Home > Analysis, aside, culture, Foreign Relations, human rights, politics, technology > Privacy, National Security, Human Rights, Social Value, Whatever – It’s Whatever the West Says

Privacy, National Security, Human Rights, Social Value, Whatever – It’s Whatever the West Says

Microsoft

Microsoft, Privacy, and Rights over Ex-territorial Servers

The Economist today had an article on a case involving Microsoft’s alleged refusal to turn over documents stored on a foreign server to FBI. The article can be found here (archived here).

According to the Economist:

SUPPOSE FBI agents were to break into the postbox of an American company in Dublin to seize letters which might help them convict an international drug dealer. There would be general uproar, if not a transatlantic crisis. But that is essentially what the FBI wants to happen, albeit in the virtual realm: it has asked a court to order Microsoft, in its capacity as a big e-mail provider, to hand over messages from a suspect in a drugs case which are stored in a data centre in Ireland. On September 9th an appeals court in New York will hear oral arguments on whether Microsoft has to comply.

The case has many wrinkles … But at the core of the case is one of the most knotty legal questions in the age of cloud computing: how to give law-enforcement agencies access to evidence when laws remain national, but data are often stored abroad and sometimes even at multiple places at once?

This article rightfully brings up conflicts in law in the Internet arena within the West. Over the last few years, certain very public and passionate debates have flared up with Europe and the U.S. regarding privacy, right to delete, and censorship on the Internet.

A few years ago, as early as 2008, when I noticed Google Streetview growing to incorporate the streets of Taiwan, Hong Kong, and other Asian regions, I realized that everyone there simply took it for granted that it’s ok. What Google did must be the right, enlightened, and forward-thinking.

It was only until the Germans (as early 2008) fought back and led Europe to articulate an ideology that pushes back to say that Google does not have an unfettered right to take street pictures of every society that citizens around the world began to doubt and fight back against Google (albeit often unsuccessfully)…

The world is better because the Europeans fought back.

Today, real disagreements exist on how cloud data should be used and handled. But importantly, the real fighters are still the Europeans and Americans, the rest of the world still just goes along for the ride.

Imagine if it were the Chinese who had first fought back about privacy – they would be ridiculed to no end as backwards, authoritarian, etc, as they have been regarding censorship. Today, all major American companies operating in Europe – Google, Twitter, Microsoft, and others – comply with censorship laws of nations in which they operate 1. They do so in India and Australia and other nations as well … yet China is still upheld as the epitome of the Dark Empire (as opposed to FREE World).

Censorship and all these Internet policies is about vague values and norms … and ultimately politics. I don’t see any basic right or wrong or human rights about these, but it’s cast as that. It’s double-speak and hypocritical.

The article on the reach of law on server data is just the tip of ice berg, but wherever you stand, we should all agree that by the very nature of cloud computing (i.e. whenever data is stored on others’ servers), that data is privy to whoever host the data 2. The Internet companies – and by extension the government to which the companies are subjected – will have access to your data whatever their privacy policy says, whatever the law says.

Microsoft may fight back against an FBI request here and there – for publicity’s sake – but when push come to shove, if true national security issues arise, the government will always win, and the law will always bend (if it’s not the courts going along with the government  then it will be clandestine operations by the FBI or other operations to force these companies to hand over information). The disclosures the last few years prompted by Edward Snowden’s original disclosures showed us at least that.

The Economist suggested that the proper way for the U.S. to extend its reach to European allies is for European and Americans to draft a treaty of mutual cooperation.  That’s probably a better way than the U.S. arm-wrestling its companies to comply to its will regardless of other nations’ laws, but whatever policy the West shall agree amongst itself, let’s make no mistake that they will write the rules according to their interests and values (values shaped by their interests, of course).

The bickering among Western power can create much welcomed breathing space for the rest of the world. But when will the rest of the world speak up? When will they shape the world with their own values? When will they at least concede that there is no such thing as a Free Internet, only enclaves of Internets, and that the Free Internet appears “Free” because the Internet is dominated by the West and currently conforms to the values of the West?

Notes:

  1. See, e.g., http://www.rt.com/news/173308-hidden-censorship-forgotten-google/, http://www.huffingtonpost.com/news/twitter-censorship/, http://www.huffingtonpost.com/news/google-censorship/, http://mashable.com/2013/04/25/google-government-censorship/#.NS_7MJoEOkp,
  2. Some may argue for encryption where the private key is held locally at each computer, but even then, assuming the implementation is perfect, the cloud would be dumb, as the data stored would be encrypted. That’s is what most people have in mind when they talk about cloud computing.
  1. October 7th, 2015 at 11:32 | #1

    A European Court ruled that “legislation permitting [American] public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life,” presaging, perhaps, a “balkanization of the Internet.”

    The article concluded:

    If America and the EU cannot agree, more countries will conclude that they, too, can impose their own standards. “Despite all their differences, the US and the EU have many things in common,” says Christopher Kuner of the Brussels Privacy Hub, a research centre. “If they can’t agree on privacy, how can the rest of the world?”

    This is good news…

    Here is a link to the article (http://www.economist.com/news/international/21671982-rift-represents-step-toward-balkanisation-internet-european-court-ruling) from the Economist.

    EVEN before the European Court of Justice (ECJ) decided on October 6th to strike down the “safe-harbour” privacy pact between the European Union and America, lawyers who specialise in data protection were finding themselves in high demand. Will my firm’s data flows across the Atlantic become illegal, anxious clients asked? And if so, how to cope? The worries were justified. Though the ruling does not “break the internet”, as doom-mongers have it, businesses may have to find awkward and costly work-arounds for data transfers, or shift to European data centres. More broadly, it marks a worrying escalation of a transatlantic row over privacy and data protection.

    The safe-harbour pact, signed in 2000, was an attempt to bridge cultural and political differences regarding online privacy. The EU sees protection of personal data as a fundamental human right; America considers it mainly in terms of consumer protection, which leaves room for trade-offs. The pact allows firms to transfer data from the EU to America if they provide safeguards equivalent to those required by the EU’s data-protection directive (hence “safe harbour”). When it was negotiated, the internet was in its infancy and transatlantic data flows were small. The European Commission was therefore willing to accept an agreement based on self-certification: firms could draw up a privacy policy and declare themselves compliant.

    As the trickle of data crossing the Atlantic turned into a tsunami, worries in Europe grew. But it took leaks by Edward Snowden, a contractor for America’s National Security Agency (NSA), showing widespread snooping to nudge the commission into a serious attempt to renegotiate. In late 2013 it published a list of the pact’s “deficiencies”, which included weak enforcement, baffling privacy policies and poor handling of complaints. Talks about an update started soon afterwards.

    They might have progressed without publicity, had it not been for Max Schrems, an Austrian activist. Arguing that the NSA’s surveillance meant that Facebook was unable to protect his privacy, last year he filed a complaint against the social-networking site in Ireland, its European base. The Irish data protection authority said it could not second-guess the European Commission, which, by signing the safe-harbour pact, had decided that America’s data-protection rules were adequate. So Mr Schrems took his complaint to the Irish High Court, which referred it to the ECJ. On September 23rd its advocate general, Yves Bot, published a strongly worded opinion siding with Mr Schrems.

    The court’s decision this week has broadly followed that opinion. It struck down the safe-harbour agreement, saying that “legislation permitting [American] public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life.” And it gave national data-protection authorities the power to decide individually whether? Europe-wide deals have sufficient safeguards, and to take cases to national courts if they conclude that such safeguards are lacking. Courts can then refer the matter to the ECJ, which has the final say.

    The result is that any reworking of the safe-harbour agreement—and individual firms’ privacy policies—will be under constant scrutiny. The uncertainty created by the decision goes further: even firms that did not rely on safe-harbour provisions for their transatlantic data transfers, but on alternatives such as “model contracts” developed by the Commission for cloud-computing services, may have to re-examine their legal position. Some in Brussels think that firms may now have to guarantee that data are adequately encrypted (ie, not accessible by the NSA).

    You can’t always get what you want
    After the ECJ’s decision Vera Jourova, the justice commissioner, said that agreement had already been reached on most of the commission’s concerns about the safe-harbour pact. Those that remain relate to access to data by American authorities. Resolving these would mean America accepting some check on the NSA and the EU accepting that it cannot impose its strict privacy laws on the rest of the world. But this week’s sweeping ruling will make it harder for the commission to compromise.

    Separate plans to update the EU’s 20-year-old data-protection directive will further widen the privacy gap between Europe and America. The current draft envisages the new rules covering organisations outside the EU that process personal data from EU citizens, meaning that an American website could fall under European law simply because it has visitors from, say, Germany. It would also hamper the exploitation of “big data”: sifting through heaps of digital information to find patterns and invent new services. Firms would have to get “explicit consent” for each new use.

    Mr Snowden’s revelations had already accelerated a trend towards the Balkanisation of the internet. To protect data related to their citizens and firms from American snooping, countries are increasingly insisting that these are stored locally. This makes censorship and spying by national spooks easier, and raises costs for consumers and firms that will have to rely on costlier local cloud services. Barriers to the free flow of data, just like barriers to trade, can cause serious economic harm: a study by the European Centre for International Political Economy found that localisation requirements in China and Vietnam reduced GDP by 1.1% and 1.7% respectively.

    If America and the EU cannot agree, more countries will conclude that they, too, can impose their own standards. “Despite all their differences, the US and the EU have many things in common,” says Christopher Kuner of the Brussels Privacy Hub, a research centre. “If they can’t agree on privacy, how can the rest of the world?”

  2. June 1st, 2016 at 10:07 | #2

    In my view, the U.S. has been terrorizing the world with its cultural and technological dominance the last few decades. Finally there is some blowback – lead by the Europeans. When will we see an Asian country like China or Japan lead the fight?

    http://www.nytimes.com/2016/06/02/technology/why-the-world-is-drawing-battle-lines-against-american-tech-giants.html?_r=0

    Why the World Is Drawing Battle Lines Against American Tech Giants

    Farhad Manjoo STATE OF THE ART JUNE 1, 2016

    Imagine you’re a French lawmaker. For decades, you’ve protected your nation’s cultural output with the diligence of a gardener tending a fragile patch against invasive killer weeds. You’ve imposed quotas on the French film industry, required radio stations to play more French music than anyone seems to want to listen to, and you’ve worked methodically to exempt your actions from international free-trade rules.

    And now, out of nowhere, comes a handful of American technology companies to wash away all your cultural defenses. Suddenly just about everything that a French citizen buys, reads, watches or listens to flows in some way or another through these behemoths. There’s Facebook co-opting your news media. Amazon is dominating book sales, while YouTube and Netflix are taking over television and movies. And the smartphone, arguably the era’s most important platform for entertainment, is controlled almost entirely by Apple and Google.

    This backdrop of social anxiety explains why Europe is on the march against American tech giants. European governments have been at the forefront of an effort to limit the reach of tech companies, most often through privacy regulations and antitrust investigations. Now the European Commission is considering rules that would require streaming companies like Netflix to carry and even pay for local content in the markets they serve.

    The European efforts are just a taste of a coming global freakout over the power of the American tech industry. Over the next few years, we’re bound to see increasing friction between the tiny group of tech companies that rule much of the industry and the governments that rule the lands those companies are trying to invade. What’s happening in Europe is playing out in China, India and Brazil and across much of the rest of the globe as well.

    The result is fragmentation: Once, not too long ago, many in the tech industry believed that digital technology would bring about the dawn of a new global order. The internet’s structure was decentralized and nonhierarchical; it therefore seemed immune to control by any single government. Under this dream, the network would bridge vast distances and connect cultures, creating a new system of legal norms that were more uniform around the world.

    But that’s not how it has been playing out.

    “My assumption is that this is only the beginning,” said Dongsheng Zang, director of the Asian Law Center at the University of Washington School of Law. “We’ll be seeing more of these governments make their own demands, and the problem is a fragmentation of the global tech companies.” He added, “This could be a problem for America in the 21st century.”

    This dynamic may not sound very new. Whether it comes to taxes, privacy, free speech or security, national governments have always sought to impose rules on transnational corporations.

    But the battle with tech giants promises to be more spectacular. Over the last decade, we have witnessed the rise of what I like to call the Frightful Five. These companies — Apple, Amazon, Facebook, Microsoft and Alphabet, Google’s parent — have created a set of inescapable tech platforms that govern much of the business world. The five have grown expansive in their business aims and invincible to just about any competition. Their collective powers are a source of pride and fear for Americans. These companies thoroughly dominate the news and entertainment industries, they rule advertising and retail sales, and they’re pushing into health care, energy and automobiles.

    For all the disruptions, good and bad, Americans may experience as a result of the rise of the Frightful Five, there is one saving grace: The companies are American. Not only were they founded by Americans and have their headquarters here (complicated global tax structures notwithstanding), but they all tend to espouse American values like free trade, free expression and a skepticism of regulation. Until the surveillance revealed by the National Security Agency contractor Edward J. Snowden, many American tech companies were also more deferential to the American government, especially its requests for law enforcement help.

    In the rest of the world, the Americanness of the Frightful Five is often seen as a reason for fear, not comfort. In part that’s because of a worry about American hegemony: The bigger these companies get, the less room they leave for local competition — and the more room for possible spying by the United States government. But even if that idea sounds hyperbolic (but it doesn’t, right?), there is a deeper fear of usurpation through tech — a worry that these companies could grow so large and become so deeply entrenched in world economies that they could effectively make their own laws.

    “What’s happening right now is the nation-state is losing its grip,” said Jane K. Winn, also a professor at the University of Washington School of Law, who studies international business transactions. “One of the hallmarks of modernity is that you have a nation-state that claims they are the exclusive source of a universal legal system that addresses all legal issues. But now people in one jurisdiction are subject to rules that come from outside the government — and often it’s companies that run these huge networks that are pushing their own rules.”

    Ms. Winn pointed to Amazon as an example. The e-commerce giant sells both its own goods and those from other merchants through its marketplace. In this way, it imposes a universal set of rules on many merchants in countries in which it operates. The larger Amazon gets, then, the more its rules — rather than any particular nation’s — can come to be regarded as the most important regulations governing commerce. And because Amazon tends to focus on customer service rather than other values a country might want to prioritize — fraud protection or workers’ rights, say — the company could end up becoming the world’s most powerful consumer-protection agency, but one that’s unaccountable to some governments.

    The same dynamic would apply to other companies’ platforms. Rules imposed by Apple’s and Google’s app stores become a kind of law for developers around the world. YouTube’s guidelines become a cultural arbiter anywhere it operates. And Facebook’s News Feed algorithm may matter more to journalists in some countries than any particular legal limit on their operations.

    How will governments stop the tech companies from expanding their powers? By placing ever higher burdens on them to limit their reach, something we’ve seen happening more often. In addition to all the moves in Europe, the Indian government just stopped Apple’s plan to sell refurbished iPhones in the country. That came after its move to shut down Facebook’s free internet plan, which had been widely criticized there as a kind of Trojan horse to take over India’s digital infrastructure.

    In China, Apple shut down the iBooks and iTunes Movies stores, apparently after facing pressure from the government. Apple also invested $1 billion in Didi Chuxing, China’s homegrown version of Uber, a surprising move that was interpreted by China watchers as a way to curry favor with an increasingly aggressive government.

    Nobody knows yet who will win these fights. The American tech giants are huge, but they need the blessing of national governments, and those blessings aren’t coming easily.

    “They’re facing an increasingly self-confident India, Brazil and China,” Mr. Zang said. “If they don’t back down, they probably have leverage to impose lots of different rules to limit how these companies reach into local markets.”

    Or as the French newspaper Le Monde declared on the eve of Netflix’s debut in France, “Que le carnage commence!” Let the carnage commence!

    As I’ve said before if “fragmentation” of the Internet means upholding of national sovereignty – the basic concept on which human liberation is built – then I say: let us fragment and fragment even more!

Time limit is exhausted. Please reload the CAPTCHA.