July 17, 2013

Data Privacy through a German PRISM

When I first arrived in Estonia a little over five years ago, my first and most memorable culture shock occurred when I was driving past a large intersection near the Kristiine Mall. There I noticed a large billboard which had the pictures and names of several people underneath a company logo. Out of simple curiosity I asked my wife what that display was about, expecting her to tell me that those individuals were the firm’s employees of the month, or something along those lines. When my wife revealed to me that these were debtors who were being publicly named and shamed by a debt collection agency, my jaw dropped. Wow!

09.07.2013, Julian Tupay
Postimees
When I first arrived in Estonia a little over five years ago, my first and most memorable culture shock occurred when I was driving past a large intersection near the Kristiine Mall. There I noticed a large billboard which had the pictures and names of several people underneath a company logo. Out of simple curiosity I asked my wife what that display was about, expecting her to tell me that those individuals were the firm’s employees of the month, or something along those lines. When my wife revealed to me that these were debtors who were being publicly named and shamed by a debt collection agency, my jaw dropped. Wow!
This practice seemed to me on a level with medieval pillory and I could not fathom what on earth made the Estonian state countenance such a practice. I was soon to learn that to my – apparently uniquely German – sensitivities the Estonian society actively promoted a large number of measures in the name of openness and progress that would make any German pick up a phone and call their lawyer. There are many examples ranging from little things – such as your gender and date of birth being readily apparent in your ID code – to more invasive measures, such as  the public availability of criminal records and political party membership.
To my mind, the arguments against having such personal information in the public sphere are quite obvious, while the counterarguments seem flimsy. Just imagine you are a kid in high school and your father’s picture hangs above a busy intersection denouncing him as someone who doesn’t pay his bills. Not exactly a pleasant feeling to know all your friends see your father’s plight advertised like that! While there might be an argument – however weak — that the deadbeat father deserves his public humiliation, the collateral damage done to the innocent members of his family can in no way be justified! Same holds true for family members of people with a criminal record. The limited benefit to society of naming convicted criminals publically does not weigh large enough to legitimize inflicting harm on innocent family members, or unfortunate people who happen to share the same name with the criminal
Most astonishing and frustrating to me, however, was the complete and utter lack of interest, let alone outrage, on the part of my Estonian family and colleagues. It seemed so counterintuitive to me that a people who have suffered under an oppressive state for half a century, would willingly abandon privacy issues once independence was attained.  I have however learned to accept that Estonians have their own opinions on these issues, however much I might disagree.
Hence, I was pleasantly surprised to read that President Ilves seems to largely agree with my strong reservations – to put it mildly – on the recently revealed US PRISM program. If the Estonian model of privacy provokes me to think, then PRISM gives me nightmares. Here is an institution – in this case, the National Security Agency – that collects vast amounts of private data on innocent people all across the world without consent, democratic legitimacy or proper oversight. Now, there are many arguments made by proponents of the scheme about why it is legitimate and essential. One popular point is that PRISM had been approved by Congress. For one, the majority of Congress seems to have been unaware about the details and the scope of the NSA’s spying operations, the possible exception being the intelligence committee. For another,  even if congressional approval had been duly and knowingly granted, it is still completely meaningless to any non-US citizen whose rights have been infringed upon by a foreign agency, without democratic legitimization or course of redress.
The second frequently cited argument is that the scheme has been instrumental in preventing terror attacks in the US and Europe. While this is certainly a positive aspect, it in no way justifies the means employed. Once you start undercutting and subverting civil liberties and rights in secret you step onto a slippery slope at the bottom of which you will find yourself in the distinguished company of the Gestapo, the Stasi and the KGB. It was and remains a basic principle of democracy that ends do not justify means. Over the past couple of centuries millions of Americans and Europeans have given their lives to defend the very rights and freedoms that the last two US administrations have been slowly chipping away at in the name of security.
One should, however, not only consider the moral and legal shortcomings of this US policy, but also address the adverse effects it has for the US. For one, any moral high ground the US had been left with after the past decade with its Iraq invasion, Abu Ghraib, Guantanamo, extrajudicial executions and war crimes, is eroding rapidly. Just a few weeks back President Obama hosted Chinese President Xi Jinping to establish a good working relationship and address US reservations on the Chinese cyber espionage program. Nonetheless, shortly thereafter the Chinese gave refuge to the US whistleblower Snowden and let him leave Chinese territory despite US extradition demands. Perhaps the two presidents didn’t really hit it off? Now Snowden is in Russia, having apparently received political asylum from Ecuador; Iceland also offered to take him in. The sport of taunting the US seems to be spreading.
Further, we should also not underestimate the damage Washington is doing to its own institutions in the eyes of the American constituency, both by setting up this clandestine program in the first place and the administration’s hateful slander campaign against Snowden. This merely showcases the rampant hubris of members of the current establishment, who continue to disrespect both their fellow citizens and the founding principles upon which the United States was built.
I strongly hope that the German government – and all other European governments, for that matter — will refuse to accept information illegally obtained by the NSA and prosecute anyone who knowingly makes use of it. Further, the European Commission should look closely at severely penalizing US companies who participated in these NSA spying operations. The fact that these companies were forced to cooperate by the US government is of no consequence. When providing services to European citizens, domestic law applies. Hence, the companies should either have switched over to providing Europe from beyond US legal purview, or they should have suspended services in Europe altogether when unable to operate without violating Europeans’ rights.
Should such information ever become available, the European judiciaries must also open a route of legal redress to those whose data has been illegally passed on to the NSA by US companies. These measures will force US based internet companies to resist US government pressure – only Yahoo took the US government to court over PRISM, the rest just voiced objections – in the future and lobby Washington not to put them in such a situation again. It will also allow for compensation for the victims and punishment for the offenders (even though the real perpetrators in Washington will remain out of reach).
Unfortunately, most governments in Europe don’t quite share my indignation and will hence not act forcefully. My hopes will have to rest on Brussels for now. The fact that the Estonian media and political leadership do voice concern with the American practices seems to suggest that there is an interest in privacy issues, at least when third parties are involved. Perhaps, Estonia’s historical experience has created a society whose members exhibit a larger degree of trust for one another, just like the German experience has created fear of surveillance and the state? Maybe that is the solution to my puzzle.

Filed under: Blog

No comment yet, add your voice below!


Add a Comment