Direito e Informação na Sociedade em Rede: atas Direito e Informação na Sociedade em Rede: atas | Page 66

(Lyon, 2010, p. 15). In its review of surveillance practices following the Snowden affair, the European Parliament inferred that the current programmes enhanced by technological progress represent a reconfiguration of traditional intelligence, enabling access to a much larger scale of platforms for data extraction than telecommunications surveillance of the past, thus entailing a change in the very nature of these operations. In the United States of America, the NSA has been at the forefront of efforts to collect and analyse massive amounts of data through its PRISM Program, and a variety of other data-intensive programs, whose capabilities are likely to expand (Schmitt, et al., 2013). Similar developments are under way in Europe. The recently adopted French “Loi sur le Renseignement” provides an additional illustration of this trend by governments to resort to mass surveillance through advanced techniques of information retrieval of huge sets of metadata31. Even if not fully expressed in the recent ruling of the Court of Justice of the EU on the validity of the Safe Harbour agreement between the EC and the USA government, Google and Facebook are not only private data miners, but also data miners that are in a very close relationship to US national security, although not necessarily to EU national security32. In effect, the collaborative model of big companies and public authorities is not only based on mandatory disclosure orders issued by courts or administrative bodies, but also on an indefinite grey area of voluntary and proactive collaboration furthered by technological opportunities33. The “collect-everything approach” applied to monitoring and intelligence definitively connects mass surveillance to big data34. These developments signal that EU law making regarding personal data protection is not easily keeping pace with the especially delicate defies of big data. Yet, strikingly, the EC keeps maintaining that the core principles of the DPD are still valid and “its technologically neutral character should be preserved”35. Such a belief in technology neutrality looks puzzling. Indeed, technology neutrality means that the same regulatory principles should apply regardless of the technology used (Maxwell, Bourreau, 2014). Yet, the functionalities of big data technologies represent a leap through in ICT. In these circumstances, it may not be sufficient to simply adapt the law. While data mining and data analytics are as such not new practices, the scale of See the final version of this law at http://www.assemblee-nationale.fr/14/ta/ta0542.asp. Judgment of the Court (Grand Chamber) of 6 October 2015 (request for a preliminary ruling from the High Court (Ireland)) — Maximillian Schrems v Data Protection Commissioner (Case C-362/14), (last accessed 18.03.2016). 33 So the concept of “total surveillance” has been put forward to qualify the way such large-scale processes of strategic management relying on big data operate today. (Couldry,. Powell 2013, 1-5; Abdo, Toomey, 2013; Andrejevic, Gates, 2014185-196). 34 Fears have been expressed that these data, collected for fighting terrorism and crime, are used also for tax evasion, for advantaging some private companies in their contracts and for profiling the political opinions of groups considered as suspect. 35 Communication from the Commission to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions: A Comprehensive Approach on Personal Data Protection in the European Union, COM (2010) 609 final, Brussels, 4.11.2010, p. 3. Whereas 13 of GDPR (Final version). 31 32 54