The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, has called for existing controls on the export of surveillance and interception technologies to third world countries to be strengthened.
In a blog published online, Buttarelli said there was a “tension between the positive use of ICT tools and the negative impact that the misuse of technology can have on human rights, and especially the protection of personal data and privacy”.
He called for this ‘tension’ to be addressed by individual EU nations, as well as EU policies “by all actors involved in the ICT sector (developers, service providers, sellers, brokers, distributors, and users)”.
Buttarelli believes that under the EU’s ‘dual-use’ regulation, the export of harmful technologies to third countries can be controlled, but that the regulation does not take into account when the technology is being exported to a country where all appropriate safeguards regarding the use of this technology are not provided.
“Therefore, the current revision of the ‘dual-use’ regulation should be seen as an opportunity to limit the export of potentially harmful devices, services and information to third countries presenting a risk for human rights,” he said.
“In the context of dual-use, standards should be developed in order to assess how the ICT or the information at stake might be used and the potential impact on fundamental rights in the EU,” he added.
Buttarelli suggested that an analysis should be completed of the third country, regarding the protection of human rights or what he called “the respect of people’s freedoms”. Only then, he said, should a company give authorisation for the export, and determine which conditions the technologies should be used under.
He added that an assessment of the context within which technologies are used is vital in order to evaluate their impact on human rights.