Digital Brief: Wiretapping in the age of 5G

The Digital Brief is Euractiv's weekly tech newsletter.

Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here

 

 “You cannot trust your connection to be as strongly protected as it seems.”

– GUE MEP Corniela Ernst, January 15, 2020. 

 

5G. Yesterday, we reported that the European Commission is working alongside Europol and EU member states to “identify appropriate ways of preserving lawful interception capabilities in 5G networks,” according to Ylva Johansson, the EU’s Home Affairs Commissioner.

With 5G’s 256-bit encryption, clandestine interception becomes technically challenging. As a result, for security services to obtain data for the purposes of criminal investigation, either software standards would have to be lowered, or backdoors would have to be built into the hardware.

We caught up with MEP Cornelia Ernst to hear her thoughts on the subject. She told us that because 5G is designed the way it is, with connections encrypted by default all connections “will always look like they were genuinely encrypted using state-of-the-art technology.” She added: “The result is that you cannot trust your connection to be as strongly protected as it seems.” Read more here.

Brussels spies? Yesterday, German prosecutors disclosed that they are investigating three people who had reportedly been spying on behalf of the Chinese state, including a former EU diplomat, according to media reports. Last year, we reported that “hundreds” of Russian and Chinese spies have been planted in and around Brussels’ EU quarter.

In this context, the Council’s High Working Party on cyber meets on 17 January. As part of the agenda, the European External Action Service will debrief the working party on the EU-China Cyber Taskforce meeting that took place 13 January 2020.

Huawei in UK. “I just want to make it very clear, Huawei will not be involved in our critical national infrastructure,” the UK’s Digital Secretary Nicky Morgan told Bloomberg Television yesterday. “The security, the safety of that infrastructure is absolutely paramount when the government is going to be making that decision.” However, the admission was not a full-fledged disclosure of whether the UK would allow Huawei involvement in either core or non-core aspects of its 5G infrastructure. Morgan is set to clarify the UK government’s position on this “in due course” a DCMS official told EURACTIV recently.

Meanwhile, Morgan delivered a speech yesterday, rallying for a pro-innovative approach to tech regulation. She decided to omit any explicit commitments to the UK’s future data protection regime – surprising, as the UK will soon be subject to a prospective EU adequacy decision on data transfers between the bloc and the UK. We previously outlined the hurdles in this regard as part of a Special Brexit edition of the Digital Brief.

Mass security data retention ‘unlawful.’ Meanwhile, cases of ‘general and indiscriminate’ data retention by EU national security authorities seriously interfere with the privacy protections enshrined in the EU Charter of Fundamental Rights, according to a non-binding opinion from the European Court of Justice delivered on Wednesday (15 January).

Advocate-General Sánchez-Bordona noted that the “general and indiscriminate retention of all traffic and location data of all subscribers and registered users is disproportionate” and authorities should rather conduct a “limited and discriminate retention of data,” unless in the case of a ‘state of emergency.’

Common Charger. At the time of writing, MEPs have not yet voted on a resolution to support measures obliging industry players to develop a common charger. During a debate on the issue on Monday, MEPs said the Commission’s previous approach in this arena of “encouraging industry to develop common chargers, fell short of the co-legislators’ objectives.”

“The voluntary agreements between different industry players have not yielded the desired results,” a statement from lawmakers read. The Commission is now due to publish a study on common chargers by the end of the month.

YouTube Climate Misinformation. A new investigation by activist group Avaaz has found that YouTube has been driving millions in traffic to climate denial videos with its recommendation algorithm, while also running ads on some of these videos from top green and household brands.

Avaaz’s report uncovered evidence that 16% of the top 100 related videos for the search term “global warming” contained misinformation.

A statement from Julie Deruy, a senior campaigner at Avaaz, read: “YouTube is the largest broadcasting channel in the world, and it is driving millions of people to climate misinformation videos. This is not about free speech, this is about the free advertising YouTube is giving to factually inaccurate videos that risk confusing people about one of the biggest crises of our time.”

US push ‘soft-regulation’ AI stance.  Gen. John Shanahan, director of Joint Artificial Intelligence Center at the  U.S. Department of Defense, is in Brussels today for talks with EU and NATO officials.

Speaking to reporters yesterday, Shanahan highlighted concerns with the use of some AI technologies, including facial recognition. “Ubiquitous social surveillance, facial recognition is an area that we have a concern about, used by authoritarian regimes.  Again, it’s not the technology itself I’m worried about; it’s how the technology is being used,” he said.

Despite this, Shanahan reiterated an earlier statement from the White House that the EU should avoid heavy regulation in the field of AI. Responding to a question from EURACTIV, he said: “The last thing we want to do in this field of emerging technology moving as fast as it is, is to stifle innovation. Over-regulating artificial intelligence is one way to stifle innovation and do it very quickly.” Shanahan did, however, add that his government realise that “self-regulation will not work everywhere all the time,” and finding common ground with NATO and the EU in this regard was one of the objectives during his time in Brussels this week.

Cybercrime. Yesterday, the EU delegation to the Council of Europe underlined their commitment to the CoE’s Budapest Convention on cybercrime. “We need to protect an open free, interoperable and secure Internet and to fight cybercrime by supporting its implementation and development,” a statement from the EU read.

However, this comes after the EU refused to support the UN General Assembly Resolution “Countering the use of information and communications technologies for criminal purposes”, adopted on 27 December 2019, which the US and EU had believed could lead to a crackdown on freedom of expression.

Italy Facebook fine. Italian authorities have slapped the social media giant with a €5 million fine for falsely claiming that use of the platform was free of charge, and for a lack of clarity in how the platform uses data. This comes after the recent announcement that the Hungarian Competition Authority, the GVH, has fined Facebook €3.6 million for alleged violations of the country’s competition law, for advertising its services as being free of charge on its home page and Help Centre.

Germany facial recognition criticism. After the recent news that Germany’s Interior Minister Horst Seehofer plans to use automatic facial recognition at 134 railway stations and 14 airports, an alliance between civil society and politicians has called for the banning of this surveillance technology, Euractiv’s Phillip Grull reports.

Finnish Data Protection. POP Pankki (POP Bank) the Finnish cooperative banking group has been issued with a notice from the Finnish Assistant Data Protection Commissioner regarding a 2019 security breach. Allegedly, the bank provided incomplete information on its website and Facebook page as to whether all the individuals who had been compromised were personally informed or not.

Two journalists arrested after publishing ‘fake news’. Late on Sunday (12 January) evening, the Montenegrin police arrested two journalists of pro-Serb news websites, Gojko Raičević and Dražen Živković. The two editors of the in4.net and borba.me were taken into custody for inducing panic in a public space because they had published information about an explosion in Vila Gorica Palace, in which senior state officials, including Montenegrin President Milo Đukanović, organise receptions for distinguished guests. But have there been other so-called ‘fake news’ cases? EURACTIV Croatia‘s Željko Trkanjec digs deeper.

Football ‘(anti)hero’ case sparks whistleblower debate. Seen as a ‘hero’ for some and a ‘villain’ for others, the creator of Football Leaks, Rui Pinto, will know this Monday how many crimes he will be tried for. The country’s whistleblower laws will be put to the test in what is an unparalleled case for Portugal. Lusa‘s João Godinho and Jorge Afonso Silva have the story.

***

On my radar.

Parliament’s LIBE Committee features a lot of interesting digital files next week. There’s a Commission Presentation on the controversial e-Evidence file, an exchange of views with Justice Commissioner Didier Reynders, an update on negotiations for the online terrorist content regulation, as a well as a presentation from the Croatian Presidency on the e-Privacy regulation. 

 

What else I’m reading this week:

Subscribe to our newsletters

Subscribe

Want to know what's going on in the EU Capitals daily? Subscribe now to our new 9am newsletter.