The Consumer Choice Center announces the release of a policy note on consumer privacy and cybersecurity in Europe. The policy note discusses current privacy threats for European consumers in the light of the emergence of the Internet of Things and the rollout of 5G networks. The authors Mikolaj Barczentewicz and Fred Roeder suggest a multifactorial approach in order to safeguard consumer privacy in the age of rapidly developing connectivity.
The authors, Senior Privacy Fellow Mikołaj Barczentewicz and Managing Director Fred Roeder, emphasize how timely this policy note is given the recent data breaches of multinationals and the ongoing debate on whether 5G infrastructure from Chinese manufacturers poses a privacy threat to European consumers.
“Our policy primer looks at current privacy risks for European consumers, how current legal rules are insufficient in protecting consumers’ privacy in the age of 5G technologies, and what can be done by legal change and other policy measures to minimize consumers’ exposure to data leaks and privacy breaches,” said Roeder.
“The Huawei case is an opportunity to introduce effective security certification of all critical equipment used in telecommunications infrastructure. The standards should be equally rigorous irrespective of who is the manufacturer. Bad code may be vulnerable no matter who wrote it,” said Barczentewicz.
“Therefore we focus on the problem of vulnerability of devices and software to malicious interference. We are concerned with consumer products and services, as well as with electronic infrastructure. Consumers are best served by outcomes-focused and evidence-based policy. Blunt instruments like total bans based on country of origin should be seen as measures of last resort. Thus we recommend using liability rules for operators and resellers of software and devices that expose consumers to risk of malicious and illegal interference. Personal liability of company directors may be worth considering,” said Roeder.
The authors suggest that liability standards should be assisted by security certification of software and devices. Promotion of strong encryption and of secure methods of authentication should be a significant part of the effort to safeguard consumer interests.
“A ban on the use of any product or service has to be on the table because without such threat manufacturers will lack sufficient incentive both to treat security seriously and to show that they are doing so,” said Barczentewicz.
“We need to be careful to do only what is needed to safeguard security, without unnecessary protectionism. Trade wars hurt consumers,” concluded the authors.