During one of his classes, Professor Musheno argued that Europe had massively invested to protect privacy compared to the United States. I got interested in this dichotomy and I wanted to see whether the gap between the two continents had got any significant impact on the recent PRISM scandal.
In a context of discussion between the EU and the USA regarding to the aftermath of Edward Snowden’s revelations, Rikke Frank Joergensen, special advisor at the Danish Institute for Human Rights, analyses the gap between the protective legislation on privacy and the actual surveillance practices on both sides of the Atlantic Ocean in an essay published on February 27th 2014.
First, she challenges the dichotomy EU-US regarding to the protection of private data. She reminds that formally, the United States is part of the international move for a better protection of personal data on the Internet, alongside with its European partners. A few days before the beginning of Snowden scandal, it even participated to the launch of the new OECD Privacy Framework which insisted on the necessity to increase « privacy protection in the digital environment ». The United States is also supposed to be bound to the Universal Declaration of Human Rights of 1948 whose Article 12 promotes the right to privacy and to the International Covenant on Civil and Political Rights (ICCR) issued by the United Nations in 1966 whose Article 17 bans « arbitrary or unlawful interference with anyone’s privacy or correspondence and establishes for all state parties a positive obligation to create a legal framework for the effective protection of privacy rights against interference or attacks. »
It is true that formally, European legislation and precedent offer an extensive protection of personal data. In 2008, the European Court of Human Rights (ECtHR) itself has stated that « the protection of personal data is of fundamental importance to a person’s enjoyment of his right to privacy » (S. and Marper v. the UK, December 4, 2008). Overall, data protection is recognized by the Article 8 of the Charter of Fundamental Rights of the European Union as a binding fundamental right.
Yet, Joergensen notices that this legal framework did not allow to prevent the intrusive PRISM program from collecting data produced by European citizens, since most Internet-service providers come from the United States (Facebook, Google, Microsoft, Apple etc…). If the EU may officially negociate stricter agreements for the exchange of personal data with the USA, it has actually little power to enforce its standards toward its American partner. For the moment, the propositions to respond the PRISM scandal only consist in enhancing the existing European protective mechanisms, reviewing the EU-US agreements but they do not dare to challenge the lawfulness of the PRISM programme with regard to international human rights law.
Several reports are expected to be issued by the United Nations over the next months, noticeably the report of the UN High Commissioner for Human Rights, Navi Pillay, at the General Assembly of next September. This report should be about « the protection and promotion of the right to privacy in the context of domestic and extraterritorial surveillance to the Geneva-based Human Rights Council».
Joergensen’s essay shows that, formally, the rules on privacy are more legally binding in the European Union. Yet, due to its internal divisions and its institutional weaknesses, it does not have the means to fully enforce its standards, especially toward a foreign partner as powerful as the United States. In my opinion, it is very unlikely that the reports issued by the United Nations will have any effect on the determination of the American legislators who support intrusive programmes like PRISM under the banner of national security. The Republican Senator Lindsay Graham summed up the thought of many of her colleagues with this sentence : “We got to hit them before they hit us”. Even if it implies to hit allies?
Sources
http://policyreview.info/articles/analysis/can-human-rights-law-bend-mass-surveillance
http://policyreview.info/articles/news/eu-and-us-discuss-divergent-recommendations-mass-surveillance/228
Romain, You build a very thoughtful argument around tech living law, pointing that stronger privacy legislation in the EU is far from being fully implemented. Even more interesting is your claim about the institutional weakness of the EU's position due to their current reliance on American providers. Of course, the EU and countries like Brazil are actively moving to strengthen their institutional position and consequently, the US companies are putting pressure on the US government to back off several of its surveillance programs. You may be interested in the work of James Rule who offers a position somewhat different from Joergensen. I will do a close read of Joergensen and perhaps you might consider taking Rule's surveillance seminar being offered in the fall.
ReplyDelete