After Facebook and Google, French Watchdog Takes on Governmentby and
CNIL chief cautions France on risks of new central database
Amid terror threats, need to balance security and privacy
Years of policing Facebook Inc. and Google on data privacy are being put to use in France to keep another player in check -- the government.
As terrorism threats increase surveillance and bulk up intelligence services, France’s watchdog CNIL is deploying efforts to make sure the government doesn’t cross the line on personal information of citizens, the regulator’s president, Isabelle Falque-Pierrotin said. She recently cautioned the state against creating a central database with fingerprints, pictures and other personal information of virtually everyone in France.
“Fighting terrorism is an undeniable priority and it may call for new tools, but new deployments must be coupled with extra guarantees,” Falque-Pierrotin said in an interview at CNIL’s headquarters in Paris. “We need guarantees that the balance will be preserved between security issues and protecting privacy.”
Now, she’s re-balancing CNIL to focus on both corporate and government affairs. The watchdog was created in the 1970s to monitor privacy issues as the state moved paper records onto computers.
After three major attacks in France since January 2015 left more than 230 people dead, France has been debating the creation of a so-called mega-database that the country says will permit authentication of an ID card-holder as its rightful owner. After publishing a decree in October, France’s interior ministry went on to say users will have an option to refuse to register their fingerprints into the database. That hasn’t been enough to shut down criticism and debate, despite which the government is going forward with its plan.
“We’re concerned by some points,” Falque-Pierrotin said. “Would this database really be the best answer to the government’s goal of being able to authenticate a citizen’s ID card? We think there are alternatives."
Adding a chip to the French national ID card, a measure similar to that of a biometric passport, might do the trick, she said. That would remove the need for a database that’s potentially vulnerable to hackers, or to the government being tempted to use the information at hand for more than just authentication.
Nazi, Communist Rules
Memories of life under Nazi or Communist rule have traditionally influenced European citizens and institutions to be cautious about protecting privacy and allowing data collection by law enforcement and intelligence organizations. That long-held tradition has come under pressure as terror threats persist after a series of attacks in Paris, Nice and Brussels.
“Fighting for privacy on the government front -- that’s in our original DNA,” Falque-Pierrotin said. “Today, amid terrorism, amid new challenges linked to data collection for intelligence purposes, being vigilant on the government front is just obvious.”