The Financial Times has an editorial warning gravely that the European Union may overreact to the PRISM revelations.
If recent leaks about US internet surveillance spur Europe’s political leaders to press ahead with a proposed privacy directive, so much the better. That looks like one potential outcome from disclosures about the National Security Agency’s Prism program, with German chancellor Angela Merkel this week joining the chorus in favour of moving ahead with a privacy overhaul that was first put forward at the start of last year. There is a danger, however, that ill-considered responses to the Prism leaks will also risk Balkanising the internet and hampering companies that have been at the forefront of digital innovation. Protecting citizens’ privacy is an important job for governments – but so is using the new tools of online surveillance to make those citizens secure. These two goals should not be confused, and knee-jerk responses to populist outrage could do more harm than good.
I suspect that what is driving this is the realization that international business (i.e. the FT’s readership base) is likely to get hit as the regulatory politics of privacy and espionage start to get messy. Abraham Newman at Georgetown and I recently wrote a piece for Foreign Affairs’ website describing the complex forms of coordination that have sprung up between the EU and US over information sharing, and describing the likely consequences of the current scandals for this security cooperation. The article draws on a book we’ve been writing over the last couple of years on the transatlantic politics of data sharing, which has suddenly become a rather livelier issue than it was when we first started writing about it. This forthcoming article in World Politics on the ‘new interdependence’ will give political scientists some idea of the kinds of argument we are using, although it doesn’t address the empirics (it’s framed around a review of other people’s work).
There are a number of misunderstandings in the general coverage of this dispute – I’ll write about them as opportunity arises, drawing ideas (if not always empirical evidence) from the joint research that Abe and I have been doing. One such is reflected in Ed Luce and Tyler Cowen’s hope that the Europeans can be relied on to press for privacy protection in e.g. transatlantic trade negotiations. Luce and Cowen may turn out to be right – but only post-hoc. Europe has been having its own internal fight between officials and politicians who privilege security, and officials and politicians who privilege privacy, and until the last few weeks, the security-focused officials were winning. Instead of privacy-focused officials using transatlantic negotiations to reform American politics, security focused officials were using transatlantic negotiations to reform European politics. The EU, which had vigorously fought US proposals on terrorist financing tracking (the US so-called TFTP program) and airline passenger information in the 2000s, had agreed in principle to build its own TFTP, and was likely to introduce airline passenger data screening too along US lines. The transatlantic agreements that had resolved these disputes was leveraged by security-focused officials to bring through domestic changes within Europe.
This has changed thanks to PRISM and revelations (which weren’t really revelations – but that’s another story) that the US was tapping European Union communications in the Council of Ministers. Senior officials, including German officials, still privately think that this is a fuss over nothing. But they are finding themselves constrained by domestic politics to take action that seems to restore privacy protections. Nowhere is this clearer than in Germany. We know, from the Wikileaks cables about the previous TFTP dispute that German Chancellor Angela Merkel was never on the side of the privacy advocates in the confrontation with the US.
Hamburg Mayor Ole von Beust (CDU) told Ambassador today (2/12) that he had met with Chancellor Merkel last night and she was “very, very angry – angrier than he had ever seen her” with the outcome of the vote. Beust said that the Chancellor had personally lobbied German MEPs from the CDU/CSU parties to support the agreement, but that most of these MEPs ended up voting against the agreement anyway. Merkel expressed concerns to Beust that Washington will view the EP veto as a sign that Europe does not take the terrorist threat seriously. Merkel also worried about the ramifications (presumably within Europe and for transatlantic relations) that might follow were a terrorist attack to occur that could have been prevented had SWIFT data been exchanged.
This helps explain the anodyne response of the German government to the crisis. Merkel and her allies quietly agree with the US, and desperately want the controversy to go away. But the scandal is allowing the main opposition parties, the SPD and Greens, to put Merkel on the defensive. This pushes her in turn to take a more active position than she would like with respect to US spying, while also pushing for a stronger EU privacy framework more generally. This last can be expected to have knock-on repercussions for relations with the US - but that is a topic for another post.
Journalists, bloggers and indeed most international relations scholars like to think of disputes like this as face-offs between different states, with fundamentally different ways of doing things. But in fact, the more interesting politics often goes on in the dubious interzone between transnational and domestic politics. The US push for security over privacy has had many supporters within Europe, who have used the transatlantic relationship to bring through laws and policy changes that weaken the previously existing privacy regime. These security focused officials were becoming increasingly dominant in Europe as well as the US. Now they are at least temporarily beleaguered, which may, somewhat unexpectedly, lead to a new eruption of privacy disputes between Europe and the US.