Frontex wanted to monitor “civil society and diaspora communities in destinations (EU)”

Despite the EU’s data protection provide some limits over how far EU bodies, governments and corporations can go when they decided to spy on people, on September 2019 Frontex decide to publish a tender inviting surveillance companies to bid for the project, that it has mysteriously cancelled less than a month later.

The tender invited surveillance companies to bid for the project aimed to monitor the internet use of migrants and civil society, the purpose of the agency would have been to give up to €400,000 to a surveillance company to track people on social media so that border guards would have obtained “an understanding of the current landscape” as well as “a strategical warning system on changes such as the socio-political, economic or human security environment that could pose challenges to Frontex policies” (Essentially, they wanted to spy on their social media to see what they were up to).

In addition to gathering “data and analysis of relevant actors using social media: migrants; traffickers/smugglers”, Frontex also wanted to monitor “civil society and diaspora communities in destinations (EU).

NGOs such as Statewatch and journalists at Mediapart had noticed the tender, leading to Frontex having to defend the project by claiming, to the bemusement of some of Privacy International’s data protection experts, that “the required service does not entail collecting, processing, sharing or storing of any personal data by the European Border and Coast Guard Agency”. So with that in mind, Privacy International set up an account on the procurement website and asked them some pretty detailed questions to find out how they came to the conclusions they did, and if they had gone through the necessary checks to make sure their plan was legal.

These questions were based on a single legal instrument, Regulation 2018/1725, which is the equivalent of the GDPR for EU institutions and is thus meant to regulate how EU bodies like Frontex process personal data. Similar to other questions, the agency would have had to publish the answers on the tender site. But within a few days, they decided to cancel the tender, justifying their decision by “the upcoming entry into force of the new European Border and Coast Guard Regulation.”

Read the full article on Privacy International’s blog.


Digital Identity in the migration & refugee context – Italy case study

A group of researchers – Mark Latonero, Keith Hiatt, Antonella Napolitano, Giulia Clericetti, Melanie Penagos – published the report “Digital Identity in the Migration & Refugee context” focused on the Italian context starting from the evidence that for migrants and refugees in Italy, identity data collection processes can “exacerbate existing biases, discrimination, or power imbalances“.

The study analyzes the challenges arising from this digital ecosystem and identifies three major areas of concern: bureaucratic bias in identity systems; privacy and mistrusted systems; and organizational data responsibility. One key struggle is obtaining meaningful consent. Often, biometric data is collected as soon as migrants and refugees arrive in a new country, at a moment when they are vulnerable and overwhelmed. Language barriers exacerbate the issue, making it difficult to provide adequate context around rights to privacy. Identity data is collected inconsistently by different organizations, all of whose data protection and privacy practices vary widely.

While Digital Identity is grounded in the Italian context, it has implications for refugees and migrants’ data privacy globally. The authors offer recommendations for stakeholders—including international organizations, policymakers, civil society, technologists, and funders—seeking to build stronger data protections.

Report findings are based on interviews in Italy with refugees and migrants, local NGOs, government agencies, and international organizations. It was produced by Data & Society Research Institute, a New York City-based nonprofit focused on the societal implications of automated and data-centric technologies, and comes out of the long-standing Data & Society research project Human Rights, Data, and Migration.

Research in Italy was supported by Data & Society’s local partner, Coalizione Italiana Libertà e Diritti Civili (CILD), a coalition of civil liberty organizations throughout Italy.

Here, the full study.