< Return to Video

36C3 - #NoPNR – Let’s kill the next Data Retention Law

  • 0:00 - 0:19
    36C3 preroll music
  • 0:19 - 0:26
    Herald: Next is Bijan. Bijan. Bijan, I
    pronounce this. Pretty persian. Yeah. He's
  • 0:26 - 0:33
    an attorney, ein Rechtsanwalt it is called in
    deutsch, and he works for the Gesellschaft
  • 0:33 - 0:38
    für Freiheitsrechte in Berlin. If I'm
    right. Good. Give them a welcome.
  • 0:38 - 0:42
    applause, please. It's early in the
    morning. We're going to kick back here.
  • 0:42 - 0:46
    applause
  • 0:46 - 0:51
    Bijan: Early in the morning, only at the
    Congress you can call 12:30 early in the
  • 0:51 - 0:57
    morning, but it is. And, um, well, if
    you've ever sat on a plane and wondered
  • 0:57 - 1:02
    what the person three rows behind you is
    eating, whether they flying alone, whether
  • 1:02 - 1:07
    they have checked in their luggage or only
    hand luggage and what visa they were using
  • 1:07 - 1:13
    when they were buying their plane ticket,
    then you're probably a police officer or
  • 1:13 - 1:17
    should join the national police of any EU
    member state, because that is exactly what
  • 1:17 - 1:22
    the national polices in Germany and
    Austria and other Europeans member states,
  • 1:22 - 1:26
    Europe, member states of the European
    Union, can do. Thanks to the PNR
  • 1:26 - 1:30
    directive, which is the topic of today's
    talk. And we are going to talk and explain
  • 1:30 - 1:36
    to you what the PNR directive and the laws
    transposing it into national law are all
  • 1:36 - 1:41
    about, why this is problematic and what we
    can do and what we are actually doing
  • 1:41 - 1:47
    against it in order to stop it. And Walter
    will start off with a few infos.
  • 1:47 - 1:53
    Walter: Yeah. Hello. So firstly, I would
    like to introduce into Epicenter Works,
  • 1:53 - 1:59
    because we have already a history on
    bringing down data retention laws. So
  • 1:59 - 2:04
    probably you know us from our fight
    against data retention in Europe when we
  • 2:04 - 2:08
    still were called "AKA Vorrat Österreich".
    I am working for Epicenter Works on a
  • 2:08 - 2:15
    voluntary basis. And I would like to
    mention my colleague Angelika Adensamer
  • 2:15 - 2:20
    who did the main work on this for
    Epicenter Works. But she cannot be at
  • 2:20 - 2:31
    Congress this year. So, flight data. It is
    said, I've heard that at any given point
  • 2:31 - 2:39
    in time, one million people are on a plane
    in the skies flying around the globe. As
  • 2:39 - 2:47
    you can see here. And today, although in
    times of resource exhaustion, we should
  • 2:47 - 2:53
    talk about that anyway. I am convinced
    today we are talking about the data
  • 2:53 - 3:00
    protection issue about it. A big one. And
    we are talking about passenger name
  • 3:00 - 3:08
    records. So what is a passenger name
    record, anyway? A passenger name record,
  • 3:08 - 3:19
    as you can see here, is a data set
    compiled of 19 different data fields. So
  • 3:19 - 3:26
    you can get about up to 60 different data
    points on one single passenger on one
  • 3:26 - 3:32
    single flight. So, for instance, you have
    data in there like the first and second
  • 3:32 - 3:40
    name, address, but also other things,
    metadata. More important things, like the
  • 3:40 - 3:47
    means of payment you made, the point in
    time when you booked the flight and things
  • 3:47 - 3:54
    like that. And as a specific problem about
    it is that there is also a free text field
  • 3:54 - 4:02
    so airline employees can enter data there
    and which we cannot control. And
  • 4:02 - 4:12
    altogether we have a quite big data set of
    each passenger on each flight. So this is
  • 4:12 - 4:20
    common in the airline industry. But in
    2016, the PNR directive came about. So
  • 4:20 - 4:26
    what is the PNR directive? It is a piece
    of European legislation , which was
  • 4:26 - 4:35
    enacted in April 2016. And when we have
    European legislation, it's important to
  • 4:35 - 4:42
    mention that it doesn't come out of the
    blue out of Brussels, but it is enacted
  • 4:42 - 4:50
    together with from the commission, the
    European Parliament and the council. And
  • 4:50 - 4:56
    the council are the governments of our
    member states. So we have to keep in mind
  • 4:56 - 5:03
    that member states governments, have a
    big say when things like this are enacted.
  • 5:03 - 5:11
    And it is a directive. And that means that
    every single member state has to transpose
  • 5:11 - 5:17
    the content of the directive into its
    national law. And this had to be done
  • 5:17 - 5:25
    until the 25th May of 2018. This was the
    the tenth transposition deadline. And for
  • 5:25 - 5:33
    instance, Austria and Germany made laws to
    transpose that into their national law. So
  • 5:33 - 5:44
    what had they to enact? They had to enact
    laws prescribing that all airlines have to
  • 5:44 - 5:52
    transfer data of all passengers, all
    passenger name records of every flight,
  • 5:52 - 5:59
    and they have to be pushed to a national
    police database. So unlike the telecom
  • 5:59 - 6:06
    data retention I already mentioned, the
    data is not kept where it where where it
  • 6:06 - 6:11
    is created. But it has to be pushed from
    the private sector, from the airlines, to
  • 6:11 - 6:21
    police database, databases. And the data
    retention directive prescribes that every
  • 6:21 - 6:27
    flight leaving or entering the European
    Union must be covered by that. But in
  • 6:27 - 6:33
    addition, every single member state also
    covered flights within the EU. So you have
  • 6:33 - 6:38
    we have the full take now. Flights within
    the EU as well as flights leaving or
  • 6:38 - 6:46
    entering the EU. And every single record
    of every single passenger of every single
  • 6:46 - 6:55
    flight is in a police database and will be
    compared with existing databases, for
  • 6:55 - 7:03
    instance, of known criminals or of stolen
    passports and the like. And they try to
  • 7:03 - 7:11
    find matches there. And what they are also
    going to do is matching with predetermined
  • 7:11 - 7:16
    criteria. So they will come up with flight
    patterns of known perpetrators, for
  • 7:16 - 7:22
    instance, when they booked a flight and so
    on. They will algorithmically try to find
  • 7:22 - 7:30
    patterns there, and then they will compare
    your flight passenger name records with
  • 7:30 - 7:34
    that data. And if you have a similar
    behavior, than a previous perpetrator,
  • 7:34 - 7:42
    previous criminal, for instance, then
    you're already under suspicion. And this
  • 7:42 - 7:48
    data in these databases are stored for
    five years and can be further used by
  • 7:48 - 7:54
    different law enforcement agencies. So
    that data is not only compared and then
  • 7:54 - 8:01
    deleted again. The storage time is five
    years and they do something called
  • 8:01 - 8:08
    depersonalization about six months after
    the data was created. But this is not in
  • 8:08 - 8:13
    any way an anonymisation, but they just
    remove some data and it can easily be
  • 8:13 - 8:21
    identified again. So the person the data
    belongs to can easily be identified for
  • 8:21 - 8:27
    the whole period of five years. So you
    probably asked yourself already: First, is
  • 8:27 - 8:34
    this effective? Well, this runs already
    since last year, so we have some data.
  • 8:34 - 8:44
    First, I will present to you the data from
    Austria. In Austria, we found out that
  • 8:44 - 8:52
    already until the 30th of September, 2019,
    almost 24 passenger name records where
  • 8:52 - 8:59
    forwarded to the passenger name unit at
    the Bundeskriminalamt and
  • 8:59 - 9:07
    11 900 000 thousand different people
    were subject to that. And of these, almost
  • 9:07 - 9:13
    24 000 000 passenger name records, the
    algorithms that checking against databases
  • 9:13 - 9:21
    already brought up 190 000
    matches. So every single match,
  • 9:21 - 9:28
    every single output the algorithm has,
    must be checked by a human employee. So we
  • 9:28 - 9:34
    have sitting there people who have to
    check. Even this is not even the data of a
  • 9:34 - 9:42
    year. And they have to check
    190 000 matches and only 280
  • 9:42 - 9:47
    of them are actual hits. So if a person
    checks what the algorithm outputs there,
  • 9:47 - 9:56
    then only in 0.15% of the cases
    the policewoman or policeman
  • 9:56 - 10:02
    come to their conclusion: This is actually
    relevant for us. And if you do the math,
  • 10:02 - 10:10
    this means that only 0.001% percent of all
    that 24 million passenger name data, your
  • 10:10 - 10:16
    data which is checked, actually leads to a
    hit. And we don't even know how many
  • 10:16 - 10:23
    actual false positives remain in these
    220. This is only what the police will
  • 10:23 - 10:30
    inspect afterwards. So we have no numbers
    or results if they had actual
  • 10:30 - 10:37
    investigative results on that. But what we
    can say is that there are 21 employees,
  • 10:37 - 10:42
    qualified employees, working in the
    passenger name, Passenger Information Unit,
  • 10:42 - 10:49
    and this costs almost 2 million euros per
    year and only for checking that data in
  • 10:49 - 10:55
    the small country of Austria. And Bijan
    now will present to you the data in German.
  • 10:55 - 10:59
    Bijan: The number, the data of the big
    neighbor, because you said small country
  • 10:59 - 11:06
    Austria. In Germany the numbers are
    surprisingly similar. We also had - have
  • 11:06 - 11:11
    numbers up until mid of August 2019, and
    we have had almost 32 million passenger
  • 11:11 - 11:17
    name records checked, which generated
    automatic results of matches of about
  • 11:17 - 11:24
    240 000, which then were checked by 40
    police officers and there remained only
  • 11:24 - 11:33
    910 actual hits. So the fail rate was
    99.6% and 0.003% all PNRs checked led to
  • 11:33 - 11:38
    actual hits. And even of that number, just
    as in Austria, we are not sure how many
  • 11:38 - 11:43
    false positives remain. We know that there
    were considerably a considerable amount of
  • 11:43 - 11:48
    false positives. We estimate them to be in
    the hundreds. But the law enforcement did
  • 11:48 - 11:53
    not specify what actually, how many
    supposed positives remained, even among
  • 11:53 - 11:59
    the 910. And one of the results we know is
    that it led to 57 arrests. We don't know
  • 11:59 - 12:03
    for which crimes. We don't know whether
    these people actually committed a crime,
  • 12:03 - 12:08
    whether they were suspected for crime,
    whether they were just on a watch list.
  • 12:08 - 12:15
    But 57 arrests, assuming this is these
    were legitimate, this means that 0.0002%
  • 12:15 - 12:21
    of all PNRs checked led to an arrest. And
    if you try to to transpose this to other
  • 12:21 - 12:28
    situations in life, you could go to a to a
    market, to to some, uh, to some festival
  • 12:28 - 12:32
    or what not, and just ask randomly people,
    and you would probably have with a similar
  • 12:32 - 12:37
    probability, an arrest in the end at the
    end of the day. So if this holds that this
  • 12:37 - 12:42
    whole PNR processing holds is this
    effectiveness is the standard that we are
  • 12:42 - 12:50
    happy with, then you can easily take this
    to all other sorts of walks of life. And
  • 12:50 - 12:56
    this is true, in our opinion, a big
    problem, because it will lead to a digital
  • 12:56 - 13:01
    surveillance state, which is has come
    quite near with these new tools that the
  • 13:01 - 13:08
    PNR directive provide. What we've now just
    shown are the the automatic is the checks
  • 13:08 - 13:12
    against databases. That was the one thing
    that the PNR directive provides for. The
  • 13:12 - 13:17
    other one is the checking against
    predetermined criteria. And this is where
  • 13:17 - 13:23
    the voodoo kind of starts, because the
    idea that you can merely from the data
  • 13:23 - 13:29
    that is in the PNR, in your passenger name
    record, derive whether you are suspicious,
  • 13:29 - 13:36
    or dangerous even is, at least in our
    opinion, pretty much voodoo, and it has
  • 13:36 - 13:43
    serious consequences. And it might lead to
    automatic profiling affecting hundreds of
  • 13:43 - 13:47
    millions of people, possibly, because
    everybody is checked when they and when
  • 13:47 - 13:52
    they use a plane. Everybody PNR record is
    checked against these automatic , against
  • 13:52 - 13:57
    these predetermined criteria, and not just
    for crimes such as terrorism or organized
  • 13:57 - 14:02
    crime, where you could maybe make a case
    that there exists such a thing as a
  • 14:02 - 14:07
    pattern of movements where you can
    identify a terrorist suspect, but it is
  • 14:07 - 14:14
    also used for crimes such as fraud or
    forgery or cyber crime where I would argue
  • 14:14 - 14:19
    you cannot find the typical cyber
    criminals flight pattern, flight patterns.
  • 14:19 - 14:24
    It's just not possible. And so but but the
    PNR directive itself is only the one
  • 14:24 - 14:29
    thing. We are fighting this for reasons
    that go way beyond the PNR processing so
  • 14:29 - 14:36
    the processing of PNR flight data, because
    it may set a dangerous precedent for other
  • 14:36 - 14:41
    mass surveillance. Already now PNR
    processing is being discussed for buses
  • 14:41 - 14:45
    that cross borders, for ships and trains.
    And there are some countries such as
  • 14:45 - 14:51
    Belgium that have already enacted the very
    much. And why stop there, might a police
  • 14:51 - 14:56
    officer argue. Why not include rental cars
    that cross borders? Why not at some point
  • 14:56 - 15:00
    include private cars that cross borders?
    Why not get away with that requirement of
  • 15:00 - 15:04
    crossing borders? Why not have everybody
    checked all the time, maybe via their
  • 15:04 - 15:10
    mobile phones? So when we give way to this
    sort of data processing with such a low
  • 15:10 - 15:16
    threshold of effectiveness, we open the
    door for all sorts of, um, of activity
  • 15:16 - 15:21
    that at least from our point of view, is
    illegal. And the question you were maybe
  • 15:21 - 15:27
    asking yourself or maybe not. Is this
    legal? We are convinced it is not. And
  • 15:27 - 15:35
    luckily, we could rely on a legal opinion
    that the European Court of Justice ECJ has
  • 15:35 - 15:41
    rendered a two and a half years ago. There
    is one PNR agreement in place between the
  • 15:41 - 15:46
    EU and the USA, which has not been
    challenged yet. And another agreement was
  • 15:46 - 15:51
    supposed to be known or was negotiated
    between the EU Commission and Canada, and
  • 15:51 - 15:57
    the EU Parliament then presented the
    question to the ECJ whether this agreement
  • 15:57 - 16:02
    would be violating fundamental rights of
    the Charter of Fundamental Rights of the
  • 16:02 - 16:09
    European Union. And the ECJ concluded that
    it would, in the form that it was proposed
  • 16:09 - 16:14
    to it, breach Article 7 and 8 of that
    charter's. Article 7 as the right to
  • 16:14 - 16:18
    privacy in Article 8 is the right to have
    your data protected, your personal data
  • 16:18 - 16:24
    protected. And we are, of course, relying
    heavily on that, on the arguments that the
  • 16:24 - 16:29
    court developed and developing them even
    further, because; as you can imagine, the
  • 16:29 - 16:35
    PNR, the agreement with Canada and the PNR
    directive are quite similar. So what are
  • 16:35 - 16:41
    these arguments that we are bringing up?
    And we've shown already that the
  • 16:41 - 16:46
    effectiveness is highly doubtful. And this
    leads us to concluding that the PNR
  • 16:46 - 16:50
    directive is disproportionate. So it
    violates human fundamental rights. For
  • 16:50 - 16:56
    several reasons. One being a point that
    we've both raised already that PNR
  • 16:56 - 17:00
    processing indiscriminately affects all
    passengers. And this is a very important
  • 17:00 - 17:05
    point, because it makes it shows the
    difference between PNR processing under
  • 17:05 - 17:09
    the PNR directive and what was formerly
    the the data retention of
  • 17:09 - 17:15
    telecommunications data. Because the
    latter would require a specific case,
  • 17:15 - 17:20
    something must have had happened in order
    for the law enforcement to ask for the
  • 17:20 - 17:26
    telecommunications data of the
    telecommunications provider. But our
  • 17:26 - 17:32
    PNR data on flights is checked all the
    time, always, against databases, and even
  • 17:32 - 17:37
    more importantly, the predetermined
    criteria, which we, of course, do not know
  • 17:37 - 17:42
    nothing about. And this brings with it
    especially the last point, the
  • 17:42 - 17:46
    predetermined criteria, are high risk of
    false accusations. We've already seen that
  • 17:46 - 17:53
    99.6% of data base matching, automatic
    data is matching is wrongful. And imagine
  • 17:53 - 18:00
    how much higher the number would be with
    checking against predetermined criteria.
  • 18:00 - 18:06
    And that the reason why we expect many
    false accusations, false positives, is the
  • 18:06 - 18:09
    so-called base rate fallacy, which
    basically says that when you're looking
  • 18:09 - 18:14
    for a very small amount of people in a
    large dataset and you have a significant
  • 18:14 - 18:19
    fail rate, you're very likely to produce
    more false positives, maybe many more
  • 18:19 - 18:24
    false positives than true positives. So
    actual suspects, or not suspects, but
  • 18:24 - 18:28
    actual terrorists. So, for instance, when
    you if you're checking 100 million flight
  • 18:28 - 18:33
    passengers. And you're looking for 100
    terrorists, and you have even a fail rate
  • 18:33 - 18:40
    of 0.1%, not the 99.6 that we're talking
    about now, but even just 0.1%, this would
  • 18:40 - 18:45
    render this would this would render
    100 000 flight passengers subject to to
  • 18:45 - 18:51
    to being suspected terrorists. So you
    would have 100 000 false positives, 100
  • 18:51 - 18:55
    terrorists that let's assume all of them
    so that they had a positive success rate
  • 18:55 - 19:00
    of 100 percent identifying positively as a
    terrorist suspect. Then you will have
  • 19:00 - 19:07
    100 000 false positives, 100 people that
    are correctly suspected. But everybody, of
  • 19:07 - 19:11
    course, will be treated the same. And what
    I've listed here are just the obvious
  • 19:11 - 19:17
    things, stigmatization at the airport by
    interrogation, searches of luggage of
  • 19:17 - 19:21
    people and arrests, missing flights.
    And depending on the country
  • 19:21 - 19:27
    you're in you may be in much more trouble
    after that. The second point is that the
  • 19:27 - 19:33
    data is being stored way too long. As
    Walter has already mentioned 5 years. Why
  • 19:33 - 19:39
    do you need 5 years worth of data to check
    a database entry or against a
  • 19:39 - 19:43
    predetermined criteria? Of course, you
    don't needed it for that. Because you
  • 19:43 - 19:48
    could do that immediately after a person
    has boarded. You can perform the check and
  • 19:48 - 19:53
    then you could get rid of the data, delete
    it after it's being used. The reason why
  • 19:53 - 19:57
    they're storing it so long as that law
    enforcement and intelligence agencies have
  • 19:57 - 20:01
    an interest that goes beyond that checking
    after boarding, they want to keep the data
  • 20:01 - 20:07
    and check it in future, criminal
    investigations in future, looking into a
  • 20:07 - 20:11
    person, what where they've traveled and so
    on and so forth. But that has nothing to
  • 20:11 - 20:16
    do with the original purpose of PNR, the
    PNR directive. And what at least everybody
  • 20:16 - 20:21
    here will know in all data storing, so
    data storing is in itself a problem. It's
  • 20:21 - 20:25
    in itself a violation of fundamental
    rights when there is no legitimate reason
  • 20:25 - 20:30
    to do so. But also all data storage puts
    the data stored at risk. And as we've
  • 20:30 - 20:35
    mentioned already, there's the payment
    data, especially there's other other
  • 20:35 - 20:39
    sensitive data with whom you've traveled,
    whether you've traveled with light luggage
  • 20:39 - 20:46
    or not, where you have gone to, via which
    place and so on and so forth. Another
  • 20:46 - 20:49
    point, which is a bit more complicated is
    that the director does not sufficiently
  • 20:49 - 20:54
    differentiate between crimes where
    automatic profiling could make sense and
  • 20:54 - 21:00
    others. So as I have said, there may be a
    point in saying that the typical
  • 21:00 - 21:06
    terrorists would fly from A to B via C
    without checking in luggage using this or
  • 21:06 - 21:11
    that tourist office and so on and so
    forth. So maybe just assume that this is
  • 21:11 - 21:17
    the case. This, no one can can tell me
    that there is a typical flight pattern of
  • 21:17 - 21:23
    a fraudster where you could ask someone
    define which way a fraudster typically
  • 21:23 - 21:28
    flies and identify such a person. So what
    the directive would have needed to do if
  • 21:28 - 21:32
    they wanted had wanted to check against
    predetermined criteria would have been to
  • 21:32 - 21:39
    identify for which crimes - exactly, and
    only for these - you can use such a voodoo
  • 21:39 - 21:44
    miracle weapon. And finally, these are not
    the only arguments, but the more most
  • 21:44 - 21:49
    important ones. We expect that the false
    positives especially will lead to
  • 21:49 - 21:55
    discrimination against minorities. And one
    example that the German National Police,
  • 21:55 - 22:01
    the Bundeskriminalamt has given us for a
    predetermined criteria are young men
  • 22:01 - 22:07
    flying from airports from the south of
    Turkey to a major European city. So
  • 22:07 - 22:11
    they're thinking about former IS fighters,
    IS terrorists. And as you can easily
  • 22:11 - 22:16
    imagine what kind of people will be
    sitting in in in a on a plane that's
  • 22:16 - 22:20
    coming from the south of Turkey to Germany
    or to any other European country. Of
  • 22:20 - 22:26
    course, this will affect them
    disproportionately, affect minorities. And
  • 22:26 - 22:32
    it is already now highly intransparent
    what how these these predetermined
  • 22:32 - 22:38
    criteria are developed. And imagine a near
    future where law enforcement will
  • 22:38 - 22:43
    naturally try to involve artificial
    intelligence and finding patterns in the
  • 22:43 - 22:48
    raw data of flight movements of PNR data,
    of the treasure they're now hoarding with
  • 22:48 - 22:55
    a five year worth of data. And at the
    latest, at that point in time, it will be
  • 22:55 - 23:01
    impossible for us to understand why a
    certain criterion was defined and how how
  • 23:01 - 23:04
    to challenge it when you're in the
    position to be arrested at the airport,
  • 23:04 - 23:10
    for instance. So what can we do? And
    that's where we come in. The two
  • 23:10 - 23:16
    organizations that we are. We are no
    typical advocacy organizations, but we do
  • 23:16 - 23:21
    strategic litigation. Because
    unfortunately no advocacy worked on the
  • 23:21 - 23:26
    PNR directive. It came into force pretty
    much as the, um, as national law
  • 23:26 - 23:34
    enforcement wanted it to be. And so there
    is one instance, one authority at the time
  • 23:34 - 23:39
    that in Europe, in Germany, in Europe, the
    European Union, the courts, which can
  • 23:39 - 23:45
    which can ideally, um, dismiss of the
    reasons of the motivations of law
  • 23:45 - 23:51
    enforcement to have such a directive
    enforced and can try to objectively assess
  • 23:51 - 23:57
    whether this is actually legal and should
    remain in force, stay in force or not. And
  • 23:57 - 24:02
    we did this through litigation both in
    Germany and in Austria, and both are
  • 24:02 - 24:06
    having the same goal, which is to present
    to the European Court of Justice the
  • 24:06 - 24:12
    question whether the PNR directive and any
    national law that is transposing the PNR
  • 24:12 - 24:18
    directive is in violation of the Charter
    of Fundamental Rights. Why do we have to
  • 24:18 - 24:23
    go? Why is the ECJ important? Because when
    you have a national law that directly
  • 24:23 - 24:31
    transposes a European law, a directive,
    then then only the ECJ can declare such a
  • 24:31 - 24:35
    law void. There is no way for, for
    instance, in Germany, the federal
  • 24:35 - 24:40
    constitutional court, the
    Bundesverfassungsgericht, to say that this
  • 24:40 - 24:46
    law should not be applied any longer. This
    question must be presented to the ECJ. So
  • 24:46 - 24:51
    how could we get to the ECJ? This actually
    was a process that took us quite a bit of
  • 24:51 - 24:56
    time. It's been two years in the making. A
    year ago, we launched six different
  • 24:56 - 25:01
    complaints of six different plaintiffs
    that are flying all over Europe, that we
  • 25:01 - 25:06
    booked flights for them that led them to a
    European member states, a European Union
  • 25:06 - 25:11
    member states and two states outside of
    the European Union. And we sent the
  • 25:11 - 25:16
    complaints to three different courts. The
    one, two complaints were directed against
  • 25:16 - 25:20
    the German national police and went to the
    administrative court in Wiesbaden, and
  • 25:20 - 25:25
    four others were directed against the
    airplane airlines. So we tried to
  • 25:25 - 25:31
    diversify as much as possible in order to
    find a judge that would agree with us that
  • 25:31 - 25:37
    this is problematic and this needs
    checking. And we are optimistic that
  • 25:37 - 25:44
    either the court in Wiesbaden or the court
    in Cologne will soon present these very
  • 25:44 - 25:48
    questions to the court, whether the German
    transposition law and the PNR directive
  • 25:48 - 25:53
    itself are violating fundamental rights
    after European of the Charter of the
  • 25:53 - 25:59
    European Union.
    Walter: So as Bijan already mentioned, our
  • 25:59 - 26:05
    aim is to bring our case as quick as
    possible to the European Court of Justice.
  • 26:05 - 26:11
    So we had different options. And in Austria,
    we went a third way. We brought a case
  • 26:11 - 26:19
    before the Austrian Data Protection Authority
    against the Fluggastdatenzentralstelle
  • 26:19 - 26:25
    im Bundeskriminalamt, a passenger
    named unit. And we we brought several
  • 26:25 - 26:31
    different cases and we also found out that
    different, smaller things which we are on.
  • 26:31 - 26:38
    But the main thing is that this case
    already went as planned to the
  • 26:38 - 26:47
    Bundesverwaltungsgericht, so the federal
    administrative court in Austria. And from
  • 26:47 - 26:55
    there, we hope that is also soon forwarded
    to the European Court of Justice. And
  • 26:55 - 27:02
    theoretically, it would be enough if one
    case hits the European Court of Justice.
  • 27:02 - 27:08
    But practically, it is, of course, very
    important to have different strategies
  • 27:08 - 27:16
    because there are different speeds and so
    on. So that's why we also should mention
  • 27:16 - 27:23
    another case, the the Belgian case. So
    this Belgian human rights organization,
  • 27:23 - 27:29
    they also brought the case before a
    Belgian court. In this case, it was
  • 27:29 - 27:35
    directly the Belgian constitutional court.
    So they had a direct way to the
  • 27:35 - 27:40
    constitutional court, unlike our cases in
    Austria, where this or in Germany where
  • 27:40 - 27:47
    this was not possible. And therefore, the
    Belgian constitutional court already
  • 27:47 - 27:55
    referred this case to the European Court
    of Justice. And we are hoping that our
  • 27:55 - 28:01
    case will be soon or cases, or at least
    some of them will soon be joined with this
  • 28:01 - 28:11
    case at the European Court of Justice, and
    then decided together. So to sum up, we
  • 28:11 - 28:20
    have actually a very infringing piece of
    legislation the PNR directive, PNR
  • 28:20 - 28:29
    processing, as Bijan explained to us in
    more detail, is extremely intrusive in all
  • 28:29 - 28:35
    flight passengers' fundamental rights. It
    violates fundamental rights, especially
  • 28:35 - 28:41
    because it is already... is also
    ineffective and disproportionate. So we
  • 28:41 - 28:48
    heard about these different things. The
    base rate fallacy that it is ineffective
  • 28:48 - 28:54
    and disproportionate because it is not
    really possible to find specific suspects
  • 28:54 - 29:03
    in such amount of data with without having
    a lot, a real lot of false positives. So
  • 29:03 - 29:08
    other arguments are that it is data
    retention in the first place. So also
  • 29:08 - 29:15
    already the retention of the data of
    people like you and me is a big problem
  • 29:15 - 29:23
    and unlawful. And this general suspicion
    it leads to. So everybody becomes a
  • 29:23 - 29:30
    suspect and can become practically a
    suspect, can get problems practically from
  • 29:30 - 29:39
    that legislation without being a criminal.
    And yeah, we have strong arguments as we
  • 29:39 - 29:49
    showed you already, the case of the Canada
    PNR directive, the PNR agreement with
  • 29:49 - 29:55
    Canada is very similar in practice to the
    PNR directive. So the arguments already
  • 29:55 - 30:01
    held before the European Court of Justice.
    So actually, it's a shame that this was
  • 30:01 - 30:08
    not stopped earlier. And civil rights
    organizations as we are have to do that.
  • 30:08 - 30:17
    And that's what we do. And that's also why
    we depend on donations. So that's also
  • 30:17 - 30:22
    important to stress that our work people
    having people fully employed to do things
  • 30:22 - 30:29
    like that cost some money. And that's
    where you can find us. So we have a
  • 30:29 - 30:36
    campaign website, nopnr.eu in German
    and English. And you can find us, of
  • 30:36 - 30:41
    course, on our website and both websites
    and find ways how to join us, how to
  • 30:41 - 30:47
    support us. And also still today, you can
    meet us at our assembly in the CCL
  • 30:47 - 30:53
    building the about freedom assembly, where
    both the Gesellschaft für Freiheitsrechte
  • 30:53 - 31:01
    and Epicentre Works have their desk and
    you can ask all the question. But first,
  • 31:01 - 31:03
    ask all your questions now. Thank you.
  • 31:03 - 31:07
    Applause
  • 31:07 - 31:15
    Herald: Thank you, Walter and Bijan, for
    this very clarifying statements. I suppose
  • 31:15 - 31:19
    there are quite some questions here in the
    audience. Only I'm looking at someone
  • 31:19 - 31:32
    who's grabbing a microphone now. I see the
    signal angel. Yes. The mic is not on. Can
  • 31:32 - 31:48
    someone help him? Signal Angel needs a mic.
    Yes, it's almost there. Brains are
  • 31:48 - 31:51
    working.
    Signal Angel: Thank you. Is there a cheap
  • 31:51 - 31:55
    method to spam for some trees, for
    example, by booking flight under a false
  • 31:55 - 32:03
    name and then canceling the flight?
    Bijan: Well, I think it's it's difficult
  • 32:03 - 32:07
    to say. I didn't get the very first words.
    Sorry.
  • 32:07 - 32:11
    Signal Angel: Yes, the very first one was:
    is there a cheap method to spam, to spam
  • 32:11 - 32:15
    for some trees?
    Bijan: Yeah. Theoretically, I don't think
  • 32:15 - 32:19
    that anything could speak against that.
    Yeah, but the problem is that you would
  • 32:19 - 32:24
    need to cancel very late because, um, I
    think the first time they push the data,
  • 32:24 - 32:28
    the airlines are pushing the data to the
    national police is, 48 hours before the
  • 32:28 - 32:33
    before boarding. So that might come to
    become a bit expensive.
  • 32:33 - 32:34
    Laughter
  • 32:34 - 32:39
    Walter: I would want to make a general
    remark also on that. Of course, here,
  • 32:39 - 32:44
    especially here, thoughts like that, how
    to hack the system are very important and
  • 32:44 - 32:51
    can help. But our general approach is to
    take legal action to protect all people at
  • 32:51 - 32:56
    the same way, and not only those who who
    are able to protect themselves or hack the
  • 32:56 - 33:04
    system or whatever. So that's the reason
    why we both go this general way to bring
  • 33:04 - 33:11
    that down. Completely.
    Herald: And other question here. Yes.
  • 33:11 - 33:21
    Sorry, sir. Please.
    Q: What do you expect as a result of your
  • 33:21 - 33:27
    litigation if you are successful in court?
    Will ... do you expect the courts to
  • 33:27 - 33:34
    strike down the directive entirely, or do
    you expect another legislative process to
  • 33:34 - 33:42
    do the same thing again or to fix, quote
    unquote, the directive in very small ways
  • 33:42 - 33:48
    just to to drag out this battle and
    continue the practice. What do you think
  • 33:48 - 33:52
    the effects will be?
    Bijan: Well, we think that the European
  • 33:52 - 33:56
    Court of Justice, if it follows our
    argument, our reasoning, it should it will
  • 33:56 - 34:00
    strike down the PNR directive entirely,
    because the way it is set up is
  • 34:00 - 34:07
    fundamentally not in in accordance with
    what it earlier ruled so far. Unless it
  • 34:07 - 34:11
    will change its its entire history of
    ruling on data retention and so on and so
  • 34:11 - 34:16
    forth. But of course, we will expect the
    member states to push for another
  • 34:16 - 34:21
    legislation that may be similar, but not
    the exact same thing. So I can imagine
  • 34:21 - 34:26
    something of a of the sort of data
    retention of telecommunications, as it
  • 34:26 - 34:31
    were, and with airlines retaining the data
    and keeping it for a shorter period of
  • 34:31 - 34:36
    time and only giving it out when there is
    a specific request with, where there is a
  • 34:36 - 34:41
    specific reason for law enforcement to ask
    for the data. I could imagine such a thing
  • 34:41 - 34:46
    coming up again and then we would need to
    check whether this is illegal or not. And
  • 34:46 - 34:50
    maybe go through the whole procedure as
    well. But it is it would be an immense
  • 34:50 - 34:56
    success if the PNR directive as it stands
    would be void. Declared void.
  • 34:56 - 35:02
    Herald: Thank you. Someone else has a
    question. I see the person here.
  • 35:02 - 35:11
    Microphone one, please.
    Q: Hel-lo, yeah. Okay, so you had the
  • 35:11 - 35:15
    agreement that, uh, there are a lot of
    false positives when they checked up PNR
  • 35:15 - 35:21
    data. Um, do we have any information how
    long it takes for them to react on the PNR
  • 35:21 - 35:26
    data if they get a positive hit? So maybe
    they won't react after the person has
  • 35:26 - 35:31
    landed and already, uh, is in the country?
    Bijan: They claim that they can act
  • 35:31 - 35:37
    immediately, but we can't know that for
    sure. So the fact that they had 57 arrests
  • 35:37 - 35:42
    at the airports signals that at least that
    in some respects this is true. But we
  • 35:42 - 35:47
    cannot know for sure how much, how quickly
    they they they kind of react. And keep in
  • 35:47 - 35:52
    mind, this is only the start. So, so far
    in Germany, right up until the point where
  • 35:52 - 35:57
    this the data that I presented for Germany
    came about, there were only 9 airlines, I
  • 35:57 - 36:01
    think, that were linked to the system. So
    expect there to be much more data coming
  • 36:01 - 36:06
    in. And once they start with a
    predetermined criteria thing, this will
  • 36:06 - 36:13
    multiply probably. Um, even so, I cannot
    imagine unless they they ... have this
  • 36:13 - 36:20
    new, um, thing with hundreds of people
    involved that they can act immediately in
  • 36:20 - 36:26
    each and every case.
    Herald: Thank you. There is a question
  • 36:26 - 36:30
    again on the Internet. Yes.
    Signal Angel: Yes. How come, you haven't
  • 36:30 - 36:35
    tried voiding the local at one provisions
    that this PNR there for intra EU flights? (???)
  • 36:35 - 36:39
    That seems most likely against Schengen
    provisions.
  • 36:39 - 36:45
    Bijan: We have addressed that as well. We
    have picked intra-EU flights also. We have
  • 36:45 - 36:52
    not just picked flights that go extra EU,
    but, we've also made the point about the
  • 36:52 - 36:58
    the violation of Schengen criteria. But
    that is not so much that is not the focus
  • 36:58 - 37:03
    of our argument because they are, in our
    opinion, much stronger ones. Because with
  • 37:03 - 37:07
    Schengen you would need to argue that it's
    practically impossible to enter the
  • 37:07 - 37:13
    country without being held up and you're
    not being held up in a physical form, at
  • 37:13 - 37:19
    least not in general, generally. And so
    this argument is a bit more difficult than
  • 37:19 - 37:25
    having an actual border checking of
    people. But we're making this point, of
  • 37:25 - 37:30
    course. And but we rely on other points
    that we think are stronger.
  • 37:30 - 37:36
    Herald: Okay. Please. Microphone number
    one, please.
  • 37:36 - 37:40
    Q: Is there also data being collected on
    flights inside a country. So, for example,
  • 37:40 - 37:44
    from Munich to Berlin.
    Bijan: Not yet. Not under the directive.
  • 37:44 - 37:48
    And theoretically, of course, that the
    German legislator or any other legislator
  • 37:48 - 37:52
    could decide to include that as well, but
    not so far.
  • 37:52 - 37:56
    Herald: Number two, please. Microphone.
    Yeah.
  • 37:56 - 38:02
    Q: I was wondering how much, uh, false
    negatives are in there. You know, that,
  • 38:02 - 38:08
    like, uh, these big databases. If I don't
    act like a normal terrorist or something
  • 38:08 - 38:11
    than I am?
    Bijan: We don't we don't know,
  • 38:11 - 38:15
    unfortunately, not yet. Um, I did. I think
    it would be very interesting, especially
  • 38:15 - 38:22
    for the predetermined criteria , to see
    how many they miss. Um, but yeah. No, not
  • 38:22 - 38:29
    nothing at.
    Herald: Yeah, and there is no undo button,
  • 38:29 - 38:34
    I think. No. No. No undo. That's always
    the thing that I that I'm worried about,
  • 38:34 - 38:38
    you know. Then you have an announcement
    about France's data that go out and then
  • 38:38 - 38:44
    you can't have an undo. So what do we do
    then? It's always new. Yeah, you can keep
  • 38:44 - 38:49
    this for five years now. But who says it's
    there for five years and what kind of
  • 38:49 - 38:52
    interpretation to get out of it for five
    years? After five years?
  • 38:52 - 38:55
    Bijan: You can't know in
    which database you will be transferred in
  • 38:55 - 39:00
    the meantime, because law enforcement can
    access the data of that very data set and
  • 39:00 - 39:04
    forth for that data and the PNR data set
    and put it in another data set because
  • 39:04 - 39:08
    they have whatever reason to do so. And
    then these are again enlarged and
  • 39:08 - 39:13
    enlarged. And then you will find another
    reason why they should remain in there for
  • 39:13 - 39:17
    a longer time. So, yeah. That's why we're
    fighting this now and hoping to change the
  • 39:17 - 39:19
    future.
    Herald: How do you see your chances?
  • 39:19 - 39:27
    Actually, uh, a long term or short term
    chances to get to that point is that?
  • 39:27 - 39:30
    Bijan: We are very convinced that we will
    be successful, because otherwise we
  • 39:30 - 39:34
    wouldn't have started this. This is one of
    our principles. We only do things that we
  • 39:34 - 39:38
    are convinced of being able to win and we
    think that we will win this. And what will
  • 39:38 - 39:42
    come out of it? Referring to the I think
    the second and the second question
  • 39:42 - 39:47
    earlier. And what will be happening in the
    future with other legislation? I can't
  • 39:47 - 39:51
    know. But one argument the police is
    always making or in private, at least to
  • 39:51 - 39:56
    me, are is that they're saying, well,
    people will get used to it and it won't be
  • 39:56 - 40:01
    in in five or 10 years. Nobody's gonna be
    wondering about things like this. And this
  • 40:01 - 40:05
    is exactly what we are working against,
    that this never becomes normal, because if
  • 40:05 - 40:07
    this becomes normal, as I've argued
    before,
  • 40:07 - 40:11
    applause
    Herald: needs an applause Yes.
  • 40:11 - 40:15
    Bijan: If it becomes normal, as I've
    argued before, it is easy to extend it to
  • 40:15 - 40:21
    all sorts of life and ways of life and
    walks of life. And this then would be in a
  • 40:21 - 40:26
    surveillance state par excellence.
    Herald: We were very close there. So we
  • 40:26 - 40:30
    need to support them really hard. There is
    one last question I suggest. No. There is
  • 40:30 - 40:36
    two questions. Number two. Yes.
    Q: Does the PNR directive apply only for
  • 40:36 - 40:39
    regular scheduled flights? So does it also
    apply for private flights? The general
  • 40:39 - 40:43
    aviation business flights, etc.?
    Bijan: Good question. I don't know.
  • 40:43 - 40:49
    Actually, I look into that and. Write me!
    Come, come here later and I'll check and
  • 40:49 - 40:52
    I'll give you an answer.
    Herald: Then there is one at number one.
  • 40:52 - 40:57
    Q: I just wanted to ask a question in
    response to the idea that this is becoming
  • 40:57 - 41:02
    very normal, because one thing that I
    think has become very normal that hasn't
  • 41:02 - 41:08
    been mentioned explicitly is the idea that
    people can be essentially put on a watch
  • 41:08 - 41:13
    list as being a potential criminal in the
    absence of a crime. And we have these
  • 41:13 - 41:20
    terrorist watch lists all over the world
    now. That is now the new normal. And I
  • 41:20 - 41:25
    think that's very problematic. And can you
    just maybe talk about: Do we, do you see a
  • 41:25 - 41:31
    future where we can actually get back to,
    you know, only arresting or investigating
  • 41:31 - 41:34
    people because of probable cause, for
    example?
  • 41:34 - 41:39
    Bijan: Oh, I hope that this will be our
    future. But, uh, about that point, that
  • 41:39 - 41:44
    very point, I'm not too optimistic, to be
    honest. I am optimistic about one other
  • 41:44 - 41:49
    one. Another thing that is that these
    instruments that are now being created
  • 41:49 - 41:53
    will prove to be highly ineffective, as
    we've so now see now already with checking
  • 41:53 - 41:58
    against databases, that is already a lot
    of work and very tedious work. But with
  • 41:58 - 42:04
    the idea that you can define criteria for
    people that that are legitimately to be
  • 42:04 - 42:09
    suspected of committing a crime in the
    future, I think it will prove, at least
  • 42:09 - 42:13
    for the next few decades, to be quite
    impossible. And this is I don't know if
  • 42:13 - 42:20
    this came across correctly sufficiently,
    but this is really the core issue that we
  • 42:20 - 42:26
    have with the PNR directive. They are
    claiming that they can find suspects of
  • 42:26 - 42:32
    crimes or future crimes. Imagine! Not not
    someone that has committed a crime or that
  • 42:32 - 42:37
    will definitely commit a crime, but that
    can reasonably be suspected of committing
  • 42:37 - 42:44
    a crime in the future, and then act upon
    that. And that is really a huge step into
  • 42:44 - 42:49
    what I called voodoo, about the
    expectation that you can take data and
  • 42:49 - 42:55
    prevent crime. Minority Report times.
    Yeah. To the power five. I don't know.
  • 42:55 - 43:01
    Herald: Sit back and relax. Thank you
    Bijan and thank you, Walter, for this
  • 43:01 - 43:09
    fantastic lecture. Please support them at
    noPNR dot EU, go to their booth as well.
  • 43:09 - 43:11
    And thank you all.
  • 43:11 - 43:22
    36C3 postroll music
  • 43:22 - 43:38
    Subtitles created by c3subtitles.de
    in the year 2021. Join, and help us!
Title:
36C3 - #NoPNR – Let’s kill the next Data Retention Law
Description:

more » « less
Video Language:
English
Duration:
43:38

English subtitles

Revisions