Data Protection Versus the Islamic State: the Case of Kosovo

The fear humans and states are experiencing as a result of the growth of the Islamic State (ISIS) is not a phenomenon unique to the United States or the European Union. In a recent report, conducted by the Kosovar Centre for Security Studies (KCSS), it was concluded that the Republic of Kosovo has the highest number of ISIS recruits per capita (Kursani, 2015). Kosovo has responded to its ISIS problem by adopting in April 2015 which determines criminal offense for joining or participating in any foreign army or foreign police outside the borders of Kosovo.

One of its  provisions includes authorizing the Kosovo Police (KP) to use covert and technical measures of surveillance in order to conduct relevant investigations (Hajdari, 2014). Nevertheless, using surveillance mechanisms to investigate potential ISIS fighters poses a danger to human rights in developing countries, such as Kosovo, because these countries are still in the process of determining their digital privacy rights and implementing good governance practices.

Discussing the use of surveillance mechanisms in Kosovo as a potential human rights violation is a unique conversation for policy analysts, because many UN members are currently reducing their personal data protection in order to reduce the threat of terrorism. In 2014, the UN Security Council adopted Resolution 2178. This resolution enables all member countries to “prevent and suppress the recruiting, organizing, transporting or equipping of individuals who travel to a State other than their States of residence or nationality for the purpose of the perpetration, planning, or preparation of, or participation in, terrorist acts or the providing or receiving of terrorist training, and the financing of their travel and of their activities.” This resolution has been criticized for violating the right to privacy, Article 12 of the Universal Declaration of Human Rights, because it enables and encourages UN country members to obtain and analyze personal data as a means to prevent terrorist activities.

The adoption of UN Security Council Resolution 2178 depicts the obvious and ongoing battle between the  right to privacy and the right to security of  an individual. Western states are responding to the emergence and growth of ISIS. For example, in July 2015, France’s constitutional court introduced a new law: the Surveillance Act. This law increased the state’s surveillance powers in order to reduce terrorism . As a superpower, a UN member, and an EU member the actions taken by a country like France have a substantial influence on Kosovo. Since Kosovo’s independence in 2008, their government has tried to align itself with the privacy rights of the UN and of the EU. The danger with promoting such policies is that they hinder the right to personal data protection. Since, Kosovo lags behind in adhering to its new personal data protection laws following western countries, by introducing surveillance practices, has the potential to increase corruption and undermine transparency in governance (Nielsen, 2015).  

Kosovo’s internet penetration is among the highest in the Balkan region. In addition, the number of internet users in Kosovo is comparable to numerous EU member states. Specifically, the internet penetration rate, or number of people claiming to use the internet, is 76.62 percent. Of this figure, 94.21 percent of users claim to use the internet from home. Of these users, 83.29 percent of Kosovarians claim to use the internet for approximately three hours on a daily basis. Kosovo’s high level of internet penetration has generated the idea of personal data protection as a human right (Kursani, 2015).

The resulting increased awareness of data protection led Kosovo to adopt personal data protection legislation in 2010. This momentum was followed by the government’s establishment of the National Agency for Personal Data Protection (NAPDP) in 2011. The NAPDP has legal independent status from other public departments and is funded by the EU. Their job is to ensure that the privacy rights of every individual are protected by overseeing that processing of personal data adheres to national and international regulations. In the past four years, the NAPDP has performed over 170 inspections of public institutions. In addition, they have empowered Kosovarians by informing them of their data rights and having equipped over 4,000 institutions with warning signs that the premise is under video surveillance (NAPDP, 2015).

The emergence and growth of data protection as a human right in Kosovo has generated skepticism of the Kosovo Police (KP), who hold the majority of personal data . Under the Law No. 05/L -002 and the Kosovo Criminal and Procedural Code, the Kosovo Police has the right to monitor private conversations, search and control the delivery of postal items, and intercept telecommunications or communications by a computer network. It is not unusual for a national police to hold and exercise these powers when conducting an investigation against a criminal offense.

The concern in this case is that  approximately 33.7 percent of Kosovarians have expressed a significant level of fear of the KP misusing personal data. In addition to this figure, 20.9 percent of Kosovo’s citizens have some concern of KP misconduct in regards to personal data. Collectively, middle aged citizens are the most concerned of the KP unlawfully using their information. This finding is correlated with the fact that the middle aged respondents have had the most contact with the KP (Kryeziu, 2015). This conclusion raises questions regarding the ability of the KP to handle personal data while maintaining its citizens right to privacy.

Concerns of the KP misusing personal data is not an argument based solely on government skepticism. In August 2014, the KP arrested 43 citizens for inciting terrorism and challenging the security and constitutional order of Kosovo. However, after the arrests were made none of the individuals were charged with the alleged crimes. This event raises questions of corruption within the KP. In 2015, the international organization Freedom House reported that corruption remains a serious problem in Kosovo (Freedom House, 2015). Another prominent organization, Transparency International, has ranked Kosovo 110 out of 175 in its Corruption Perceptions Index (Martini, 2014). Nevertheless, the KP are rated as the most trusted public institution in Kosovo. In 2014, an EU Progress Report found that accountability mechanisms, implemented to punish police misconduct, had been successful (Freedom House, 2015). Consequently, the capabilities and integrity of the KP in handling the threat of terrorist organizations such as ISIS remains inconclusive.

It is still unknown whether or not using surveillance mechanisms to reduce the threat posed by ISIS in countries still developing their digital privacy rights, such as Kosovo, will promote good governance practices. It can be argued that giving the KP more power at this time, while their integrity and capabilities are still inconclusive, will only further induce corruption. On the flip side, if one does not give the KP more capabilities to deter terrorist activities, then ISIS could decrease the legitimacy of the KP and in turn the legitimacy of a still very new state. Also,  it is debatable how effective government surveillance is in reducing the threat of terrorism. However, until this question is answered, it is assumed that national governments, like Kosovo, will continue to use surveillance mechanisms in order to reduce the threat of terrorist activities. Policy analysts cannot neglect that personal data protection has only recently been considered a human right in Kosovo, that there is citizen skepticism of the Kosovo Police handling personal data, and that that skepticism does not go without merit. Recommendations on how to promote good governance practices in the KP Force are mixed: one recommendation would advocate for increased presence of an international actor, such as the EU, who could monitor the KP’s use of  surveillance in deterring terrorist activities.  

Another, and arguably the better recommendation, would call upon the NAPDP to launch a campaign informing citizens of what the KP has the right to monitor and intercept during an investigation. In addition, the NAPDP should increase the number of citizens it reaches. It could do so by providing materials that inform citizens what their rights are and dispensing such materials at telecommunication companies, schools, universities, and public institutions – upon having received permission to do so. This is the more logical option because it puts Kosovo on the fast track to promoting personal data protection while promoting transparency in governance. The security threats posed by the Islamic State is not going to go away over night, not in Kosovo nor anywhere else.

Consequently, the Republic of Kosovo is left with the difficult task of responding to an international threat all while it is still building its government. All the same, the Republic of Kosovo is as Pristina’s monument says “Newborn” and a newborn state can use transparent practices to reduce the threat of terrorism while maintaining its new right to personal data protection.

About the Author

Bonnie Bethea is currently a Master in Public Policy (MPP) Candidate at the Willy Brandt School of Public Policy at the University of Erfurt. Bethea’s research,writing, and academic interests include Eastern European politics, regulatory affairs, and Transatlantism.

Cover image ‘Computer Security – Protect Data – Computers‘ by Perspecsys Photos

Bibliography
Freedom House. (2015). Freedom in the World – Kosovo. Retrieved from https://freedomhouse.org/report/freedom-world/2015/kosovo#.VbxGsjGUeNI

Hajdari, U. (2014, March 1). Kosovo to Jail Fighters in Foreign Conflicts. Retrieved September 21, 2015. Retrieved from http://www.balkaninsight.com/en/article/kosovo-law-to-punish-fighting-in- foreign-conflicts

Kryeziu, S. (2015). Kosovo Security Barometer – Special Edition Public Perceptions on Personal Data Protection. Kosovar Center for Security Studies. Retrieved from http://www.qkss.org/en/Reports/Special-Edition-of-KSB-Citizens-Perception-on-Personal-Data-Protection-341

Kursani, S. (2015). Report Inquiring into the Causes and Consequences of Kosovo Citizens’ Involvement as Foreign Fighters in Syria and Iraq. Kosovar Center for Security Studies. Retrieved from http://www.qkss.org/en/Occasional-Papers/Report-inquiring-into-the-causes-and-consequences-of-Kosovo-citizens-involvement-as-foreign-fighters-in-Syria-and-Iraq-408

Martini, M. (2014). Kosovo: Overview of Political Corruption. Transparency International. Retrieved from http://www.transparency.org/whatwedo/answer/kosovo_overview_of_political_corruption

National Agency for Personal Data Protection. (2014). Mission – National Agency for Personal Date Protection. Retrieved from http://www.amdp-rks.org/web/?page=2,44#.Vbw_LDGUeNJ

Nielsen, N. (2015). French Court Backs Mass Surveillance. EU Observer. Retrieved from https://euobserver.com/justice/129760

The Republic of Kosovo. (2012). Criminal No. 04/L-123 Procedure Code. Retrieved from http://www.legislationline.org/documents/id/17771 kosovo criminal procedural code

The Republic of Kosovo. (2015). Law 05/L-002 on Prohibition of Joining the Armed Conflicts outside State Territory. Retrieved from http://www.kuvendikosoves.org/common/docs/ligjet/05-L-002%20a.pdf

United Nations Interim Administration Mission in Kosovo (UNMIK). (2015). Promoting Security, Stability, and Respect for Human Rights in Kosovo. Retrieved from http://www.un.org/en/peacekeeping/missions/unmik/

United Nation Security Council Resolution 2178. (2014). Retrieved from http://www.securitycouncilreport.org/atf/cf/%7B65BFCF9B-6D27-4E9C-8CD3-CF6E4FF96FF9%7D/s_res_2178.pdf

United States Department of State. (2014). Country Reports on Terrorism 2013 – Kosovo. Retrieved from http://www.refworld.org/docid/536229df4a.html