Prism, privacy and politics with a small p

A background to the NSA leaks with links to further reading

14 June 2013
Only in en
The disclosure that the NSA uses a clandestine surveillance program to access user data from Google, Facebook and other Internet companies shouldn't come as a surprise. In the US, privacy has been losing the battle against security for decades. In Europe, the situation is different: but for how long? Updated on 27 June 2013: Europe demands answers after revelations that British intelligence agency GCHQ has been monitoring web and telecommunications on an even greater scale than the NSA.

Jump to the update

Prism was a scandal waiting to happen. Ever since the Clinton government passed the Communications Assistance for Law Enforcement Act in 1994, and above all since the Bush government launched the “total information awareness” programme in 2003, voices have been warning of the extent of the NSA’s surveillance (most recently James Bamford in Wired). Disappointing as it may be, Obama’s bowing to the interests of the security institutions cannot come as a surprise. (Pro Publica has published a very useful and clearly laid out timeline that shows how laws and policies have been loosening ever since the Watergate scandal.)

Unlike, perhaps, the terms in which Edward Snowden’s actions have been condemned by editorialists in the US media: most tellingly David Brooks in the jilted New York Times, for whom Snowden is the product of an “atomized society” lacking “respect for institutions and deference to common procedures”. Yet, as the American Civil Liberties Union points out, the problem is that these institutions and procedures — the notionally democratic FISA court and the Patriot Act, rushed through parliament after 9/11 — have lost their claim to respectability.

This is precisely where European and US data protection cultures differ. Since the passing of the Fair Credit Reporting Act in 1970 for the private commercial sector and the Privacy Act in 1974 for the government administration — legal responses to public privacy concerns sparked in 1964 by plans for a centralized “National Data Centre” — privacy regulation has barely progressed in the US. In the US, there is no universal legislation, only individual stipulations for particular public authorities and private sector actors. In Europe, on the other hand, data protection commissioners represent an institutionalized check on the use of data by state and private actors, who are bound by a universal set of civil-rights-based regulations.

As the EU prepares to introduce a reform of the current 1995 data protection directive (see materials collected by EDRI), this gulf in legal cultures has become all the more apparent. Massive lobbying from the US on the EU to water down its planned regulations — particularly article 42, or the “FISA-clause — has been effective, as it has been previously (SWIFT, ACTA, airline passenger records). As EDRI argues, the US is attempting to prevent the creation of a strong EU privacy framework until such a time as it can be subsumed within agreements on the Transatlantic Free Trade Area, negotiations over which are due to begin soon.

The revelation of the degree of cooperation between the big US commercial data-aggregators and the US state will further politicize this stand-off between Europe and the US, as well as within Europe between members acting in US interests to preserve the status quo (above all the UK) and those advocating strong protections (above all Germany). With the confirmation — if confirmation were needed — that your data is not private with Facebook et al., the European public may wake up to the significance of what has until now been a legalistic debate perceived as having little connection to politics with a small p.

Updated on 27 June 2013 

GCHQ snooping

Britain has been cast even further into Europe’s data protection wilderness after revelations that its formerly glorious signals intelligence agency GCHQ has been monitoring web and telecommunications on an even greater scale than the NSA. Germany’s justice minister, Sabine Leutheusser-Schnarrenberger, has demanded explanations from her British counterpart, asking whether the 30-day retention of signals data is based on concrete suspicion or warrantless (guess which) and calling for the issue be included in discussions on the EU data protection regulation. One of the last remaining members of the civil rights wing of the Free Democratic Party and instrumental in Germany’s rejection of the EU data retention directive in 2010, Leutheusser-Schnarrenberger is more than a match for British security hawks (see her 2008 article in Blätter für deutsche und international Politik, entitled: “Towards an authoritarian state”; in German).

This isn’t to ignore the moralizing tone of many of the pronouncements of German politicians, including the inevitable Stasi comparisons, particularly from the Christian Democrats. As a new publication by the historian Josef Foschepoth has revealed, West Germany’s own historical record has been far from immaculate: after 1969 German intelligence agencies eagerly took over the Allied surveillance apparatus and, sanctioned by the Federal Constitutional Court, passed laws enabling it to read private correspondence en masse — laws that remained in place after re-unification (Zeitgeschichte Online has just published and interview with Foschepoth; in German). And, earlier this year, Netzpolitik revealed that Germany’s federal police force had purchased illegal Trojan horse software from a German-British company, whose customers also include the governments of Egypt and Bahrain.

So far, politicians from other European countries have kept a conspicuously low profile, considering that an EU partner has been caught snooping on the rest. This has led to speculations about what is still to come from Snowden’s USB sticks. However, the European Commission has reacted swiftly and strongly. In a letter to UK Foreign Secretary William Hague, the Commission vice-president Viviane Reding requested detailed clarifications about the scope of the UK’s spying practices and even hinted at legal action: “If reports are true these programmes could have a serious impact on the fundamental rights of individuals in the EU, including the right to privacy and data protection, the principle of proportionality and the rule of law generally.”

Back to the US: As the smear campaign against Snowden gets underway (Chinese/Russian spy, chum of Venezuelan/Ecuadorian demagogues, egomaniac/sociopath), David Bromwich writes in the London Review of Books that the Prism affair has again shown on which side of the fence the liberal establishment stands: “Every public figure who is psychologically identified with the ways of power in America has condemned Snowden as a traitor, or deplored his actions as merely those of a criminal, someone about whom the judgment ‘he must be prosecuted’ obviates any further judgment and any need for thought.”

So, what will the global repercussions of the Prism disclosures be? Simon Davies predicts that strengthened privacy protections in Europe will prompt even more effective technologies of circumvention in the US (and its “Five Eyes” allies).

Aerial image of the GCHQ in Cheltenham, Gloucestershire, UK. Source:Ministry of Defence

Privacy articles in Eurozine

Age of insecurity: Writing in Index on Censorship 2/2011, Gus Hosein and Eric King show how cooperation between businesses and governments creates unprecedented opportunities for surveillance of citizens, both in dictatorships and democracies. “As long as the key technology developers keep on assuming that their users are uninterested […], we will all remain vulnerable. It is now time for a mature debate on privacy and security. Not one that sees the benefit of the state as paramount, nor one that assumes that if the service is free then the user’s information can be exploited.” And in 2008, Hosein wrote on how the Internet is turning into a “data goldmine” for governments that want to keep track of their citizens. “It is almost as though freedom and flexibility is being designed out of the Internet, where previously they were essential.”

Contain this! In Mute 17 (2011), reacting to the Wikileaks scandals, Felix Stalder offered a brilliant analysis of the interaction between whistleblowing organizations and traditional news media: “What we can see is a slow, structural transformation of the public sphere in which the old news media is complemented by new actors, designed to address the weaknesses of the mainstream media while making use of its core capacity to bring stories to lots of people. All in all, the process of investigative journalism is reorganised and, one can only hope, reinvigorated.”

The transparency delusion: Writing in 2013, Ivan Krastev argues that transparency is no substitute for democratic empowerment: “Contrary to the claim of transparency advocates who insist that it is possible to reconcile the demand for the opening of government with the protection of citizens’ privacy, I contend that wholly transparent government denotes a wholly transparent citizen. We can’t make the government fully transparent without sacrificing our privacy. […] Contrary to the expectations of the transparency movement that full disclosure of government information will make public discourse more rational and less paranoid, my argument is that a focus on transparency will only fuel conspiracy theories. There is nothing more suspicious than the claim of absolute transparency.”

Simon Garnett

Published 14 June 2013

Original in English
First published in

© Eurozine

recommended articles