The new ‘Privacy Shield’ may be a solution to the differences on data protection between Europe and the US, but the historical roots of both sides of the pond provide a tricky obstacle to overcome
Last year in 2015, the two-year-old court case finally came to an end. The result; the European Court of Justice (EUJC) declared the long-standing ‘safe harbour’ agreement no longer legally valid. This legal framework, which a range of US tech companies had previously relied upon in order to transfer the data of European citizens across the pond, no longer provides those companies with the legal validation to do so, thanks to privacy campaigners in Europe, such as Austria’s privacy cheerleader Maximilian Schrems. Though US and EU regulators managed to squeeze out a new deal dubbed the ‘US-EU Privacy Shield,’ full details of this new framework are yet to be revealed, and thus far has been criticised by many European DPAs, questioning its fate and legal sustainability.
Edward Snowden is much to blame for these complexities; his revelations of the NSA surveillance programs fuelled ubiquitous fears of invasions of privacy and encouraged many to highlight the harm to civil liberties. Since the revelations, Europe took on a stance which very much opposed that of the US government, consequently invalidating the legal nexus which had previously stood unchallenged and connected the digital economies of both the US and Europe. In its ruling, the EUJC declared that the European Commission’s transatlantic data protection agreement, established in 2000, as no longer valid since any data on US soil was subject to the NSA and its surveillance programs. The Data Protection Directive of the EU only permits the transfer of data to a third country “if that third country ensures an adequate level of protection of the data,” which was a commitment which the USA, the EUJC deemed, did not fulfil.
The polarisation on the issue of data protection and security stems from the historical roots of both sides of the Atlantic. The privacy-conscience consensus amongst the European regulators originates from, it could be argued, its violent history of uprising against oppressive tyranny. Th French Revolution, a violent political rebellion spanning over 10 years in the late 1700s, saw French citizens rise up against an autocratic monarchy in a fight to provide and protect citizens with the rights and liberties which a fair democracy provides. The uprising sent shockwaves across the continent, which saw many other powerful monarchies and autocracies crumble and fall. The ideology behind it was one of eliminating tyrannical leaders, and replacing them with a democratic establishment which operated in the best interest of the many rather than the few. These inspiring events provides the foundations of Europe’s approach to privacy online; scarred by the turmoil of the past, it favours the protection of civil liberties, and therefore the preservation of privacy, of its citizens over what it sees as the excessive and totalitarian ways of the US government, and the NSA in particular, even in the name of national security.
Likewise, the Founding Fathers of the US proposed the same ideas. The creation of a government consisting of three branches (the judicial, legislative and executive branches) was meant to hold each branch to account and create a system of oversight designed to eliminate any chances of tyranny or an abuse of power. However, the 9/11 attacks fuelled a patriotic desire to bolster security and commit to a fight against terror, providing the premise for mass surveillance; security over privacy. Since 2001, the Patriot Act, and the expansion of the NSA’s powers, exemplifies the determined focus to combat crime and security threats by means of intelligence and mass information gathering of citizens, a process unfamiliar to the EU since it does not have access to intelligence collected by member states.
Fast-forward to 2016 and the distinction between the two approaches is not only wider and more pronounced, but also problematic. As a result, the failures of the safe harbour agreement, once uniting Europe and the US, now entertains the possibility of a tricky relationship between the two for the foreseeable future. The new agreement may hopefully be the start of a more collaborative relationship, although many fear that the ‘Privacy Shield’ does little in progressing to a better solution for Europe and the US. But they both need each other; US tech companies value the European economy as an opportunity to expand and increase sales, and Europe, in turn, welcome the increased economic activity, jobs, expertise and tax revenue, that these tech companies can bring, encouraging greater innovation within its own digital economy. Though in order for either sides to benefit fully from such advantages, an agreement must be made. Will the historic roots of both sides prevent any settlement sustaining, or will this be an opportunity to work harmoniously once again? We shall wait and see.