Only 24 hours after the leading online data collection global giants, including Google and Facebook, unveiled a well-publicized open letter to President Obama calling for reform of government surveillance policies, another revelation via whistleblower Ed Snowden revealed that the NSA has used tracking software—called “cookies”-- from Google.
While U.S. data companies forming the Reform Surveillance group laid out a series of principles to limit U.S. government data spying on citizens, they were silent about how their own business practices—which now encompass pervasive eavesdropping for commercial purposes on individuals around the world—also greatly contribute to the growing threat to privacy we increasingly face.
Although previous documents made available by Snowden raised questions about the role of Google, Yahoo, Microsoft and others and their relationships with the NSA and other national intelligence agencies, for the most part the commercial Internet data companies have escaped criticism about how their own practices contributes to surveillance in the digital era. Yet U.S. online companies are pioneering the dramatic expansion of data collection throughout the world, as they gather, analyze and make actionable all of our information.
These companies have become forms of private NSAs as their interest in pulling together all our data—tracking us on social media, mobile devices, online searches, games, and even when we are shopping in the grocery or department store. They use this data to create their own version of dossiers on individuals--online profiles. These profiles can reveal personal details such as our financial status, race, political interests, buying habits, technology we use. Through social and mobile data collection, they even know where we are (location) and are likely to go, as well as whom we consider “friends” and part of our network. Our behaviors, interests and background are continually analyzed, identifying whether we should be targeted with ads and other commercial content connected to financial and health products, political campaigns and more. Data is at the core of contemporary online practices where an individual can be “microtargeted” on a continuous basis using a myriad of persuasive digital techniques.
The U.S. data collection industry increasingly claims to lawmakers and others that “data-driven marketing is a major expert,” “a uniquely American creation,” and that commercial surveillance can be proudly labeled “Made in America.” Consequently, U.S. Internet companies have been opposed to new legislative proposals that would empower consumers to have better control over their online information. The data marketing lobby has mounted fierce opposition to strengthen the EU’s data protection framework, fearing that it could cut the flow of data it is now able to monetize without much oversight. Now they also want the Obama Administration to help them expand their ability to gather EU citizen information through the Transatlantic Trade and Investment Partnership (TTIP) trade agreement being negotiated in Washington and Brussels. Removing any barriers to transatlantic E-commerce, data flows and from the EU’s more comprehensive approach to privacy are among the key goals for US data companies and high-tech trade groups. But while the TTIP is said to promote jobs and economic growth, American companies view it as a political tool to evade Europe’s forward-thinking and history-based approach to privacy—where it’s enshrined as a civil right. They are pressing the White House to craft a trade deal where U.S. businesses will be able to more freely collect data from Europeans, without regard to its data or consumer protection rules. Under the guise of promoting “interoperability” and “regulatory convergence,” the U.S. industry groups are trying to strip away the ability of the EU to protect the public.
US officials have made numerous trips to Europe claiming that its approach to protecting privacy is as robust as the EU—something unfortunately not true. With the exception of a children’s privacy law passed more than a decade ago, online companies have no regulatory obstacles preventing their extensive collection and use of data on Americans. The Administration frequently points to the Federal Trade Commission’s recent 20-year agreements with Google and Facebook, where the two companies promised to protect user privacy, as evidence of a robust protective framework. But despite these so-called “consent decrees,” these two digital behemoths expand their collection of data almost daily.
The U.S. has criticized the calls from the EU and elsewhere, in light of the Snowden revelations, that would create stronger privacy safeguards and new ways to transport digital information that might evade governmental eavesdropping. The Obama administration has claimed that such moves threaten “Internet Freedom,” a theme echoed by U.S. digital data companies. The commercial online data industry and their supporters don’t want any new obstacles that would constrict the capability they currently enjoy to easily harvest our personal information. But protecting citizens from surveillance—whether by government or private actors—enhances freedom online, and should be at the core of a “free Internet.”
Rules to protect the privacy rights of citizens and how we govern ourselves in the 21st Century should not be subject to a deal negotiated behind closed doors. In our digitally connected world, data is the new global currency, creating not only economic value but helping shape our daily lives. Control over our personal information should be a “right” that all citizens enjoy—and should not be subject to a U.S. and EU agreement designed to promote cross border commerce by exchanging our data for some to perhaps gain some additional Dollars or Euros.
Rossoglou is with the BEUC or European Consumers' Organization and Chester is with the Center for Digital Democracy.