Published online by Cambridge University Press: 23 January 2020
INTRODUCTION
Information and communication technologies are cornerstones of modern society. Automated computer processes and the continuous collection, analysis and creation of data are staples of each current industry, service and sector. As data analytics are now vital in both the public and private sphere, securing confidential and valuable information remains a key goal of computer science. To this end, the concept of information security revolves around the identification and implementation of concrete safeguards based on the three fundamental tenets of Confidentiality, Integrity and Availability. While these principles are generally accepted in the field of computer science, they do not constitute universal or legally binding conditions. The current EU legal framework on cybersecurity does not impose general or specific obligations on developers of information technologies for private or public actors. Still, as the undue disclosure or processing of confidential information can have serious consequences, the EU legislator recently finalized its data protection reforms to further safeguard personal data. In addition to the General Data Protection Regulation (GDPR), the reforms also consist of a Law Enforcement Directive (DPLE) for the purpose of regulating the collection, processing and storage of personal information in the context of policing.
As innovative technologies are rapidly adopted by law enforcement agencies to detect, investigate and prevent crime, the negative impact of security breaches can significantly affect the safety and integrity of citizens and police practices. It is in light of these developments that this chapter seeks to assess whether compliance with the recent European legislation on data protection may support the realization of fundamental principles of information security in a law enforcement context. To this end, it provides an outline of the principles of information security followed by an overview of the current legal framework on cybersecurity and data protection in the EU. The differences and similarities between information security and data protection are examined in order to determine to what extent law enforcement technology and practice could rely on the applicable data protection legislation to ensure sufficiently high standards of information security. Finally, to illustrate how the concrete implementation of security requirements in data protection might actually support the accomplishment of high standards of information security in practice, the chapter concludes with a brief assessment of security protocols applied in two law enforcement systems developed in the framework of European research projects.
To save this book to your Kindle, first ensure [email protected] is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
Find out more about the Kindle Personal Document Service.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.
To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.