To watch BBC News or send online messages to European friends, data must flow across the Atlantic. The EU-U.S. Safe Harbor Agreement makes these data transfers possible – but this might soon change.
We could soon see “cyber-fences” between the U.S. and EU if negotiators from both sides fail to adopt a new agreement by the end of the month.
The recently invalidated agreement required American businesses to provide “a level of protection of fundamental rights and freedoms that is essentially equivalent to that guaranteed within the European Union.” In return, Internet traffic could flow unfettered from the U.S. to Europe and vice versa.
Last October, the CJEU used the Edward Snowden/National Security Agency (NSA) revelations to say that U.S. spying on cross-continental communications gave European citizens lower, “non equivalent,” privacy protections than they enjoy in the EU. Thus voiding the Safe Harbor agreement.
To avoid curtailing the free flow of Internet traffic after January 31, U.S. and EU officials have worked to revamp the invalidated Safe Harbor into a “Safe Harbor 2.0” that addresses the CJEU’s concerns. But now, work on Safe Harbor 2.0 is stalling as key negotiators seek an agreement that ensures equivalent privacy protections.
But these negotiators must realize that a CJEU invalidation of Safe Harbor 2.0 is unlikely. Much has changed since the court’s October decision.
Recently, European governments have increased their surveillance while America has curtailed its own. And no longer can the CJEU ignore the spying conducted by European governments as it did in October.
France now runs a surveillance program similar to the U.S. NSA’s. And the French Parliament overwhelmingly approved new law enforcement powers for domestic and foreign online spying without judicial oversight. Under England’s expanded Investigatory Powers Bill, law enforcement can, without a warrant, see the names of every website people have visited. The German government has expanded the tracking of other EU members and its own citizens.
While European countries continue to expand their government surveillance programs, the US continues moving in the opposite direction.
Last month, Professor Peter Swire, part of the President's Review Group on Intelligence and Communications Technologies, explained changes to American surveillance programs to address concerns raised by Snowden. Swire discussed: new prohibitions on bulk collection; declassification of FISC decisions, orders, and opinions; surveillance principles to protect privacy rights outside of the U.S.; protection of civil liberties in addition to privacy; and safeguards for the personal information of all individuals, regardless of nationality.
Americans have long been wary of government surveillance. Our Constitution creates a check on law enforcement through the separation of powers – ensuring Congressional and Judicial review of Executive actions. And our Bill of Rights Fourth Amendment protects us from “unlawful search and seizure.”
Let’s be clear that the US should consider additional reforms in the future, but we have come a long way from the world on which the CJEU based its Safe Harbor smack down.
It is incumbent on our government officials to remind foreign leaders that U.S. has privacy protections that are at least equivalent to EU privacy protections. And we must push aggressively for Safe Harbor 2.0 adoption so that we can retain open channels between our continents.
By finalizing Safe Harbor 2.0 we can ensure the continuity of intercontinental communications. Fences may make for good neighbors. But, virtual fences block BBC videos.
Szabo is policy counsel for NetChoice.