How to apply privacy by design in OSINT and big data analytics?

Abstract

In a world where technology grows exponentially, more information is available to us every day. States and their governments have collected information on their citizens for a long time now. On the other hand, people give out more and more personal information voluntarily through social media. Information available on the Internet is easier to analyze with modern technologies and the original source of information is also easier to track down. Information is available to all of us and that information can be used to investigate personal data, defeat competitors in a corporate world, solve crimes or even win wars. This study analyses open source intelligence (OSINT) and big data analytics (BDA) with the emphasis on cyber reconnaissance and how personal security is part of that entity. The main question is how privacy manifests itself as part of OSINT and BDA. At the same time the study analyses how law enforcement authorities can act so that their reconnaissance actions would be publicly approved. The study uses case study methodology by gathering a comprehensive list of sources for the theory section. The theoretical framework consists of Privacy by Design approach and privacy questions with regard to surveillance, and the General Data Protection Regulation (GDPR) and the Directive 2016/680 ‘on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data’ act as a legal framework. The empirical case dealing with maritime surveillance, explores OSINT and BDA privacy challenges in the MARISA project. The overall target of the paper is to accelerate the discussion on the serious problem of privacy breach that may lead to restrictions of individual liberty and erosion of our society's foundations of trust.