FBI and Apple finally agree on starting a debate on how to reconcile privacy and safety. Shouldn’t the EU and NGOs be part of it?!

Over the last 2 days both Apple and FBI have called for a “commission” of representative stakeholders to finally discuss constructively on how we can reconcile two crucial rights of citizens, the right of privacy and the right to safety. It has been clear that some kind of structured systematic deliberative discourse and debate is useful to both sides, government and Big IT.

The FBI Director Comey had to said:

We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That’s it. We don’t want to break anyone’s encryption or set a master key loose on the land. I hope thoughtful people will take the time to understand that. Maybe the phone holds the clue to finding more terrorists. Maybe it doesn’t. But we can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead.

Reflecting the context of this heart-breaking case, I hope folks will take a deep breath and stop saying the world is ending, but instead use that breath to talk to each other. Although this case is about the innocents attacked in San Bernardino, it does highlight that we have awesome new technology that creates a serious tension between two values we all treasure: privacy and safety.

Apple calls even more specifically for a Commission or other panel:

We feel the best way forward would be for the government to withdraw its demands under the All Writs Act and, as some in Congress have proposed, form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort.

This new calls for commission in the US are fantastic news.

That is exactly the kind of discussions we have started in Brussels last September 2015, with the 1st Edition of Free and Safe in Cyberspace global event series, with speakers including the EU/US IT security/privacy experts and activists, and top EU official relevant agencies. But we’ve chosen to hold them in the form of a open, transparent and democratic deliberative discourse , as it should, and not in the form of back room secret discussion and deals among powerful governmental agencies and huge IT corporations.

We invite Apple and FBI – and other representative stakeholders from EU, US and world-wide – to join the discussion in our next event in New York and in Rome. We hope that this time even more leading e-privacy and digital rights NGOs, and US/EU intelligence agencies, will accept our invitation to publicly discuss this issues.

Given the track record of how in the past the USG was able to force PRISM and possibly other obligations on large IT players, digital rights and e-privacy NGOs, and other bodies representative of citizens’ interests, should be involved. They may finally decide to want to be involved a substantial part of the discussions, as they should, instead of backing way for understandable fear of legitimizing the idea that a substantial win-win solution is even remotely possible, based on the uncritical acceptance of possibly exaggerated technical reports by great experts over the last decades on the complete impossibility of solutions that would not pose “unacceptable risks to civil rights“.

US Government, Big IT companies and US NGOs cannot solve this issues by themselves, without the involvement the relevant EU stakeholders (Commission, Parliament, NGOs), and other global actors, given crucial impact that those solutions will have on EU and World citizens civil rights. Another very practical reason is the fact that any overarching solution would be critical to the ongoing negotiations on Safe Harbour, Umbrella Agreements, and other EU/US e-privacy negotiations, whose failure may impede US IT companies to hold EU citizens data outside EU territory, or possibly at all, given the extra-territorial application of US surveillance laws on US-based companies.