BlogEuropa.eu

Ideas, debates, analysis et al.

  • About BlogEuropa.eu
  • Editors
  • More info
  • Seminarios BlogEuropa.eu

    • Why are we giving the US such a hard time on ‘data protection’ grounds?

    Filed under: All Posts,Europe in the World,Law,Privacy,Tomás F. Serna

    Tomás F. Serna

    February 2, 2007

    There is no need to resort to a legal scholar to obtain a general grasp upon the overall different approaches towards ‘privacy’ both from the EU and the US perspectives.

    We, Europeans, seem to be very wary towards perceived potential threats to the ‘fundamental right’ to privacy. Thus, Directive 95/46 saw the light, the European Data Protection Supervisor was created, as well as many ‘national regulators’ among the different European member states. In Spain furthermore, we have a number of ‘local’ sub-state public data protection authorities.

    And by the way, the most exquisite ‘administrative law’ (public), resolutions and readings that I have come across in my professional life, came from both the Spanish national one: the ‘Agencia Española de Protección de Datos’, as well as from the ‘Agencia de Protección de Datos de la Comunidad de Madrid‘, (Madrid’s local one). (Credit where credit is due: the Spanish CMT deserves a golden honorific mention here too.) I think most lawyers would agree with me on this one.

    Contrary to popular belief, the US approach is not a careless one. America has had its own Privacy legislation since 1974… and in the great and most straightforward American fashion, the own US DoJ clearly states its opinion regarding this Statute:

    (…) “The Privacy Act of 1974, (…) can generally be characterized as an omnibus “code of fair information practices” that attempts to regulate the collection, maintenance, use, and dissemination of personal information by federal executive branch agencies. However, the Act’s imprecise language, limited legislative history, and somewhat outdated regulatory guidelines have rendered it a difficult statute to decipher and apply. Moreover, even after more than twenty-five years of administrative and judicial analysis, numerous Privacy Act issues remain unresolved or unexplored.

    This is not to say that the issue of privacy has remained untackled ever since. Recent examples of this are the ‘Computer Matching and Privacy Protection Act’ of 1988 or the ‘E-Government Act’ of 2002 to name two. And evidence is to be found, that there seems to be a trend towards increased initiatives in this regard; proof of this being some recently introduced initiatives in the House and Senate such as the ‘Federal Agency Data Privacy Protection Act’ or the ‘Protecting Children in the 21st Century Act’, both from Jan. 2007.

    The current US administration has been taking some heat lately on privacy grounds. There are some issues on the table that seem to be raising public awareness on privacy matters on both sides of the Atlantic Ocean. At least on the EU, recent cases such as the swiss ‘swift’ banking records as well as the aforementioned ‘PNR’ one previously discussed on this forum–, have enjoyed much attention from the press and seem to produce some somewhat sensationalist headlines, every so often.

    On the US side, the unpopular ‘computer-assisted passenger pre-screening’ I and II systems (CAPPS) as well as the ‘President’s DNA Initiative Advancing Justice Through DNA Technology‘ are also raising lots of debate and making numerous headlines as well.

    All in all, the European seems to be a strictest approach. (Please note that this is NOT a judgment over whether this approach is necessarily a more rigorous one.)

    On Dec. 13th. 2006, Mr. Franco Frattini, European Commissioner responsible for “Justice, Freedom and Security”, delivered a brief speech before the European Parliament in which he raised new concerns regarding the October 2006 PNR transfer agreement, and the aforementioned CAPPS (II) program. Just yesterday, he made some strong remarks to the press regarding the (…) “non-negotiable” nature of privacy rights.

    As with regards to the US, suffice to say, they are dealing with a matter of national security here. And I think that everyone will agree in my saying that they have reason to devote a great number of efforts towards preventing further terrorist attacks on their homeland.

    I also think that it is safe to say that none of the parties seems to be inclined to regard as satisfactory the so-called “stop-gap” solution that had to be negotiated as a result of the ECJ ruling from May 2006. [For the sake of brevity, I'll refer the reader to previous posts for further information on this same matter.]

    Are we really worried of the usage that the US Government might do with the itinerary or the means employed for paying for our next trip to or within the USA? We are dealing with a government here, as opposed to dealing with some company behind some dubious Internet site. Shouldn’t we be devoting more energy towards really urgent needs as opposed to futilely finger pointing at long-standing friends and allies?

    It is already tragic that our ‘data protection’ policies are so close and single minded that real businesses with real employees are only finding in them yet one more artificial set of obstacles in order to conduct regular business in very legitimate ways.

    Mildly experienced data protection attorneys would undoubtedly tell you stories on how these rules are already somewhat hurting industries across Europe. Once again, I think most of us would agree that these policies are not increasing the competitive advantage for EU based companies in the international business arena…
    (But that’s another article…)

    All the best, TFS.

    Comments (6) 5:40 am |

    6 Comments »

    1. Tomás asks: “Are we really worried of the usage that the US Government might do with the itinerary or the means employed for paying for our next trip to or within the USA?” Well, the answer is yes. It seems that the US government does not consider itself bound by international regulations on war prisoners and human rights (Guantánamo, Abu Ghraib); or by international regulations on judicial cooperation (extraordinary renditions). Sometimes, it does not even consider itself bound by the US Constitution (illegal tapping of foreign calls within the US territory). In all these cases, we are not talking about feet-dragging; when these practices were discovered, they were not stopped, they were justified! Therefore, we are talking about very well-thought policies which rely on the “executive authority at war time” doctrine set forward by Alberto Gonzales and others. Michael Ignatieff has discussed these issues at length in his excellent book “The lesser evil”, I really recommend it. In the meantime, I will continue not trusting the US government.

      Comment by Jose Ignacio Torreblanca — February 5, 2007 @ 12:08 pm

    2. Dear José Ignacio,

      Many thanks for reading as well as for taking the time to share your thoughts.

      I wouldn’t want to get in a discussion over the practices of nations at war, or else on how the current US administration chooses to conduct its anti-terrorism policies.

      We could do that. We could perhaps reflect both on current and past US administrations… and I think we would end up agreeing in some instances while very much disagreeing on some others. We could even try to balance how much does Europe as a whole owe to the US on an overall historical scale…

      But let’s not go there as that was/is very much out of the scope of my post.

      So, putting every other issue aside, let me say that it only seems reasonable to me that if I’m voluntarily willing to set foot in a foreign country, a country in which I’m an alien… I should fully comply with their requirements, rules and regulations.

      Perhaps furthermore in this case, where I would be willing to enter a country that is currently at war and that has suffered terrorism on unprecedented scales both within and outside its borders…

      While being very wary towards the usage of my personal data by non-authorized parties, this seems to me a non-issue. An issue artificially ‘fabricated’ to grab some headlines and political momentum every so often.

      As I said, we are dealing with national security issues here. We are talking and talking back and forth over 34 pieces of information that people should take the time to review… in order to realize about the ridiculous nature of the discussion itself.

      Once you are duly notified that the international transfer of personal data would need to take place should you be willing to visit this or that country, it is your choice whether to choose an alternative destination for your honeymoon/ shopping / business trip, and such transfer of personal data would never happen.

      This is just diverting attention from where is really needed. TFS

      Comment by tfserna — February 5, 2007 @ 8:25 pm

    3. Dear Tomás, I agree with you that any country has the right to know who is crossing or wants to cross its borders. Specially if it happens that the country is a favourite goal for international terrorists. The problem is not the “transfer” of data, I agree with you that if the request is transparent and you are duly notified, then there is no problem. The problem is the “usage”, i.e. whether there are controls assuring that those data will only be used for counter-terrorist purposes and not for other purposes. Giving the US my visa card number and my frequent flier number will allow the US government to investigate me before I travel to the US, and I agree with that, but, crucially, also once I have left the US. Will those data be destroyed once I am checked and cleared as a “safe person”, or stored for subsequent uses for which I have no control? With today’s technologies, it is easy to track transactions with a VISA, and find out where I am and what I am buying, even if I am back in Spain. Therefore, the question is not transfering, but having the opportunity to control the use of those data. This is a key issue in any democracy and we should not easily give up.

      Comment by Jose Ignacio Torreblanca — February 8, 2007 @ 12:42 pm

    4. Dear JIT,

      Obviously the matter at issue is usage, storage plus usage perhaps.

      Don’t get me wrong, I’m not advocating in any way for ignoring of our privacy legislation.

      The fundamental right we recognize for controlling where our personal data goes, the purposes of collection, etc. is an important piece of legislation in my humble opinion.

      I have a lot to object on how these issues are handled and affect businesses ‘in the real world’… Though I think and recognize they serve a key purpose and that they are necessary (and not in the sense of necessary evil…)

      I’m just trying to make a point over that there is a need to recognize who the counterpart in this issue is (a Government, as opposed to a dubious website as I said in the post), as well as the purposes they are trying to achieve through these data mining techniques.

      I would dare to say that these kind of issues and counterparts were not in the mind of the legislator when our privacy Directive was enacted.

      Let’s not get too serious and please allow me to say goodbye with a brief personal anecdote that I think comes very handy to our discussion: I visited the FBI headquarters around 10+ years ago with a very good american friend of mine who knew people there.

      After the regular tour they had everyone leave but they asked a couple of visitors to stay. During the tour they fired and demonstrated, from behind a bulletproof glass, a number of firearms that both FBI agents as well as the bad guys used throughout FBI’s history.

      So they handed some of those guns (after having been emptied of course) to us, and were kind enough to have a photographer take some pictures.

      I recall that this little group was comprised of one or two retired police or government officers with some close family as well as my friend and myself.

      After taking the pictures they said that they would send the pictures home. So I responded: “excuse me Sir, I’m from Spain…” (They didn’t have my address…)

      And this gentlemen responded: “Well, that’s the good thing about the FBI… Don’t worry about it. We’ll find you.”

      Best, TFS

      Comment by tfserna — February 11, 2007 @ 4:25 pm

    5. Dear Tomas:
      I cannot but fully agree with Jose Ignacio.
      USA is not the only country that has suffered massive terrorism. We too, but we are not asking for the personal data of the millions of USA people that come to our country.

      Let me tell you also a personal anecdote: I’ve been travelling all around USA from I was twelve with no problem at all. Last time, I went there for a short tourist trip to New York of less than a week. It was in 2005 -first time after September 11th-. I was detained at customs about 8 hours. ¿the reason? For them my name was María López and they had a María López in their most wanted list. They took everything from me: my finger prints, a photo of me, a print of my eye’ iris, my weight, my height, the colour of my eyes and hair, my address, my profession, … . It’s true that police was very kind and they assure me that they knew it was not me and that everything was a terrible coincidence but still I had to answer all the questions they asked me and to give them all kind of data you can imagine. In any case that part of the story took less than 15 minutes. After, we were just simply waiting for the “call” (of some USA central agency where they sent all my data that checked them). More or less eight hours later, they told me everything was OK and I could go. But they also warned me about something … because my name, I would be detained everytime I will travel to USA from now on!!!. The good new, accordingly to them, was that next time it will took much less time because …. now they know everything about me and they have all my data!!

      I believe that EU data protection legislation -at least as it is been intepreted and applied in Spain- is too restrictive so it is difficult for lawyers and business people to do our work. But I cannot accept USA demands neither justify them (by the way, they are not in a war there).

      My best regards,
      Maria

      Comment by Maria López-Contreras González — February 19, 2007 @ 10:02 pm

    6. Many thanks María for your insights!

      And I’m very sorry to hear about that terrible experience…

      Take care, TFS

      Comment by tfserna — February 26, 2007 @ 11:11 pm

    RSS feed for comments on this post. | TrackBack URI | bookmark on del.icio.us.

    Leave a comment

    XHTML ( You can use these tags): <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .

    Advertencia de Protección de Datos:

    Los datos personales capturados con ocasión de la utilización del formulario de comentarios (nombre/apodo, dirección de correo electrónico, sitio web y dirección IP), serán incluidos en un fichero del propietario del sitio web y se publicarán (excepto su dirección de correo electrónico y su dirección IP) en esta página con la finalidad de permitir opinar públicamente al lector, así como para en su caso contestar al comentario o consultas que formule. Podrá ejercitar sus derechos de acceso, de rectificación, de cancelación y de oposición en lo referido a dichos datos personales dirigiendo un correo electrónico a la dirección: datos.personales@blogeuropa.eu.

    ----

    Privacy notice:

    Please be informed that by using the comments form, your personal data (name/nickname, e-mail address, website and IP address), will be included in a file owned by the website proprietor and published along your comment (except for your e-mail and IP addresses), in order for the reader to publicly comment, as well as -should that be the case-, to respond to any comment or query that readers may have made. You will be able to exercise your rights to access, rectify, cancel and oppose such personal data by sending an e-mail to the following address: datos.personales@blogeuropa.eu.

    « Terrorism & European Values    A bunch of cynics »