American privacy values vs. European perceptions
As law enforcement and intelligence agencies struggle to balance security against civil liberties, it's important to distinguish caricature from reality.
Th Chertoff Group's Paul Rosenzweig argues that Americans' dedication to privacy rights is often greater than the rest of the world is willing to admit.
Several years ago, a European Parliamentarian rather famously caricatured American law enforcement as epitomized by Dirty Harry (the famous Clint Eastwood character), and compared U.S. conduct (unfavorably, of course) to the more sensitive European style, embodied in Agatha Christie’s hero, Hercule Poirot.
How times have changed.
In late June, the U.S. Supreme Court decided Riley v. California -- a case that created a zone of digital privacy for the data stored on cellphones, smart phones and tablets. According to the court, before American law enforcement officers may search a device for digital content, they must first secure a warrant – that is, an authorization for the search, issued by a neutral judicial officer, upon proof of probable cause to believe that a crime has been committed and that evidence of the crime can be found on the device. In unanimously ruling thus, the Supreme Court reminded us that American fidelity to values of privacy and civil liberty is quite high – often higher than we are given credit for by the rest of the world.
The Riley decision, after all, is just one small piece of a series of steps that have increasingly made clear the U.S. commitment to privacy. Consider:
-- In the past six months, the Privacy and Civil Liberties Oversight Board (PCLOB) has issued two detailed reports on NSA activities – reports that provide far more transparency into American intelligence activities than has ever been provided by any country in the world.
-- Though an initial ruling went against the firm, Microsoft has brought legal action to limit the extraterritorial effect of .U.S. law enforcement requests for cloud-based data.
-- Microsoft, Google, and other tech giants have driven a lobbying campaign to update the Electronic Communications Privacy Act to extend warrant protection to stored communications and a majority of the House of Representatives has co-sponsored a bill to that effect [full disclosure: I have personally participated in that effort].
-- President Obama has taken executive action to give Europeans privacy rights equivalent to Americans with respect to data held by the federal government, and has indicated that he plans to ask Congress to revise the Privacy Act to create legislative protections that are beyond his executive power.
All of these developments reflect favorably on American efforts to protect privacy and civil liberties. They come at a time when American fidelity to those values is open to some question. Lately, it seems, Americans have been lectured by Europeans on the “right” way to do privacy. And revelations about NSA activities have proven both diplomatically and economically problematic.
It really shouldn’t be that way.
The truth is that European attitudes to government surveillance are not very different from those in the United States. Indeed, by some measures, it is easier for European law enforcement and intelligence agencies to gain access to the personal information of its citizens than in the United States.
For one thing, there is (apparently) no equivalent to Riley in European law. For example, Britain's electronic intelligence agency, GCHQ, has disclosed that it intercepts communications outside the country without the necessity of a warrant. And, under British law, Facebook and Twitter posts or searches on Google or YouTube that went to data centers (say in the United States) outside the British Isles would fall under the external category.
Likewise, consider the ease and frequency with which European law enforcement agencies get access to conversations in real time through wiretapping. If anything, real-time access ought to be more tightly controlled than access to stored data, on tablets and other devices, yet it is surprisingly more frequent and often easier in Europe than in the United States.
In most European countries, to be sure, judicial approval for an interception is necessary. But judges in Europe are "investigative" jurists -- meaning they function more like American prosecutors than judges. So there is, effectively, no check on law enforcement's ability to eavesdrop.
And in the United Kingdom, wiretaps are approved by the Home Secretary -- an executive official. It would be as if our own attorney general could approve the FBI’s wiretap requests. Perhaps even more notably, the Netherlands has the highest rate of wiretapping of any European country -- Dutch police can tap any phone they like, so long as the crime under investigation carries at least a three-year jail term.
More to the point, according to a report from the international law firm Hogan Lovells, the informal nature of cooperation between European law enforcement and service providers is quite significant. In virtually every European country, service providers may “voluntarily” provide data to law enforcement in response to an informal request. That kind of ease of examination is the sort that the Supreme Court was rejecting.
Thus, as we have noted, foreign views of American attitudes toward privacy and civil liberties have long been a bit of a caricature. Perhaps it’s time to re-examine that perspective -- now that Dirty Harry seems to have more legal constraints on his activities than does Hercule.