Tuesday, January 28, 2014

CPDP14 - a surveillance recap

After the recent flurry of Calls, here's another conference recap with relevance to STS and surveillance studies. This year's edition of CPDP, which took place in Brussels last week, was indeed heavily coined by the “Snowden revelations” and the ensuing international political debates on PRISM, Upstream, and whatnot. Thus, while CPDP13 had its main scope on the (still ongoing) reform of the European data protection framework, this year it was all about the relationship between privacy (and data protection) and security and surveillance. Highly intriguing! [oh, and just to respond to an emerging theme of the STSS repository: there was pleasantly little explicit talk of “Big Data” - however it was of course always implicitly present as the specter that haunts contemporary discourses on privacy and data protection :)]

As CPDP gets bigger by the year (one of the organizers told me they had 800 people this year, as opposed to last year's 500 – which unfortunately resulted in quite the number of fully packed sessions without a chance for a seat) and is now a 4-track event, my account is necessarily limited to an individual perspective and is of course far from any comprehensive claim (and yes, I admit I skipped a couple panels in order to have a coffee/beer with old colleagues and friends...). Nonetheless, I tried to attend the surveillance related panels and here are some personal impressions and highlights:

As someone who has in fact never engaged with issues of hacking, I felt compelled by the question whether “hackers” should be conceptualized as legitimate and in fact highly ethical actors who unveil governmental/industrial malpractices, empower potential whistleblowers and eventually defend privacy (in some sort of Robin Hood-esque fashion), or whether they should be seen as “criminals” alongside a rather legalistic viewpoint, independent of intentions and outcomes of their activities. What became quite clear during the highly controversial panel was that hacking as a practice of il/legitimate civil disobedience has in fact come a long way from the basements of the 1980s, and that the proportionality between unlawfulness and the public good might actually benefit from some reconsideration with regard to “hacking”.

Resilience as such right now appears as much as an “en vogue” concept as a vague analytical term. In fact, the panel on “Resilience to Surveillance”, organized by the IRISS project, did benefit largely from the conceptual clarification offered by Pete Fussey. His take on the evolution of resilience from robustness to recovery and eventually to adaptability provided a much needed common analytical denominator for the presented case studies in order to properly contextualize distinct forms of resilience across multiple settings. What became apparent during the discussion was that the relationship between resilience and surveillance indeed still needs to be sketched out and that resilience as a distinct concept needs to find its place alongside the notions of counter-surveillance, vigilantism, resistance, and such.

Another major trajectory of CPDP14 was the conflict of security vs privacy (I myself presented a paper on the framing of this conflict within security research and its envisioned “resolution” through privacy-by-design) and its often proposed conceptualization as a trade-off. In particular, a panel organized by the PACT, PRISMS and SurPRISE projects intended to go “beyond the trade-off model”. While all presenters basically agreed in their critique that the model was too simplistic in its assumptions about both its key terms, as well as rather skewed towards security, it became quite clear that it is not that easy to conceptually challenge the notion of a trade-off without in some other way reinforcing it – especially as the “model” has gained a quite powerful status as current “political mantra”. Possible ways eventually were pointed out by Jenneke Christiaens, who, from a criminological perspective, highlighted the importance of fear of crime, trust in security providers, and the need for a disentanglement of the notion of privacy, and by Govert Valkenburg, who emphasized the need for an empirical account of how both security and privacy become translated into elements of socio-technical assemblages.

And what about the analytics of publicly available information? This question, which in fact has been on my mind for quite some time without a satisfactory conclusion, was tackled by a panel on “Open Source Surveillance and Online Privacy”, organized by the Panoptykon Foundation, Bits of Freedom, and Privacy International. And oh boy, those were entertaining 75 minutes! As could be expected from a group of speakers that featured representatives of Privacy International, facebook and the UK Association of Chief Police Officers, the Q&A part turned into more or less open warfare. After sketching out the issues at stake (the definition of “open source”, the practical use of publicly available information in policing and commercial practices, the automation of collection and analytics, questions of the length of data rentention, etc.), facebook's Richard Allan and Ian Redhead from the UK ACPO found themselves under heavy normative fire from the audience and sought to retreat to safe legal terrain. If not for the actual severity of the topic, it would have been delightful!

So much for a couple highlights – I am of course aware that this brief recap can only account for a small fraction of the overall event, and it should thus not be misread as any form of definitive judgment or such. Rather, it should be understand as a highly subjective take on what has once again been a great event. My humble intention here was to highlight the fact that STS and the surveillance studies do play an increasing role when it comes to the still legally dominated debates on privacy and data protection – however, unfortunately triggered by rather unpleasant developments on the global scale...

No comments