In the latest issue of Foreign Affairs, Network member Henry Farrell and Abraham Newman the causes of, repercussions resulting from and potential solutions to the European Court of Justice’s decision to strike down the Safe Harbor agreement. The Safe Harbor agreement is a “15-year-old transatlantic arrangement that permitted U.S. companies to transfer data, such as people’s Google-search histories, outside the EU.”
In their exploration of the impetus for the ECJ’s decision, two key factors stand out: surveillance of European citizens by the U.S. Government and core differences in the way the EU and U.S. view and legislate issues of privacy (whether related to government or the private sector). They argue:
“The Safe Harbor dispute stems from the fact that the EU and the United States have fundamentally different understandings of how privacy should work in the digital age. Beginning in the 1990s, European countries developed comprehensive rules governing the collection and processing of personal information, overseen by independent regulatory agencies called “data protection authorities.” This approach to privacy was elevated to a fundamental constitutional right when the EU adopted its Charter of Fundamental Rights in 2009. The United States, in contrast, lacks a comprehensive approach to privacy, relying instead on an idiosyncratic patchwork of specific—and, in some cases, dated—rules governing sectors as diverse as health care and video rentals. The problem for the United States is that European regulations have long prohibited the transfer of data to countries that the EU considers to have weak privacy protections, among them the United States.”
Citing the U.S. Government’s surveillance of European citizens, Farrell and Newman describe how U.S. technology companies stand to bear the brunt of Safe Harbor’s end:
“By transforming U.S. technology companies into tools of national intelligence, Washington has badly damaged their corporate reputations and exposed them to foreign sanctions. Their international profits—not to mention a substantial chunk of the U.S. economy—depend on the free flow of information across borders. Foreign officials, political activists, and judges who limit these flows to protect their citizens from U.S. surveillance strike at the heart of these companies’ business models. The ECJ’s Safe Harbor ruling has now forced Washington to decide whether it values its unrestricted ability to spy on Europeans more than an open Internet and the economic well-being of powerful U.S. businesses. The EU has, in effect, used the United States’ own tactics against it.”
While not hopeless, Farrell and Newman believe that it is in the U.S. Government’s hands to change course and avoid the worst impacts of Safe Harbor’s end:
“The United States faces a profound choice. It can continue to work in a world of blurred lines and unilateral demands, making no concessions on surveillance and denouncing privacy rights as protectionism in disguise. Yet if it does so, it is U.S. companies that will suffer.
Alternatively, it can recognize that globalization comes in different flavors and that Europeans have real and legitimate problems with ubiquitous U.S. surveillance and unilateralism. An ambitious strategy would seek to reform EU and U.S. privacy rules so as to put in place a comprehensive institutional infrastructure that could protect the privacy rights of European and U.S. citizens alike, creating rules and institutions to restrict general surveillance to uses that are genuinely in the security interests of all the countries.”