Forum Privatheit-Panel auf der CPDP: "Do-it-yourself Privacy Protection: Empowerment or Burden?"

Das Forum Privatheit und selbstbestimmtes Leben in der Digitalen Welt organisierte für den 23. Januar 2015 auf der "Computers, Privacy and Data Protection" (CPDP) ein Panel zum Thema "Do-it-yourself Privacy Protection: Empowerment or Burden?". Daneben organisierte das Forumsmitglied Philip Schütz ein Panel zum Thema "The emergence of Privacy Companies: Privacy as a competitive advantage?"

Do-it-yourself Privacy Privacy Protection: Empowerment or Burden?

Forum Privatheit Panel auf der CPDP 2015

Fotos: Murat Karaboga

CPDP-Conference 21.-23. January 2015
Forum Privatheit-Panel on 23. January - 11:45 Petite Halle
Rue Royale-Sainte-Marie 22,
B-1030 Brussels, Belgium


"Computers, Privacy and Data Protection 2015 (CPDP)"

Panel: "Do-it-yourself Privacy Protection: Empowerment or Burden?"

Short Panel description:

Citizens’ privacy is increasingly challenged not only by intelligence services but also by law enforcement agencies, companies and even by fellow citizens. Due to the obvious problem to enforce the current legal framework it has been suggested by actors ranging from activists to governments that ordinary citizens  should be enabled to protect their privacy themselves. Numerous tools for „do-it-yourself privacy protection“ have been developed over the last 20 years that are, however, hardly used.  Reasons behind this failure story include technical, economic, political, and last but not least social aspects.

On this panel we want to discuss the value and shortcomings of the do-it-yourself privacy protection approach and ask what role it can play in a networked and globalised world with powerful opponents.


Michael Friedewald (Fraunhofer Institute for Systems and Innovation Research ISI & Forum Privacy, GER)


  1. Paul C. Johannes (University Kassel & Forum Privacy, DE)
  2. Tobias Matzner (International Centre for Ethics in the Sciences and Humanities, University Tübingen & Forum Privacy, DE)
  3. Kostas Rossoglou (BEUC The European Consumer Organisation, BE)
  4. Seda Gürses (New York University, USA)


Shara Monteleone (University Groningen, NL)


Do-it-yourself privacy protection cannot replace the state’s obligation to protect its citizens

Press Release 22.01.2015

The 28th of January is European Data Protection Day and the 8th Computers, Privacy and Data Protection Conference took place in Brussels from 21st to the 23rd January to mark the event. The Fraunhofer Institute for Systems and Innovation Research ISI, which is involved in a number of research projects on privacy and data protection issues, played a big role in this conference: Dr. Michael Friedewald, project leader at Fraunhofer ISI chaired the panel discussion on do-it-yourself privacy protection. A white paper on this topic has been published by the research association "Forum Privacy and self-determined life in the digital world", which is coordinated by Fraunhofer ISI on behalf of the German Federal Ministry of Education and Research (BMBF).


This paper analyzes the social, legal and technical boundary conditions of do-it-yourself privacy protection and lists measures users can take to protect themselves including encryption – of data, e-mails and texts – as well as encryption protocols, anti-tracking techniques and anonymization tools.

Although the state’s obligation to protect and promote informational self-determination was formulated in Germany as early as 1983 – in the constitutional court’s census decision – the dominant view remains that the individual citizen bears the main responsibility for protecting his/her own personal data and privacy. Processes and technical tools such as encryption or anonymization, which realize aspects of do-it-yourself privacy protection, have been available for years. However, these are hardly used by citizens.

There are various reasons for this: there is a marked difference on the digital markets today between the knowledge and skills of citizens and those of intelligence services and companies. This means that data collection and surveillance are generally invisible to the majority of citizens and are accordingly systematically under-estimated. This trend is further enhanced by citizens’ belief that “they have nothing to hide” and their trust in promises of security. Finally, comprehensive self-protection of data presumes a great deal of specialized knowledge that most computer users do not possess.

Given continued digitalization and the actions of the intelligence services, citizens have to be fully informed about the possibilities and limits of self-protection and the usability and performance of tools must be improved.

However, the authors of the white paper also clearly state that shifting the state’s obligation to protect personal data and privacy onto individuals fails to do justice to the social importance of the basic right to informational self-determination. Informational privacy is not a question of individual preference, but is essential for a liberal, democratic community. In keeping with the principles anchored in the German constitution, the state has to increase its efforts to protect its citizens against unreasonable levels of surveillance.

The possibilities to do so were discussed at the Computers, Privacy and Data Protection Conference (CPDP), held for the eighth time from the 21st to 23rd January 2015 in Brussels. Fraunhofer ISI is one of the organizing partners of the conference, which is the biggest European event of this kind. It brings together representatives from politics, the economy, science and society to exchange ideas and discuss the current challenges in the fields of information technology, privacy, data protection and law. Dr. Michael Friedewald chaired the panel discussion of the topic “Do-it-yourself data protection” on 23 January 2015, organized by the Forum Privacy.

The emergence of Privacy Companies: Privacy as a competitive advantage?

Fotos: Michael Friedewald

Computers, Privacy and Data Protection 2015 (CPDP)"

Panel: "The emergence of Privacy Companies: Privacy as a competitive advantage?"

Short Panel description:

Until recently, only a few start-ups and niche suppliers had explored the possibility to offer IT services and products with privacy-by-design features as a unique selling point. Fuelled by the NSA spying scandal, these companies now face rapidly increasing demand for privacy-friendly technologies. Especially in the highly dynamic field of mobile computing, innovative services and products such as encrypted instant messaging and bug-proof smartphones have started to successfully enter the market. The panel aims to discuss the following questions:

  • Is there a business case for privacy in practice?
  • What prospects do privacy companies have?
  • What are the legal and practical boundaries?
  • What role will the new EU Data Protection Regulation play in promoting or hindering privacy as a competitive advantage?
  • What implications does the idea of ‘privacy as a commodity’ have?


Philip Schütz (Fraunhofer Institute for Systems and Innovation Research ISI & Forum Privacy, GER)


  1. Nicolas Dubois (European Commission, EU)
  2. Ali Jelveh (Protonet, DE)
  3. Nico Sell (Wickr, US)
  4. Marc van Lieshout (TNO, NL)
  5. Phil Zimmerman (Blackphone, US)


Marit Hansen (Indenpendent Centre for Privacy Protection Schleswig-Holstein, DE)