US Government Busy in Europe Defending Interests of Advertisers, Security Agencies, But Not Americans' Privacy
My colleague Ben Wizner and I are in Brussels this week, partly to meet with European lawmakers and others about the new privacy regime that the EU is in the process of putting into place. Unlike the United States, Europe has a set of basic rules and institutions in place to protect individuals鈥 privacy, and is trying to update its existing rules and institutions for the digital age.
The United States needs similar protections鈥攁 basic, overarching privacy law, and institutions with the teeth to enforce it. We are an outlier in the world in lacking those things. However, some U.S. companies seem to be terrified at the prospect of basic, fair privacy rules being put into place in Europe. Not only are companies such as Facebook and Google furiously lobbying against those rules, but the U.S. government has 鈥溾 Europeans by also lobbying hard against many elements of this update.
For example, the U.S. Mission to the EU has recently circulated , by the European Digital Rights Initiative (EDRI), in which the U.S. representatives say things like:
Europe鈥檚 proposed new rules could 鈥渟tifle innovation and inhibit growth.鈥 The only innovation that will be stifled by instituting basic, fair privacy protections is 鈥渋nnovation鈥 in how efficiently advertisers can trick people into sharing more than what polls clearly show they want. Even on a purely business level, the U.S. is not being smart or thinking long-term. Privacy is a human necessity, and insofar as our internet companies and other institutions do not respect it, people will find work-arounds to protect their privacy when they need it. That means that those institutions will become less socially useful. Long-term, everyone WILL become aware of the limits on their privacy, so allowing companies to monetize the temporary gap between the spying that鈥檚 now possible and people鈥檚 current lack of understanding of that spying, is extremely short-sighted. The EU鈥檚 justice commissioner Viviane Reding got it right when she said in a , 鈥淎 strong, clear and uniform legal framework will help 鈥 foster economic growth, innovation and job creation in Europe.鈥 The growth enabled by solid privacy ground rules鈥攊n Europe and the United States鈥攚ill be a healthier, longer-term growth, not the corrosive short-term money-grab based on spying without people鈥檚 knowledge or consent.
The 鈥渋nteroperability of our respective privacy regimes is critical.鈥 Translation: Europeans should weaken their privacy protections. Because, apparently, we feel no need to bring ours up to par. No doubt it is vital for many parties that the EU and the United States harmonize their rules; but harmonization shouldn鈥檛 equal a 鈥渞ace to the bottom.鈥
The EU should 鈥渄evelop its standards through a multi-stakeholder process.鈥 While the 鈥渕ulti-stakeholder process鈥濃攁n institutionalization of the classic theory of government鈥攑robably makes sense in some situations, in others, it鈥檚 akin to asking the fox and the chickens to get together to hammer out standards for chicken-coop fencing. The farmer needs to just build the kind of fence that will protect the chickens. Sometimes you just need to regulate. That doesn鈥檛 mean you don鈥檛 listen to the regulated parties at all鈥攔ules tend to be overbroad, and must reflect reality and be carefully tailored and adjusted to achieve their proper ends鈥攂ut the idea that the sum total of the vectors of the lobbying of all interested 鈥渟takeholders鈥 will yield the public good, is na茂ve.
The regulation 鈥済ives data protection officials鈥攚ho by and large will have no law enforcement experience鈥攖he final say on whether cooperation should be provided.鈥 Heaven forbid! How terrible that an external, non-law enforcement body have any power over what data law enforcement gets access to. That鈥檚 what we used to call a 鈥渃heck and balance.鈥 Law enforcement agencies in the past 10 years have apparently gotten so accustomed to unchecked surveillance powers that they鈥檝e forgotten what it鈥檚 like鈥攄ue, no doubt, to the reduction in oversight by the Patriot Act and other post-9/11 legislation, the rapid exploitation of new technologies for spying before law and regulation can catch up, and the continuing absence of a real privacy oversight body such as the PCLOB.
The sad fact is that the United States has gotten out of balance. Harmonization is necessary for many reasons鈥攍aw enforcement agencies need to cooperate across the Atlantic, and we want businesses to work smoothly across markets. But in the United States, the political power of business鈥攚hich, as historians have , has always waxed and waned throughout our history鈥攊s probably now at an all-time high, distorting our pursuit of the public good in favor of corporate interests. And our national security establishment is enormous and bloated, protected by a shield of unchecked secrecy, endowed with dangerous new powers, and wields a dangerous influence on American public policy.
The job of the U.S. government abroad is to protect the interests of Americans. In Europe, instead of protecting the basic, long-term interests of its citizens, our government is protecting the narrow, short-term business interests of some companies. The U.S. is arguing that harmonization is critical鈥攂ut we don鈥檛 see the administration lobbying Congress to strengthen American privacy laws鈥攐nly to weaken Europeans鈥.
Read more: Privacy "Myths" Listed by the U.S. Government Aren't So Mythical.
Learn more about consumer privacy protection: Sign up for breaking news alerts,, and .