How the Intelligence Community Is Undermining American Technology Companies in Europe

WASHINGTON - MAY 11: Carlos Coelho, Chairman of the European Union Delegation of the European Commission to the United States, participates in a press conference to discuss the delegation’s role in the investigations of alleged use of EU countries by the Central Intelligence Agency for the secret detention and transport of detainees.

Photo by Win McNamee/Getty Images

I alluded to this in a previous post, but spending a little time in Brussels really drives home the extent to which American national security agencies’ internet snooping is making trouble for American high tech companies.

The issue is that there’s a fairly long running dispute over here in Europe over what Europeans call “data protection” and American tech companies view as excessive regulation. The perspective the European Commission has been pushing is that, as an official from the Justice Commission put it, “personal data should belong to the person” and that this reflects “a fundamental right” to privacy. In the most abract possible terms that all sounds congenial. But the American view is that European regulations on this topic go much too far in terms of threatening the business model of companies—Google, Facebook, etc.—who offer services for free and derive revenue from targeting ads at their users.

Peter Chase, a veteran American diplomat who now represents American firms’ interests working in Brussels for the US Chamber of Commerce says the Europeans “very quickly conflate the relationship between government and the citizen and between business and the citizen.”

In other words, Chase wants to allow for more-or-less untrammeled commercial exploitation of user data. If Google wants to mine your search history or read your emails for the purposes of improving ad targeting then they should be free to do so. If you don’t want Facebook to know what you’re up to, the solution is to not use Facebook. But if people feel Facebook is offering a valuable product at an attractive price (free!) they should learn that commercial exploitation of their user data is at the heart of the deal that makes that possible. But now Chase’s problem is that the National Security Agency and the rest of the Intelligence Community appear to be trampling all over the distinction Chase wants to hang his anti-regulatory hat on.

Here’s Michael Hayden, former CIA director and former NSA director, talking to Michael Hirsch about digital data:

“This is a home game for us,” says Hayden. “Are we not going to take advantage that so much of it goes through Redmond, Washington?”

Combine that attitude with this kind of assurance where “officials say analysts are forbidden from slurping up the Internet activity of American citizens or residents, even when they travel overseas” and you can see that there’s a huge problem for folks trying to push back against aggressive European Commission action. There’s considerable dispute about the extent to which these protections for American citizens are real, but the US government doesn’t seem to even be purporting to restraining itself from snooping on the communications of non-citizens. The view is that as far as foreigners are concerned, if the data is on American servers if it would be foolish not to take advantage of that. That means, in turn, that if European governments want to protect their citizens they really do need to implement the kind of strict data protection rules that the tech companies want to fend off.