Intro
When it comes to regulating the Internet, it stands to reason that the maxim, "one size does not fit all", ought to apply; the existence of conflict, socio-economic resistance to adoption, and disparity in Internet usage should convey the need for various Internet laws, enforced in distinct and separate jurisdictions. Up to now, working models of Internet governance have embraced the existence of these separate and independent legal systems working simultaneously, yet these systems have remained unchanged since the NSA-spying revelations of 2013.
The fallout of the NSA revelations was clear on the European side, with the German chancellor calling for stricter EU online privacy laws and the EU parliament passing resolutions calling for inquiries into the extent of US digital spying. However, the US response to these near-damning revelations was tepid at best, with the efforts of Congress culminating in a series of purely symbolic and superficial hearings, where NSA officials glossed over certain salient details of the NSA programs, even hinting at the possibility of spying on members of Congress.
Clearly, there is great disparity in terms of how the US and EU prioritize privacy online, and whilst no government will ever be anti-surveillance, the degree to which the public is protected from surveillance is disparate between the two entities.
Disparate Laws
The major difference between EU and US privacy policy revolves around the drafting and implementation of a cohesive and wide-scoped privacy policy.
The EU has two such privacy policies in place, the first is the EU Data Protection Directive (DPD), which defines the guidelines to be followed in the event of digital surveillance being necessary (a great article details the specifications of this policy out), and the second is the E-Privacy Directive (EPD), which compels private companies to seek consent in the use of cookies, customer information, and internet usuage monitoring. The DPD establishes principals and procedures to be followed by the surveillance team when honing in on a subject. It provides a sense of security to the user, as he/she must be informed of the surveillance, and must be assured of some compelling reason as to justify to initiation of the surveillance. The EPD establishes and clarifies the type of information to be surveilled, how the surveillance is carried out, and what happens to the data post-surveillance. Together, these laws place the safety and security of the personal data of the end user against the covert abuse of surveillance technology by government authorities and private corporate interests. Given that the EU is currently working on refining these laws, by imposing fines and fees on errant governmental and corporate institutions, we can only expect more stringent safeguards and constraints on those who survey.
The US does have privacy laws, but they approach the topic from the top down; that is to say that they draft the laws from the perspective of institutions, not end users. As a result, the privacy laws at a Federal level are constrained to only specific sectors of the political community, and at the State level, there is a variance of law from state-to-state. The Fair and Accurate Credit Transfer Act, for example, deals with the protection of citizens from identity theft, either online or in real life. However, this law does not explicitly address online identity theft, and instead delegates the responsibility of dealing with any, and all, identity theft to newly created regulatory and banking institutions. The Digital Millenium Copyright Act, is another example of how a Federal law approaches the protection of online rights from a top-down perspective, in this case looking out for the rights of corporate interests over those of the end user.
Conclusion
Given the Europe's historial experience with facist and totalitarian states, it is clear that the championing of privacy laws and civil liberty as an ethos, have proven well in the EU legal tradition; it is easier to provide addenda and amendments to already wide-reaching privacy laws to empower the end user instead of the service provider and government agency. This attitude is lacking in US socio-legal culture, vying instead for the protection and safeguarding of interests from a top-down perspective.
When it comes to regulating the Internet, it stands to reason that the maxim, "one size does not fit all", ought to apply; the existence of conflict, socio-economic resistance to adoption, and disparity in Internet usage should convey the need for various Internet laws, enforced in distinct and separate jurisdictions. Up to now, working models of Internet governance have embraced the existence of these separate and independent legal systems working simultaneously, yet these systems have remained unchanged since the NSA-spying revelations of 2013.
The fallout of the NSA revelations was clear on the European side, with the German chancellor calling for stricter EU online privacy laws and the EU parliament passing resolutions calling for inquiries into the extent of US digital spying. However, the US response to these near-damning revelations was tepid at best, with the efforts of Congress culminating in a series of purely symbolic and superficial hearings, where NSA officials glossed over certain salient details of the NSA programs, even hinting at the possibility of spying on members of Congress.
Clearly, there is great disparity in terms of how the US and EU prioritize privacy online, and whilst no government will ever be anti-surveillance, the degree to which the public is protected from surveillance is disparate between the two entities.
Disparate Laws
The major difference between EU and US privacy policy revolves around the drafting and implementation of a cohesive and wide-scoped privacy policy.
The EU has two such privacy policies in place, the first is the EU Data Protection Directive (DPD), which defines the guidelines to be followed in the event of digital surveillance being necessary (a great article details the specifications of this policy out), and the second is the E-Privacy Directive (EPD), which compels private companies to seek consent in the use of cookies, customer information, and internet usuage monitoring. The DPD establishes principals and procedures to be followed by the surveillance team when honing in on a subject. It provides a sense of security to the user, as he/she must be informed of the surveillance, and must be assured of some compelling reason as to justify to initiation of the surveillance. The EPD establishes and clarifies the type of information to be surveilled, how the surveillance is carried out, and what happens to the data post-surveillance. Together, these laws place the safety and security of the personal data of the end user against the covert abuse of surveillance technology by government authorities and private corporate interests. Given that the EU is currently working on refining these laws, by imposing fines and fees on errant governmental and corporate institutions, we can only expect more stringent safeguards and constraints on those who survey.
The US does have privacy laws, but they approach the topic from the top down; that is to say that they draft the laws from the perspective of institutions, not end users. As a result, the privacy laws at a Federal level are constrained to only specific sectors of the political community, and at the State level, there is a variance of law from state-to-state. The Fair and Accurate Credit Transfer Act, for example, deals with the protection of citizens from identity theft, either online or in real life. However, this law does not explicitly address online identity theft, and instead delegates the responsibility of dealing with any, and all, identity theft to newly created regulatory and banking institutions. The Digital Millenium Copyright Act, is another example of how a Federal law approaches the protection of online rights from a top-down perspective, in this case looking out for the rights of corporate interests over those of the end user.
Conclusion
Given the Europe's historial experience with facist and totalitarian states, it is clear that the championing of privacy laws and civil liberty as an ethos, have proven well in the EU legal tradition; it is easier to provide addenda and amendments to already wide-reaching privacy laws to empower the end user instead of the service provider and government agency. This attitude is lacking in US socio-legal culture, vying instead for the protection and safeguarding of interests from a top-down perspective.
No comments:
Post a Comment