TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Perspectives | Why U.S. Surveillance Law Protections Are Better Than Europe Thinks Related reading: The USA FREEDOM Act, the President’s Review Group and the Biggest Intelligence Reform in 40 Years



When the European Court of Justice and its Advocate General found the Safe Harbor unlawful in October, a major reason was their concern about the U.S. surveillance system. This week the Belgian Privacy Authority hosted a forum on the Schrems Safe Harbor case, and I was asked to comment on two questions:

  • Is U.S. surveillance law fundamentally compatible with EU data protection law?
  • What actions and reforms has the U.S. taken since the Snowden revelations began in June 2013?

To assist the consideration of these issues, I have prepared a 40-page white paper, published this week by the Future of Privacy Forum, that provides clear answers, with copious footnotes, to these important questions. The paper has three chapters.

First, there is a fundamental equivalence of the United States and EU member states as constitutional democracies under the rule of law. In the Schrems decision, the U.S. was criticized for failing to ensure “a level of protection of fundamental rights essentially equivalent to that guaranteed in the EU legal order.” This chapter critiques that finding, instead showing that the United States has strict rule of law, separation of powers and judicial oversight of law enforcement and national security surveillance, which together make the U.S. legal order “essentially equivalent” to the EU legal order.

Second, the Section 702 PRISM and Upstream programs are reasonable and lawful responses to changing technology.The Advocate General’s opinion in the Schrems case said that the PRISM program gave the NSA “unrestricted access to mass data” stored in the U.S., and that Section 702 enabled NSA access “in a generalised manner” for “all persons and all means of electronic communications.” This chapter refutes those claims, which appear to be based in part on incorrect stories in the press. Instead, the Section 702 programs operate with judicial supervision and subject to numerous safeguards and limitations. They examine the communications only of targeted individuals, and only for listed foreign intelligence purposes. The total number of individuals targeted under Section 702 in 2013 was 92,707, a tiny fraction of Internet users in the EU or globally.

Third, the U.S. Congress and executive branch have instituted two dozen significant reforms to surveillance law and practice since 2013. The Schrems opinion said that U.S. privacy protections must be evaluated in the “current factual and legal context,” but did not address the numerous changes put in place since 2013. This chapter provides a readable explanation of each of these actions, which together constitute the biggest set of pro-privacy actions in U.S. surveillance law since creation of the Foreign Intelligence Surveillance Act in 1978.

From my years of writing about EU data protection law, I know that it is often complex and confusing, including for many Americans. The same is true about U.S. surveillance law. The whitepaper attempts to bring these two divergent areas of law together in a readable form. An accurate understanding of the law and facts is essential to achieving the best possible outcome for Safe Harbor 2.0, and for the many ongoing issues that will arise in subsequent legal proceedings and implementation of the General Data Protection Regulation. I hope this whitepaper can help clarify these discussions, and I welcome comments and corrections.



If you want to comment on this post, you need to login.

  • comment John Kropf • Dec 18, 2015
    I just finished Justice Breyer's book The Court and World that focuses on the growing challenges imposed on courts in a globalized world of instant communications and commerce.  He notes that judges needs to carefully listen to "many voices" such as representatives of other government who can explain relevant policies --- especially when interpreting a treaty or international agreement.   He cited several cases where the US Supreme Court has a knowledge gap on foreign law and practice and that it is critical to hear from other nations.   Your paper does just that and glad to know your expertise will be considered by the Belgian DPA.   
    A shame the ECJ did not take the time to carefully listen to other voices when it made its findings of fact in the Schrems case about the US legal reforms in the area of oversight.1
    1 The U.S. Attorney General expressed her disappointment over the ECJ's ruling in Schrems saying, "It was particularly disappointing that the European Court of Justice - in a case based on inaccurate and outdated media reports - recently struck down the Safe Harbor Agreement."
  • comment Kenneth Mortensen • Jan 2, 2016
    One fact to add to this discussion is that many of the underlying facts about the privacy protection mechanisms and procedures surrounding government data collection activities were available to European institutions through the discussion and deliberations of what was known as the High Level Contact Group, which consisted of U.S. agency officials and officials from EU institutions. Additionally, the parallels and distinctions between each side's legal and justice structures were documented in great detail and acknowledgement that both sides' systems respected the underlying rights was put forth in a joint statement in the fall of 2009 (See, USEU Mission statement, Hopefully your thoughtful white paper will provide for a constructive deconstruction of the validity of the decision and more thorough thinking on providing necessary privacy protections for all sides.