The
European Data Protection Supervisor(EDPS) has
condemned the inability of existing legislation to protect citizens
against practices and proposals that amount to the creation of a
state-sponsored surveillance society.
EDPS Peter Hustin called on the European Parliament to pass
primary legislation to define and protect personal data. He also
asked for specific laws to protect such data from abuse under new
data collection and exchange proposals from law enforcement
agencies.
He said agencies that collect, process and store the data should
provide information that would allow individuals to modify their
behaviour to avoid being "profiled" and to obtain redress for
errors and abuses.
The recommendations were part of three opinions that the EDPS
issued in December. The opinions are his response to practices and
proposals related to the fight against terrorism and organised
crime. Many of them have arisen since 9/11.
They cover the collection, processing, exchange and delivery of
airline passenger data (PNR), the
exchange between law enforcement agencies of personal information
including DNA, fingerprint and vehicle records under the
Prüm Treaty, and the
use of RFID tags in consumer products.
Hustinx said existing legislation provides inadequate protection
of personal data against misuse by government agencies and other
potential abusers under the relevant proposals.
The private sector is likely to be affected because it already
collects, processes and transfers much of the primary data required
under the various proposals.
Hustinx said the risks of using data mining tools and
behavioural patterns need to be further assessed, and their
usefulness clearly established, before they are used to fight
crime.
"Building upon different databases without a global view on the
concrete results and shortcomings might otherwise lead to a move
towards a total surveillance society," he said.