Schäuble will need to be amended accordingly.

Overall, the media and data protection experts of the SPD parliamentary group believe the Constitutional Court’s ruling vindicates their position on online surveillance. We will continue to demand the technical aspects and implications – especially the constitutionality – of this covert investigation method be properly clarified and ensure the usage of such methods adheres to constitutional requirements.

Monika Griefahn is the spokesperson for the SPD’s parliamentary committee for media and culture issues and Jörg Tauss is the spokesperson for the party’s parliamentary committee for education and research issues. Translation by The Local.

TECH

Cookie fight: Austrian activist in tough online privacy fight

Five years after Europe enacted sweeping data protection legislation, prominent online privacy activist Max Schrems says he still has a lot of work to do as tech giants keep dodging the rules.

Published: 16 May 2023 16:52 CEST
Cookie fight: Austrian activist in tough online privacy fight

The 35-year-old Austrian lawyer and his Vienna-based privacy campaign group NOYB (None Of Your Business) is currently handling no fewer than 800 complaints in various jurisdictions on behalf of internet users.

“For an average citizen, it’s almost impossible right now to enforce your rights”, Schrems told AFP. “For us as an organisation, it’s already a lot of work to do that” given the system’s complexity due to the regulators’ varying requirements, he added.

The 2018 General Data Protection Regulation (GDPR) imposes strict rules on how companies can use and store personal data, with the threat of huge fines for firms breaching them.

While hundreds of millions of euros in fines have been imposed following complaints filed by NOYB, Schrems said the GDPR is hardly ever enforced. And that’s a “big problem”, he added.

He said the disregard for fundamental rights such as data privacy is almost comparable to “a dictatorship”. “The difference between reality and the law is just momentous,” Schrems
added.

‘Annoying’ cookies

Instead of tackling the problems raised by the GDPR, companies resort to “window dressing” while framing the rules as an “annoying law” full of “crazy cookie banners”, according to Schrems.

Under the regulation, companies have been obliged to seek user consent to install “cookies” enabling browsers to save information about a user’s online habits to serve up highly targeted ads.

Industry data suggests only three percent of internet users actually approve of cookies, but more than 90 percent are pressured to consent due to a “deceptive design” which mostly features “accept” buttons.

Stymied by the absence of a simple “yes or no” option and overwhelmed by a deluge of pop-ups, users get so fed up that they simply give up, Schrems said. Contrary to the law’s intent, the burden is being “shifted to the individual consumer, who should figure it out”.

Even though society now realises the importance of the right to have private information be forgotten or removed from the internet, real control over personal data is still far-off, the activist said. But NOYB has been helping those who want to take back control by launching
privacy rights campaigns that led companies to adopt “reject” buttons.

 Shift of business model 

Regulators have imposed big penalties on companies that violated GDPR rules: Facebook owner Meta, whose European headquarters are in Dublin, was hit with fines totalling 390 million euros ($424 million) in January.

One reason why tech giants like Google or Meta as well as smaller companies choose against playing by the GDPR rules is because circumventing them pays off, Schrems said.

Thriving on the use of private data, tech behemoths make “10 to 20 times more money by violating the law, even if they get slapped with the maximum fine”, he added.

Contacted by AFP, both companies said they were working hard to make sure their practices complied with the regulations.

Schrems also accuses national regulators of either being indifferent or lacking the resources to seriously investigate complaints. “It’s a race to the bottom,” Schrems said. “Each country has its own way of not getting anything done”.

Buoyed by his past legal victories, Schrems looks to what he calls the “bold” EU Court of Justice to bring about change as it “usually is a beacon of hope in all of this”.

Meanwhile, the European Commission is considering a procedures regulation to underpin and clarify the GDPR.

In the long-run, however, the situation will only improve once large companies “fundamentally shift their business models”. But that would require companies to stop being “as crazy profitable as they are right now,” Schrems said.

SHOW COMMENTS