0:00:00.000,0:00:18.879
<i> 36C3 preroll music</i>

0:00:18.879,0:00:25.802
Herald: Next is Bijan. Bijan. Bijan, I [br]pronounce this. Pretty persian. Yeah. He's

0:00:25.802,0:00:32.730
an attorney, ein Rechtsanwalt it is called in[br]deutsch, and he works for the Gesellschaft

0:00:32.730,0:00:37.971
für Freiheitsrechte in Berlin. If I'm[br]right. Good. Give them a welcome.

0:00:37.971,0:00:42.369
applause, please. It's early in the[br]morning. We're going to kick back here.

0:00:42.369,0:00:46.459
<i>applause</i>

0:00:46.459,0:00:51.390
Bijan: Early in the morning, only at the[br]Congress you can call 12:30 early in the

0:00:51.390,0:00:57.460
morning, but it is. And, um, well, if[br]you've ever sat on a plane and wondered

0:00:57.460,0:01:02.350
what the person three rows behind you is[br]eating, whether they flying alone, whether

0:01:02.350,0:01:07.050
they have checked in their luggage or only[br]hand luggage and what visa they were using

0:01:07.050,0:01:12.510
when they were buying their plane ticket,[br]then you're probably a police officer or

0:01:12.510,0:01:16.909
should join the national police of any EU[br]member state, because that is exactly what

0:01:16.909,0:01:21.673
the national polices in Germany and[br]Austria and other Europeans member states,

0:01:21.673,0:01:25.689
Europe, member states of the European[br]Union, can do. Thanks to the PNR

0:01:25.689,0:01:30.479
directive, which is the topic of today's[br]talk. And we are going to talk and explain

0:01:30.479,0:01:35.719
to you what the PNR directive and the laws[br]transposing it into national law are all

0:01:35.719,0:01:40.889
about, why this is problematic and what we[br]can do and what we are actually doing

0:01:40.889,0:01:46.780
against it in order to stop it. And Walter[br]will start off with a few infos.

0:01:46.780,0:01:53.299
Walter: Yeah. Hello. So firstly, I would[br]like to introduce into Epicenter Works,

0:01:53.299,0:01:58.915
because we have already a history on[br]bringing down data retention laws. So

0:01:58.915,0:02:03.959
probably you know us from our fight[br]against data retention in Europe when we

0:02:03.959,0:02:08.429
still were called "AKA Vorrat Österreich".[br]I am working for Epicenter Works on a

0:02:08.429,0:02:14.610
voluntary basis. And I would like to[br]mention my colleague Angelika Adensamer

0:02:14.610,0:02:19.800
who did the main work on this for[br]Epicenter Works. But she cannot be at

0:02:19.800,0:02:31.130
Congress this year. So, flight data. It is[br]said, I've heard that at any given point

0:02:31.130,0:02:38.554
in time, one million people are on a plane[br]in the skies flying around the globe. As

0:02:38.554,0:02:47.379
you can see here. And today, although in[br]times of resource exhaustion, we should

0:02:47.379,0:02:52.959
talk about that anyway. I am convinced[br]today we are talking about the data

0:02:52.959,0:03:00.371
protection issue about it. A big one. And[br]we are talking about passenger name

0:03:00.371,0:03:07.560
records. So what is a passenger name[br]record, anyway? A passenger name record,

0:03:07.560,0:03:19.360
as you can see here, is a data set[br]compiled of 19 different data fields. So

0:03:19.360,0:03:26.000
you can get about up to 60 different data[br]points on one single passenger on one

0:03:26.000,0:03:31.549
single flight. So, for instance, you have[br]data in there like the first and second

0:03:31.549,0:03:40.109
name, address, but also other things,[br]metadata. More important things, like the

0:03:40.109,0:03:47.340
means of payment you made, the point in[br]time when you booked the flight and things

0:03:47.340,0:03:54.280
like that. And as a specific problem about[br]it is that there is also a free text field

0:03:54.280,0:04:02.170
so airline employees can enter data there[br]and which we cannot control. And

0:04:02.170,0:04:11.739
altogether we have a quite big data set of[br]each passenger on each flight. So this is

0:04:11.739,0:04:19.921
common in the airline industry. But in[br]2016, the PNR directive came about. So

0:04:19.921,0:04:26.385
what is the PNR directive? It is a piece[br]of European legislation , which was

0:04:26.385,0:04:35.080
enacted in April 2016. And when we have[br]European legislation, it's important to

0:04:35.080,0:04:41.980
mention that it doesn't come out of the[br]blue out of Brussels, but it is enacted

0:04:41.980,0:04:49.563
together with from the commission, the[br]European Parliament and the council. And

0:04:49.563,0:04:56.070
the council are the governments of our[br]member states. So we have to keep in mind

0:04:56.070,0:05:03.024
that member states governments, have a[br]big say when things like this are enacted.

0:05:03.024,0:05:10.756
And it is a directive. And that means that[br]every single member state has to transpose

0:05:10.756,0:05:16.980
the content of the directive into its[br]national law. And this had to be done

0:05:16.980,0:05:24.824
until the 25th May of 2018. This was the[br]the tenth transposition deadline. And for

0:05:24.824,0:05:32.661
instance, Austria and Germany made laws to[br]transpose that into their national law. So

0:05:32.661,0:05:43.590
what had they to enact? They had to enact[br]laws prescribing that all airlines have to

0:05:43.590,0:05:51.986
transfer data of all passengers, all[br]passenger name records of every flight,

0:05:51.986,0:05:59.100
and they have to be pushed to a national[br]police database. So unlike the telecom

0:05:59.100,0:06:06.290
data retention I already mentioned, the[br]data is not kept where it where where it

0:06:06.290,0:06:11.380
is created. But it has to be pushed from[br]the private sector, from the airlines, to

0:06:11.380,0:06:21.060
police database, databases. And the data[br]retention directive prescribes that every

0:06:21.060,0:06:26.788
flight leaving or entering the European[br]Union must be covered by that. But in

0:06:26.788,0:06:32.649
addition, every single member state also[br]covered flights within the EU. So you have

0:06:32.649,0:06:37.880
we have the full take now. Flights within[br]the EU as well as flights leaving or

0:06:37.880,0:06:46.060
entering the EU. And every single record[br]of every single passenger of every single

0:06:46.060,0:06:55.410
flight is in a police database and will be[br]compared with existing databases, for

0:06:55.410,0:07:02.573
instance, of known criminals or of stolen[br]passports and the like. And they try to

0:07:02.573,0:07:10.560
find matches there. And what they are also[br]going to do is matching with predetermined

0:07:10.560,0:07:16.245
criteria. So they will come up with flight[br]patterns of known perpetrators, for

0:07:16.245,0:07:22.350
instance, when they booked a flight and so[br]on. They will algorithmically try to find

0:07:22.350,0:07:29.550
patterns there, and then they will compare[br]your flight passenger name records with

0:07:29.550,0:07:34.470
that data. And if you have a similar[br]behavior, than a previous perpetrator,

0:07:34.470,0:07:42.348
previous criminal, for instance, then[br]you're already under suspicion. And this

0:07:42.348,0:07:47.880
data in these databases are stored for[br]five years and can be further used by

0:07:47.880,0:07:54.460
different law enforcement agencies. So[br]that data is not only compared and then

0:07:54.460,0:08:00.560
deleted again. The storage time is five[br]years and they do something called

0:08:00.560,0:08:08.040
depersonalization about six months after[br]the data was created. But this is not in

0:08:08.040,0:08:13.480
any way an anonymisation, but they just[br]remove some data and it can easily be

0:08:13.480,0:08:20.530
identified again. So the person the data[br]belongs to can easily be identified for

0:08:20.530,0:08:27.495
the whole period of five years. So you[br]probably asked yourself already: First, is

0:08:27.495,0:08:33.958
this effective? Well, this runs already[br]since last year, so we have some data.

0:08:33.958,0:08:43.714
First, I will present to you the data from[br]Austria. In Austria, we found out that

0:08:43.714,0:08:52.220
already until the 30th of September, 2019,[br]almost 24 passenger name records where

0:08:52.220,0:08:59.450
forwarded to the passenger name unit at[br]the Bundeskriminalamt and

0:08:59.450,0:09:06.640
11 900 000 thousand different people[br]were subject to that. And of these, almost

0:09:06.640,0:09:13.005
24 000 000 passenger name records, the[br]algorithms that checking against databases

0:09:13.005,0:09:21.210
already brought up 190 000[br]matches. So every single match,

0:09:21.210,0:09:27.639
every single output the algorithm has,[br]must be checked by a human employee. So we

0:09:27.639,0:09:34.430
have sitting there people who have to[br]check. Even this is not even the data of a

0:09:34.430,0:09:41.580
year. And they have to check[br]190 000 matches and only 280

0:09:41.580,0:09:47.340
of them are actual hits. So if a person[br]checks what the algorithm outputs there,

0:09:47.340,0:09:55.540
then only in 0.15% of the cases[br]the policewoman or policeman

0:09:55.540,0:10:01.610
come to their conclusion: This is actually[br]relevant for us. And if you do the math,

0:10:01.610,0:10:09.731
this means that only 0.001% percent of all[br]that 24 million passenger name data, your

0:10:09.731,0:10:15.810
data which is checked, actually leads to a[br]hit. And we don't even know how many

0:10:15.810,0:10:23.120
actual false positives remain in these[br]220. This is only what the police will

0:10:23.120,0:10:29.980
inspect afterwards. So we have no numbers[br]or results if they had actual

0:10:29.980,0:10:36.840
investigative results on that. But what we[br]can say is that there are 21 employees,

0:10:36.840,0:10:42.070
qualified employees, working in the[br]passenger name, Passenger Information Unit,

0:10:42.070,0:10:48.880
and this costs almost 2 million euros per[br]year and only for checking that data in

0:10:48.880,0:10:55.050
the small country of Austria. And Bijan[br]now will present to you the data in German.

0:10:55.050,0:10:59.285
Bijan: The number, the data of the big[br]neighbor, because you said small country

0:10:59.285,0:11:05.610
Austria. In Germany the numbers are[br]surprisingly similar. We also had - have

0:11:05.610,0:11:11.341
numbers up until mid of August 2019, and[br]we have had almost 32 million passenger

0:11:11.341,0:11:16.980
name records checked, which generated[br]automatic results of matches of about

0:11:16.980,0:11:24.290
240 000, which then were checked by 40[br]police officers and there remained only

0:11:24.290,0:11:32.910
910 actual hits. So the fail rate was[br]99.6% and 0.003% all PNRs checked led to

0:11:32.910,0:11:38.090
actual hits. And even of that number, just[br]as in Austria, we are not sure how many

0:11:38.090,0:11:43.170
false positives remain. We know that there[br]were considerably a considerable amount of

0:11:43.170,0:11:47.670
false positives. We estimate them to be in[br]the hundreds. But the law enforcement did

0:11:47.670,0:11:52.650
not specify what actually, how many[br]supposed positives remained, even among

0:11:52.650,0:11:59.202
the 910. And one of the results we know is[br]that it led to 57 arrests. We don't know

0:11:59.202,0:12:03.000
for which crimes. We don't know whether[br]these people actually committed a crime,

0:12:03.000,0:12:08.190
whether they were suspected for crime,[br]whether they were just on a watch list.

0:12:08.190,0:12:15.220
But 57 arrests, assuming this is these[br]were legitimate, this means that 0.0002%

0:12:15.220,0:12:21.430
of all PNRs checked led to an arrest. And[br]if you try to to transpose this to other

0:12:21.430,0:12:28.150
situations in life, you could go to a to a[br]market, to to some, uh, to some festival

0:12:28.150,0:12:32.490
or what not, and just ask randomly people,[br]and you would probably have with a similar

0:12:32.490,0:12:36.990
probability, an arrest in the end at the[br]end of the day. So if this holds that this

0:12:36.990,0:12:41.735
whole PNR processing holds is this[br]effectiveness is the standard that we are

0:12:41.735,0:12:49.611
happy with, then you can easily take this[br]to all other sorts of walks of life. And

0:12:49.611,0:12:55.650
this is true, in our opinion, a big[br]problem, because it will lead to a digital

0:12:55.650,0:13:00.766
surveillance state, which is has come[br]quite near with these new tools that the

0:13:00.766,0:13:07.510
PNR directive provide. What we've now just[br]shown are the the automatic is the checks

0:13:07.510,0:13:12.246
against databases. That was the one thing[br]that the PNR directive provides for. The

0:13:12.246,0:13:17.070
other one is the checking against[br]predetermined criteria. And this is where

0:13:17.070,0:13:23.010
the voodoo kind of starts, because the[br]idea that you can merely from the data

0:13:23.010,0:13:29.145
that is in the PNR, in your passenger name[br]record, derive whether you are suspicious,

0:13:29.145,0:13:36.292
or dangerous even is, at least in our[br]opinion, pretty much voodoo, and it has

0:13:36.292,0:13:43.089
serious consequences. And it might lead to[br]automatic profiling affecting hundreds of

0:13:43.089,0:13:47.270
millions of people, possibly, because[br]everybody is checked when they and when

0:13:47.270,0:13:51.830
they use a plane. Everybody PNR record is[br]checked against these automatic , against

0:13:51.830,0:13:56.742
these predetermined criteria, and not just[br]for crimes such as terrorism or organized

0:13:56.742,0:14:01.670
crime, where you could maybe make a case[br]that there exists such a thing as a

0:14:01.670,0:14:06.887
pattern of movements where you can[br]identify a terrorist suspect, but it is

0:14:06.887,0:14:13.850
also used for crimes such as fraud or[br]forgery or cyber crime where I would argue

0:14:13.850,0:14:18.501
you cannot find the typical cyber[br]criminals flight pattern, flight patterns.

0:14:18.501,0:14:24.339
It's just not possible. And so but but the[br]PNR directive itself is only the one

0:14:24.339,0:14:29.120
thing. We are fighting this for reasons[br]that go way beyond the PNR processing so

0:14:29.120,0:14:35.980
the processing of PNR flight data, because[br]it may set a dangerous precedent for other

0:14:35.980,0:14:40.870
mass surveillance. Already now PNR[br]processing is being discussed for buses

0:14:40.870,0:14:44.850
that cross borders, for ships and trains.[br]And there are some countries such as

0:14:44.850,0:14:50.870
Belgium that have already enacted the very[br]much. And why stop there, might a police

0:14:50.870,0:14:56.220
officer argue. Why not include rental cars[br]that cross borders? Why not at some point

0:14:56.220,0:15:00.410
include private cars that cross borders?[br]Why not get away with that requirement of

0:15:00.410,0:15:04.460
crossing borders? Why not have everybody[br]checked all the time, maybe via their

0:15:04.460,0:15:09.899
mobile phones? So when we give way to this[br]sort of data processing with such a low

0:15:09.899,0:15:16.040
threshold of effectiveness, we open the[br]door for all sorts of, um, of activity

0:15:16.040,0:15:21.310
that at least from our point of view, is[br]illegal. And the question you were maybe

0:15:21.310,0:15:27.311
asking yourself or maybe not. Is this[br]legal? We are convinced it is not. And

0:15:27.311,0:15:35.071
luckily, we could rely on a legal opinion[br]that the European Court of Justice ECJ has

0:15:35.071,0:15:40.800
rendered a two and a half years ago. There[br]is one PNR agreement in place between the

0:15:40.800,0:15:46.200
EU and the USA, which has not been[br]challenged yet. And another agreement was

0:15:46.200,0:15:51.330
supposed to be known or was negotiated[br]between the EU Commission and Canada, and

0:15:51.330,0:15:56.600
the EU Parliament then presented the[br]question to the ECJ whether this agreement

0:15:56.600,0:16:01.830
would be violating fundamental rights of[br]the Charter of Fundamental Rights of the

0:16:01.830,0:16:09.360
European Union. And the ECJ concluded that[br]it would, in the form that it was proposed

0:16:09.360,0:16:13.800
to it, breach Article 7 and 8 of that[br]charter's. Article 7 as the right to

0:16:13.800,0:16:17.971
privacy in Article 8 is the right to have[br]your data protected, your personal data

0:16:17.971,0:16:23.746
protected. And we are, of course, relying[br]heavily on that, on the arguments that the

0:16:23.746,0:16:29.149
court developed and developing them even[br]further, because; as you can imagine, the

0:16:29.149,0:16:34.563
PNR, the agreement with Canada and the PNR[br]directive are quite similar. So what are

0:16:34.563,0:16:40.821
these arguments that we are bringing up?[br]And we've shown already that the

0:16:40.821,0:16:45.884
effectiveness is highly doubtful. And this[br]leads us to concluding that the PNR

0:16:45.884,0:16:50.432
directive is disproportionate. So it[br]violates human fundamental rights. For

0:16:50.432,0:16:55.943
several reasons. One being a point that[br]we've both raised already that PNR

0:16:55.943,0:17:00.409
processing indiscriminately affects all[br]passengers. And this is a very important

0:17:00.409,0:17:05.069
point, because it makes it shows the[br]difference between PNR processing under

0:17:05.069,0:17:08.920
the PNR directive and what was formerly[br]the the data retention of

0:17:08.920,0:17:14.720
telecommunications data. Because the[br]latter would require a specific case,

0:17:14.720,0:17:20.029
something must have had happened in order[br]for the law enforcement to ask for the

0:17:20.029,0:17:26.010
telecommunications data of the[br]telecommunications provider. But our

0:17:26.010,0:17:32.210
PNR data on flights is checked all the[br]time, always, against databases, and even

0:17:32.210,0:17:36.669
more importantly, the predetermined[br]criteria, which we, of course, do not know

0:17:36.669,0:17:41.600
nothing about. And this brings with it[br]especially the last point, the

0:17:41.600,0:17:46.205
predetermined criteria, are high risk of[br]false accusations. We've already seen that

0:17:46.205,0:17:52.731
99.6% of data base matching, automatic[br]data is matching is wrongful. And imagine

0:17:52.731,0:17:59.639
how much higher the number would be with[br]checking against predetermined criteria.

0:17:59.639,0:18:05.809
And that the reason why we expect many[br]false accusations, false positives, is the

0:18:05.809,0:18:09.379
so-called base rate fallacy, which[br]basically says that when you're looking

0:18:09.379,0:18:13.980
for a very small amount of people in a[br]large dataset and you have a significant

0:18:13.980,0:18:18.769
fail rate, you're very likely to produce[br]more false positives, maybe many more

0:18:18.769,0:18:23.660
false positives than true positives. So[br]actual suspects, or not suspects, but

0:18:23.660,0:18:28.104
actual terrorists. So, for instance, when[br]you if you're checking 100 million flight

0:18:28.104,0:18:32.700
passengers. And you're looking for 100[br]terrorists, and you have even a fail rate

0:18:32.700,0:18:39.659
of 0.1%, not the 99.6 that we're talking[br]about now, but even just 0.1%, this would

0:18:39.659,0:18:45.269
render this would this would render[br]100 000 flight passengers subject to to

0:18:45.269,0:18:50.756
to being suspected terrorists. So you[br]would have 100 000 false positives, 100

0:18:50.756,0:18:55.280
terrorists that let's assume all of them[br]so that they had a positive success rate

0:18:55.280,0:19:00.311
of 100 percent identifying positively as a[br]terrorist suspect. Then you will have

0:19:00.311,0:19:07.291
100 000 false positives, 100 people that[br]are correctly suspected. But everybody, of

0:19:07.291,0:19:11.399
course, will be treated the same. And what[br]I've listed here are just the obvious

0:19:11.399,0:19:16.529
things, stigmatization at the airport by[br]interrogation, searches of luggage of

0:19:16.529,0:19:21.460
people and arrests, missing flights.[br]And depending on the country

0:19:21.460,0:19:27.019
you're in you may be in much more trouble[br]after that. The second point is that the

0:19:27.019,0:19:33.075
data is being stored way too long. As[br]Walter has already mentioned 5 years. Why

0:19:33.075,0:19:38.549
do you need 5 years worth of data to check[br]a database entry or against a

0:19:38.549,0:19:42.795
predetermined criteria? Of course, you[br]don't needed it for that. Because you

0:19:42.795,0:19:47.970
could do that immediately after a person[br]has boarded. You can perform the check and

0:19:47.970,0:19:52.584
then you could get rid of the data, delete[br]it after it's being used. The reason why

0:19:52.584,0:19:56.508
they're storing it so long as that law[br]enforcement and intelligence agencies have

0:19:56.508,0:20:01.489
an interest that goes beyond that checking[br]after boarding, they want to keep the data

0:20:01.489,0:20:06.649
and check it in future, criminal[br]investigations in future, looking into a

0:20:06.649,0:20:10.635
person, what where they've traveled and so[br]on and so forth. But that has nothing to

0:20:10.635,0:20:15.980
do with the original purpose of PNR, the[br]PNR directive. And what at least everybody

0:20:15.980,0:20:21.243
here will know in all data storing, so[br]data storing is in itself a problem. It's

0:20:21.243,0:20:25.169
in itself a violation of fundamental[br]rights when there is no legitimate reason

0:20:25.169,0:20:30.316
to do so. But also all data storage puts[br]the data stored at risk. And as we've

0:20:30.316,0:20:34.980
mentioned already, there's the payment[br]data, especially there's other other

0:20:34.980,0:20:39.320
sensitive data with whom you've traveled,[br]whether you've traveled with light luggage

0:20:39.320,0:20:45.787
or not, where you have gone to, via which[br]place and so on and so forth. Another

0:20:45.787,0:20:49.370
point, which is a bit more complicated is[br]that the director does not sufficiently

0:20:49.370,0:20:54.039
differentiate between crimes where[br]automatic profiling could make sense and

0:20:54.039,0:20:59.901
others. So as I have said, there may be a[br]point in saying that the typical

0:20:59.901,0:21:06.039
terrorists would fly from A to B via C[br]without checking in luggage using this or

0:21:06.039,0:21:11.220
that tourist office and so on and so[br]forth. So maybe just assume that this is

0:21:11.220,0:21:17.200
the case. This, no one can can tell me[br]that there is a typical flight pattern of

0:21:17.200,0:21:23.200
a fraudster where you could ask someone[br]define which way a fraudster typically

0:21:23.200,0:21:27.990
flies and identify such a person. So what[br]the directive would have needed to do if

0:21:27.990,0:21:32.269
they wanted had wanted to check against[br]predetermined criteria would have been to

0:21:32.269,0:21:38.943
identify for which crimes - exactly, and[br]only for these - you can use such a voodoo

0:21:38.943,0:21:44.389
miracle weapon. And finally, these are not[br]the only arguments, but the more most

0:21:44.389,0:21:49.269
important ones. We expect that the false[br]positives especially will lead to

0:21:49.269,0:21:55.249
discrimination against minorities. And one[br]example that the German National Police,

0:21:55.249,0:22:01.249
the Bundeskriminalamt has given us for a[br]predetermined criteria are young men

0:22:01.249,0:22:06.732
flying from airports from the south of[br]Turkey to a major European city. So

0:22:06.732,0:22:10.700
they're thinking about former IS fighters,[br]IS terrorists. And as you can easily

0:22:10.700,0:22:15.690
imagine what kind of people will be[br]sitting in in in a on a plane that's

0:22:15.690,0:22:20.310
coming from the south of Turkey to Germany[br]or to any other European country. Of

0:22:20.310,0:22:25.986
course, this will affect them[br]disproportionately, affect minorities. And

0:22:25.986,0:22:32.030
it is already now highly intransparent[br]what how these these predetermined

0:22:32.030,0:22:38.220
criteria are developed. And imagine a near[br]future where law enforcement will

0:22:38.220,0:22:42.640
naturally try to involve artificial[br]intelligence and finding patterns in the

0:22:42.640,0:22:48.179
raw data of flight movements of PNR data,[br]of the treasure they're now hoarding with

0:22:48.179,0:22:54.559
a five year worth of data. And at the[br]latest, at that point in time, it will be

0:22:54.559,0:23:00.710
impossible for us to understand why a[br]certain criterion was defined and how how

0:23:00.710,0:23:04.372
to challenge it when you're in the[br]position to be arrested at the airport,

0:23:04.372,0:23:10.189
for instance. So what can we do? And[br]that's where we come in. The two

0:23:10.189,0:23:15.919
organizations that we are. We are no[br]typical advocacy organizations, but we do

0:23:15.919,0:23:21.039
strategic litigation. Because[br]unfortunately no advocacy worked on the

0:23:21.039,0:23:26.220
PNR directive. It came into force pretty[br]much as the, um, as national law

0:23:26.220,0:23:34.139
enforcement wanted it to be. And so there[br]is one instance, one authority at the time

0:23:34.139,0:23:39.019
that in Europe, in Germany, in Europe, the[br]European Union, the courts, which can

0:23:39.019,0:23:44.919
which can ideally, um, dismiss of the[br]reasons of the motivations of law

0:23:44.919,0:23:51.340
enforcement to have such a directive[br]enforced and can try to objectively assess

0:23:51.340,0:23:57.181
whether this is actually legal and should[br]remain in force, stay in force or not. And

0:23:57.181,0:24:01.639
we did this through litigation both in[br]Germany and in Austria, and both are

0:24:01.639,0:24:06.490
having the same goal, which is to present[br]to the European Court of Justice the

0:24:06.490,0:24:11.774
question whether the PNR directive and any[br]national law that is transposing the PNR

0:24:11.774,0:24:17.980
directive is in violation of the Charter[br]of Fundamental Rights. Why do we have to

0:24:17.980,0:24:23.470
go? Why is the ECJ important? Because when[br]you have a national law that directly

0:24:23.470,0:24:31.330
transposes a European law, a directive,[br]then then only the ECJ can declare such a

0:24:31.330,0:24:35.419
law void. There is no way for, for[br]instance, in Germany, the federal

0:24:35.419,0:24:39.669
constitutional court, the[br]Bundesverfassungsgericht, to say that this

0:24:39.669,0:24:46.016
law should not be applied any longer. This[br]question must be presented to the ECJ. So

0:24:46.016,0:24:50.940
how could we get to the ECJ? This actually[br]was a process that took us quite a bit of

0:24:50.940,0:24:56.489
time. It's been two years in the making. A[br]year ago, we launched six different

0:24:56.489,0:25:01.270
complaints of six different plaintiffs[br]that are flying all over Europe, that we

0:25:01.270,0:25:05.792
booked flights for them that led them to a[br]European member states, a European Union

0:25:05.792,0:25:10.926
member states and two states outside of[br]the European Union. And we sent the

0:25:10.926,0:25:16.029
complaints to three different courts. The[br]one, two complaints were directed against

0:25:16.029,0:25:20.320
the German national police and went to the[br]administrative court in Wiesbaden, and

0:25:20.320,0:25:24.559
four others were directed against the[br]airplane airlines. So we tried to

0:25:24.559,0:25:30.950
diversify as much as possible in order to[br]find a judge that would agree with us that

0:25:30.950,0:25:36.779
this is problematic and this needs[br]checking. And we are optimistic that

0:25:36.779,0:25:43.500
either the court in Wiesbaden or the court[br]in Cologne will soon present these very

0:25:43.500,0:25:48.289
questions to the court, whether the German[br]transposition law and the PNR directive

0:25:48.289,0:25:53.119
itself are violating fundamental rights[br]after European of the Charter of the

0:25:53.119,0:25:58.981
European Union.[br]Walter: So as Bijan already mentioned, our

0:25:58.981,0:26:05.389
aim is to bring our case as quick as[br]possible to the European Court of Justice.

0:26:05.389,0:26:11.470
So we had different options. And in Austria,[br]we went a third way. We brought a case

0:26:11.470,0:26:18.976
before the Austrian Data Protection Authority[br]against the Fluggastdatenzentralstelle

0:26:18.976,0:26:24.603
im Bundeskriminalamt, a passenger[br]named unit. And we we brought several

0:26:24.603,0:26:31.059
different cases and we also found out that[br]different, smaller things which we are on.

0:26:31.059,0:26:38.014
But the main thing is that this case[br]already went as planned to the

0:26:38.014,0:26:46.579
Bundesverwaltungsgericht, so the federal[br]administrative court in Austria. And from

0:26:46.579,0:26:54.850
there, we hope that is also soon forwarded[br]to the European Court of Justice. And

0:26:54.850,0:27:02.239
theoretically, it would be enough if one[br]case hits the European Court of Justice.

0:27:02.239,0:27:07.590
But practically, it is, of course, very[br]important to have different strategies

0:27:07.590,0:27:15.749
because there are different speeds and so[br]on. So that's why we also should mention

0:27:15.749,0:27:22.929
another case, the the Belgian case. So[br]this Belgian human rights organization,

0:27:22.929,0:27:28.647
they also brought the case before a[br]Belgian court. In this case, it was

0:27:28.647,0:27:34.720
directly the Belgian constitutional court.[br]So they had a direct way to the

0:27:34.720,0:27:40.340
constitutional court, unlike our cases in[br]Austria, where this or in Germany where

0:27:40.340,0:27:47.369
this was not possible. And therefore, the[br]Belgian constitutional court already

0:27:47.369,0:27:55.037
referred this case to the European Court[br]of Justice. And we are hoping that our

0:27:55.037,0:28:01.210
case will be soon or cases, or at least[br]some of them will soon be joined with this

0:28:01.210,0:28:11.220
case at the European Court of Justice, and[br]then decided together. So to sum up, we

0:28:11.220,0:28:20.429
have actually a very infringing piece of[br]legislation the PNR directive, PNR

0:28:20.429,0:28:28.529
processing, as Bijan explained to us in[br]more detail, is extremely intrusive in all

0:28:28.529,0:28:34.549
flight passengers' fundamental rights. It[br]violates fundamental rights, especially

0:28:34.549,0:28:41.460
because it is already... is also[br]ineffective and disproportionate. So we

0:28:41.460,0:28:47.649
heard about these different things. The[br]base rate fallacy that it is ineffective

0:28:47.649,0:28:54.099
and disproportionate because it is not[br]really possible to find specific suspects

0:28:54.099,0:29:02.570
in such amount of data with without having[br]a lot, a real lot of false positives. So

0:29:02.570,0:29:08.190
other arguments are that it is data[br]retention in the first place. So also

0:29:08.190,0:29:14.989
already the retention of the data of[br]people like you and me is a big problem

0:29:14.989,0:29:22.600
and unlawful. And this general suspicion[br]it leads to. So everybody becomes a

0:29:22.600,0:29:30.200
suspect and can become practically a[br]suspect, can get problems practically from

0:29:30.200,0:29:38.899
that legislation without being a criminal.[br]And yeah, we have strong arguments as we

0:29:38.899,0:29:48.599
showed you already, the case of the Canada[br]PNR directive, the PNR agreement with

0:29:48.599,0:29:55.259
Canada is very similar in practice to the[br]PNR directive. So the arguments already

0:29:55.259,0:30:01.480
held before the European Court of Justice.[br]So actually, it's a shame that this was

0:30:01.480,0:30:07.971
not stopped earlier. And civil rights[br]organizations as we are have to do that.

0:30:07.971,0:30:16.590
And that's what we do. And that's also why[br]we depend on donations. So that's also

0:30:16.590,0:30:21.789
important to stress that our work people[br]having people fully employed to do things

0:30:21.789,0:30:28.700
like that cost some money. And that's[br]where you can find us. So we have a

0:30:28.700,0:30:35.799
campaign website, nopnr.eu in German[br]and English. And you can find us, of

0:30:35.799,0:30:40.580
course, on our website and both websites[br]and find ways how to join us, how to

0:30:40.580,0:30:46.730
support us. And also still today, you can[br]meet us at our assembly in the CCL

0:30:46.730,0:30:52.590
building the about freedom assembly, where[br]both the Gesellschaft für Freiheitsrechte

0:30:52.590,0:31:00.659
and Epicentre Works have their desk and[br]you can ask all the question. But first,

0:31:00.659,0:31:03.378
ask all your questions now. Thank you.

0:31:03.378,0:31:06.870
<i>Applause</i>

0:31:06.870,0:31:14.760
Herald: Thank you, Walter and Bijan, for[br]this very clarifying statements. I suppose

0:31:14.760,0:31:19.379
there are quite some questions here in the[br]audience. Only I'm looking at someone

0:31:19.379,0:31:32.252
who's grabbing a microphone now. I see the[br]signal angel. Yes. The mic is not on. Can

0:31:32.252,0:31:47.591
someone help him? Signal Angel needs a mic.[br]Yes, it's almost there. Brains are

0:31:47.591,0:31:51.409
working.[br]Signal Angel: Thank you. Is there a cheap

0:31:51.409,0:31:55.470
method to spam for some trees, for[br]example, by booking flight under a false

0:31:55.470,0:32:02.999
name and then canceling the flight?[br]Bijan: Well, I think it's it's difficult

0:32:02.999,0:32:06.889
to say. I didn't get the very first words.[br]Sorry.

0:32:06.889,0:32:11.159
Signal Angel: Yes, the very first one was:[br]is there a cheap method to spam, to spam

0:32:11.159,0:32:14.809
for some trees?[br]Bijan: Yeah. Theoretically, I don't think

0:32:14.809,0:32:19.129
that anything could speak against that.[br]Yeah, but the problem is that you would

0:32:19.129,0:32:23.749
need to cancel very late because, um, I[br]think the first time they push the data,

0:32:23.749,0:32:28.139
the airlines are pushing the data to the[br]national police is, 48 hours before the

0:32:28.139,0:32:32.799
before boarding. So that might come to[br]become a bit expensive.

0:32:32.799,0:32:34.439
<i>Laughter</i>

0:32:34.439,0:32:38.918
Walter: I would want to make a general[br]remark also on that. Of course, here,

0:32:38.918,0:32:44.109
especially here, thoughts like that, how[br]to hack the system are very important and

0:32:44.109,0:32:50.759
can help. But our general approach is to[br]take legal action to protect all people at

0:32:50.759,0:32:56.019
the same way, and not only those who who[br]are able to protect themselves or hack the

0:32:56.019,0:33:04.139
system or whatever. So that's the reason[br]why we both go this general way to bring

0:33:04.139,0:33:11.449
that down. Completely.[br]Herald: And other question here. Yes.

0:33:11.449,0:33:20.879
Sorry, sir. Please.[br]Q: What do you expect as a result of your

0:33:20.879,0:33:26.549
litigation if you are successful in court?[br]Will ... do you expect the courts to

0:33:26.549,0:33:34.309
strike down the directive entirely, or do[br]you expect another legislative process to

0:33:34.309,0:33:42.260
do the same thing again or to fix, quote[br]unquote, the directive in very small ways

0:33:42.260,0:33:47.570
just to to drag out this battle and[br]continue the practice. What do you think

0:33:47.570,0:33:52.210
the effects will be?[br]Bijan: Well, we think that the European

0:33:52.210,0:33:56.070
Court of Justice, if it follows our[br]argument, our reasoning, it should it will

0:33:56.070,0:33:59.690
strike down the PNR directive entirely,[br]because the way it is set up is

0:33:59.690,0:34:06.561
fundamentally not in in accordance with[br]what it earlier ruled so far. Unless it

0:34:06.561,0:34:10.550
will change its its entire history of[br]ruling on data retention and so on and so

0:34:10.550,0:34:15.679
forth. But of course, we will expect the[br]member states to push for another

0:34:15.679,0:34:21.349
legislation that may be similar, but not[br]the exact same thing. So I can imagine

0:34:21.349,0:34:25.889
something of a of the sort of data[br]retention of telecommunications, as it

0:34:25.889,0:34:31.060
were, and with airlines retaining the data[br]and keeping it for a shorter period of

0:34:31.060,0:34:36.291
time and only giving it out when there is[br]a specific request with, where there is a

0:34:36.291,0:34:41.029
specific reason for law enforcement to ask[br]for the data. I could imagine such a thing

0:34:41.029,0:34:45.845
coming up again and then we would need to[br]check whether this is illegal or not. And

0:34:45.845,0:34:50.254
maybe go through the whole procedure as[br]well. But it is it would be an immense

0:34:50.254,0:34:56.191
success if the PNR directive as it stands[br]would be void. Declared void.

0:34:56.191,0:35:02.290
Herald: Thank you. Someone else has a[br]question. I see the person here.

0:35:02.290,0:35:10.789
Microphone one, please.[br]Q: Hel-lo, yeah. Okay, so you had the

0:35:10.789,0:35:15.480
agreement that, uh, there are a lot of[br]false positives when they checked up PNR

0:35:15.480,0:35:20.640
data. Um, do we have any information how[br]long it takes for them to react on the PNR

0:35:20.640,0:35:25.570
data if they get a positive hit? So maybe[br]they won't react after the person has

0:35:25.570,0:35:31.109
landed and already, uh, is in the country?[br]Bijan: They claim that they can act

0:35:31.109,0:35:36.930
immediately, but we can't know that for[br]sure. So the fact that they had 57 arrests

0:35:36.930,0:35:42.366
at the airports signals that at least that[br]in some respects this is true. But we

0:35:42.366,0:35:47.477
cannot know for sure how much, how quickly[br]they they they kind of react. And keep in

0:35:47.477,0:35:52.470
mind, this is only the start. So, so far[br]in Germany, right up until the point where

0:35:52.470,0:35:57.220
this the data that I presented for Germany[br]came about, there were only 9 airlines, I

0:35:57.220,0:36:01.440
think, that were linked to the system. So[br]expect there to be much more data coming

0:36:01.440,0:36:05.829
in. And once they start with a[br]predetermined criteria thing, this will

0:36:05.829,0:36:13.440
multiply probably. Um, even so, I cannot[br]imagine unless they they ... have this

0:36:13.440,0:36:20.279
new, um, thing with hundreds of people[br]involved that they can act immediately in

0:36:20.279,0:36:26.240
each and every case.[br]Herald: Thank you. There is a question

0:36:26.240,0:36:30.100
again on the Internet. Yes.[br]Signal Angel: Yes. How come, you haven't

0:36:30.100,0:36:35.349
tried voiding the local at one provisions[br]that this PNR there for intra EU flights? <i>(???)</i>

0:36:35.349,0:36:39.180
That seems most likely against Schengen[br]provisions.

0:36:39.180,0:36:44.837
Bijan: We have addressed that as well. We[br]have picked intra-EU flights also. We have

0:36:44.837,0:36:52.290
not just picked flights that go extra EU,[br]but, we've also made the point about the

0:36:52.290,0:36:57.839
the violation of Schengen criteria. But[br]that is not so much that is not the focus

0:36:57.839,0:37:02.893
of our argument because they are, in our[br]opinion, much stronger ones. Because with

0:37:02.893,0:37:06.990
Schengen you would need to argue that it's[br]practically impossible to enter the

0:37:06.990,0:37:13.260
country without being held up and you're[br]not being held up in a physical form, at

0:37:13.260,0:37:18.910
least not in general, generally. And so[br]this argument is a bit more difficult than

0:37:18.910,0:37:25.024
having an actual border checking of[br]people. But we're making this point, of

0:37:25.024,0:37:30.460
course. And but we rely on other points[br]that we think are stronger.

0:37:30.460,0:37:35.540
Herald: Okay. Please. Microphone number[br]one, please.

0:37:35.540,0:37:40.093
Q: Is there also data being collected on[br]flights inside a country. So, for example,

0:37:40.093,0:37:43.530
from Munich to Berlin.[br]Bijan: Not yet. Not under the directive.

0:37:43.530,0:37:48.099
And theoretically, of course, that the[br]German legislator or any other legislator

0:37:48.099,0:37:51.820
could decide to include that as well, but[br]not so far.

0:37:51.820,0:37:56.329
Herald: Number two, please. Microphone.[br]Yeah.

0:37:56.329,0:38:01.920
Q: I was wondering how much, uh, false[br]negatives are in there. You know, that,

0:38:01.920,0:38:07.940
like, uh, these big databases. If I don't[br]act like a normal terrorist or something

0:38:07.940,0:38:10.570
than I am?[br]Bijan: We don't we don't know,

0:38:10.570,0:38:15.130
unfortunately, not yet. Um, I did. I think[br]it would be very interesting, especially

0:38:15.130,0:38:21.750
for the predetermined criteria , to see[br]how many they miss. Um, but yeah. No, not

0:38:21.750,0:38:28.579
nothing at.[br]Herald: Yeah, and there is no undo button,

0:38:28.579,0:38:33.579
I think. No. No. No undo. That's always[br]the thing that I that I'm worried about,

0:38:33.579,0:38:38.140
you know. Then you have an announcement[br]about France's data that go out and then

0:38:38.140,0:38:44.040
you can't have an undo. So what do we do[br]then? It's always new. Yeah, you can keep

0:38:44.040,0:38:48.640
this for five years now. But who says it's[br]there for five years and what kind of

0:38:48.640,0:38:51.967
interpretation to get out of it for five[br]years? After five years?

0:38:51.967,0:38:55.089
Bijan: You can't know in[br]which database you will be transferred in

0:38:55.089,0:38:59.940
the meantime, because law enforcement can[br]access the data of that very data set and

0:38:59.940,0:39:03.700
forth for that data and the PNR data set[br]and put it in another data set because

0:39:03.700,0:39:08.480
they have whatever reason to do so. And[br]then these are again enlarged and

0:39:08.480,0:39:12.670
enlarged. And then you will find another[br]reason why they should remain in there for

0:39:12.670,0:39:17.230
a longer time. So, yeah. That's why we're[br]fighting this now and hoping to change the

0:39:17.230,0:39:19.480
future.[br]Herald: How do you see your chances?

0:39:19.480,0:39:27.070
Actually, uh, a long term or short term[br]chances to get to that point is that?

0:39:27.070,0:39:30.500
Bijan: We are very convinced that we will[br]be successful, because otherwise we

0:39:30.500,0:39:33.529
wouldn't have started this. This is one of[br]our principles. We only do things that we

0:39:33.529,0:39:38.321
are convinced of being able to win and we[br]think that we will win this. And what will

0:39:38.321,0:39:42.240
come out of it? Referring to the I think[br]the second and the second question

0:39:42.240,0:39:47.480
earlier. And what will be happening in the[br]future with other legislation? I can't

0:39:47.480,0:39:51.430
know. But one argument the police is[br]always making or in private, at least to

0:39:51.430,0:39:55.819
me, are is that they're saying, well,[br]people will get used to it and it won't be

0:39:55.819,0:40:00.783
in in five or 10 years. Nobody's gonna be[br]wondering about things like this. And this

0:40:00.783,0:40:05.299
is exactly what we are working against,[br]that this never becomes normal, because if

0:40:05.299,0:40:07.470
this becomes normal, as I've argued[br]before,

0:40:07.470,0:40:11.130
<i>applause</i>[br]Herald: needs an applause Yes.

0:40:11.130,0:40:14.880
Bijan: If it becomes normal, as I've[br]argued before, it is easy to extend it to

0:40:14.880,0:40:20.529
all sorts of life and ways of life and[br]walks of life. And this then would be in a

0:40:20.529,0:40:25.859
surveillance state par excellence.[br]Herald: We were very close there. So we

0:40:25.859,0:40:30.089
need to support them really hard. There is[br]one last question I suggest. No. There is

0:40:30.089,0:40:35.619
two questions. Number two. Yes.[br]Q: Does the PNR directive apply only for

0:40:35.619,0:40:39.492
regular scheduled flights? So does it also[br]apply for private flights? The general

0:40:39.492,0:40:42.819
aviation business flights, etc.?[br]Bijan: Good question. I don't know.

0:40:42.819,0:40:48.510
Actually, I look into that and. Write me![br]Come, come here later and I'll check and

0:40:48.510,0:40:52.310
I'll give you an answer.[br]Herald: Then there is one at number one.

0:40:52.310,0:40:56.710
Q: I just wanted to ask a question in[br]response to the idea that this is becoming

0:40:56.710,0:41:01.810
very normal, because one thing that I[br]think has become very normal that hasn't

0:41:01.810,0:41:07.924
been mentioned explicitly is the idea that[br]people can be essentially put on a watch

0:41:07.924,0:41:12.782
list as being a potential criminal in the[br]absence of a crime. And we have these

0:41:12.782,0:41:19.605
terrorist watch lists all over the world[br]now. That is now the new normal. And I

0:41:19.605,0:41:24.750
think that's very problematic. And can you[br]just maybe talk about: Do we, do you see a

0:41:24.750,0:41:30.829
future where we can actually get back to,[br]you know, only arresting or investigating

0:41:30.829,0:41:33.890
people because of probable cause, for[br]example?

0:41:33.890,0:41:39.421
Bijan: Oh, I hope that this will be our[br]future. But, uh, about that point, that

0:41:39.421,0:41:43.750
very point, I'm not too optimistic, to be[br]honest. I am optimistic about one other

0:41:43.750,0:41:48.859
one. Another thing that is that these[br]instruments that are now being created

0:41:48.859,0:41:52.910
will prove to be highly ineffective, as[br]we've so now see now already with checking

0:41:52.910,0:41:58.290
against databases, that is already a lot[br]of work and very tedious work. But with

0:41:58.290,0:42:04.079
the idea that you can define criteria for[br]people that that are legitimately to be

0:42:04.079,0:42:08.710
suspected of committing a crime in the[br]future, I think it will prove, at least

0:42:08.710,0:42:12.990
for the next few decades, to be quite[br]impossible. And this is I don't know if

0:42:12.990,0:42:19.880
this came across correctly sufficiently,[br]but this is really the core issue that we

0:42:19.880,0:42:25.619
have with the PNR directive. They are[br]claiming that they can find suspects of

0:42:25.619,0:42:31.690
crimes or future crimes. Imagine! Not not[br]someone that has committed a crime or that

0:42:31.690,0:42:36.890
will definitely commit a crime, but that[br]can reasonably be suspected of committing

0:42:36.890,0:42:43.960
a crime in the future, and then act upon[br]that. And that is really a huge step into

0:42:43.960,0:42:49.220
what I called voodoo, about the[br]expectation that you can take data and

0:42:49.220,0:42:55.400
prevent crime. Minority Report times.[br]Yeah. To the power five. I don't know.

0:42:55.400,0:43:00.534
Herald: Sit back and relax. Thank you[br]Bijan and thank you, Walter, for this

0:43:00.534,0:43:08.520
fantastic lecture. Please support them at[br]noPNR dot EU, go to their booth as well.

0:43:08.520,0:43:10.520
And thank you all.

0:43:10.520,0:43:22.010
<i>36C3 postroll music</i>

0:43:22.010,0:43:38.000
Subtitles created by c3subtitles.de[br]in the year 2021. Join, and help us!