Articles for author: Christian Thönnes

The EU AI Act’s Impact on Security Law

The process of integrating European security law is imperfect and unfinished – given the constraints posed by the European Treaties, it is likely to remain that way for the foreseeable future. This inevitable imperfection, lamentable as it may be, creates opportunities for legal scholarship. Legal scholars are needed to explore the gaps and cracks in this new security architecture and to ultimately develop proposals for how to fix them. This debate series, being a product of VB Security and Crime, takes the recently adopted AI Act as an opportunity to do just that: It brings together legal scholars, both German and international, in order to explain, analyze and criticize the EU AI Act’s impact on security law from both an EU and German national law perspective.

9. Dezember 2024

, , ,

Daniela Klette und die Frucht der vergifteten Maschine

Am 26. Februar 2024 hat die Polizei die mutmaßliche Terroristin Daniela Klette festgenommen. PimEyes, eine KI-basierte, biometrische Gesichtserkennungssoftware, hatte Klette im Netz gefunden. Dieser Beitrag plädiert aus verfassungs- und unionsrechtlicher Perspektive dafür, dass der Einsatz von offensichtlich rechtswidriger Software wie PimEyes im Strafprozess ein Beweisverwertungsverbot begründet, das auch eine Fernwirkung entfaltet.

22. März 2024

, , , , , , ,

Automated predictive threat detection after Ligue des Droits Humains

The Ligue des droits humains ruling regarding automated predictive threat detection has implications for the European Travel Information and Authorisation System (ETIAS) Regulation and the EU Commission’s proposal for a Regulation on combating online child sexual abuse material (CSAM). Both legal instruments entail the use of potentially self-learning algorithms, and are spiritual successors to the PNR Directive (the subject of Ligue des droits humains).

12. Mai 2023

, , , , , , , , ,

Automated predictive threat detection after Ligue des Droits Humains

On 21 June 2022, the Court of Justice of the European Union released its judgment regarding the compatibility of the EU Directive on Passenger Name Record Data with the rights to privacy and personal data protection. Ligue des droits humains has already qualified as a landmark decision, where the Court had the opportunity, among other aspects, to provide comprehensive guidelines on how large-scale predictive policing should take place. The ruling could be used as an inspiration for the legal assessment of various new security law instruments which require automated predictive threat detection instruments.

8. Mai 2023

A Directive altered beyond recognition

On 21 June 2022, the Court of Justice of the European Union rendered its decision in the preliminary ruling procedure on the fate of the PNR Directive. The Court had a chance to decisively answer one of the most crucial questions facing European security law: Is indiscriminate mass data retention for and the technology-induced analysis of ordinary human behavior compatible with fundamental rights? It instead opted for an enigmatic compromise creating a whole host of new questions. It does not change the fact that the PNR Directive survives – as a strange beast altered beyond recognition.

23. Juni 2022

, ,

A cautious green light for technology-driven mass surveillance

Yesterday, on 27 January 2022, Advocate General Pitruzzella published his Opinion in the CJEU's preliminary ruling procedure on the PNR Directive and its compatibility with EU primary law. The AG, while criticizing the PNR Directive’s overly broad data retention period and its lack of clarity and precision in certain points, generally considers the PNR Directive to be “compatible with the fundamental rights to respect for private life and to the protection of personal data”. His arguments are not convincing.

28. Januar 2022

, ,