Opinion

Bridging the EU-U.S. Privacy Gap

By J. Trevor Hughes, CIPP

Privacy has always been a difficult concept to define, and privacy issues are complex.

For Europeans, privacy is a human right, while for Americans, privacy tends to be about liberty. It’s often thought that the Holocaust and the rise of totalitarianism in 20th-century Europe have been the catalysts behind the region’s strong privacy and data protection regimes.

A recent book by Edwin Black, in detailed research, examines Nazi Germany’s use of the computer’s forebear to aid in systematic genocide. These Hollerith machines and punch cards helped the Third Reich organize and carry out the atrocities of the Holocaust. And in post-war Europe, the widespread use of surveillance and coercion informed and empowered the Stasi, the KGB and other totalitarian enforcers. 

But is that the real reason the U.S. and Europe have such seemingly differing cultural constructions of privacy?

My interest was piqued when I heard from U.S. Department of Commerce General Counsel Cameron Kerry. He has been instrumental in anchoring talks with the EU on privacy codes of conduct and global interoperability. He pointed out that Europe tends to be stricter with businesses concerning data protection than the U.S., while, conversely, the U.S. tends to be stricter with government agencies concerning privacy.

If the current European framework reflected recent history, the tables should be turned, right?

James Q. Whitman, in an article for Yale Law School, offers an alternative analysis. The European approach, he argues, has developed from the idea of human dignity, stretching far back to the 17th and 18th centuries, long before the Second World War and the rise of totalitarianism. He writes, “The core continental privacy rights are rights to one’s image, name and reputation.” America, Whitman contends, “is much more oriented toward values of liberty, and especially liberty over (and) against the state.”

The recent research of Dierdre Mulligan and Kenneth Bamberger also supplies interesting fodder for such a discussion. In one example, their research shows that current German data protection officers and their American counterparts are surprisingly similar in their “on-the-ground” approach to private-sector data protection—even though U.S. and German regulatory structures are constructed differently.

So why similar privacy practices under such different legal regimes?

It would seem that one connecting principle is the hard work of privacy pros on both sides of the Atlantic. They are the ones committed to the day-to-day problem-solving, educating and consensus-building in their organizations. Perhaps our lawmakers need to listen more readily to privacy professionals in order to craft more sensible privacy legislation.

Though Europeans and Americans (not to mention other citizens across the globe) may have different conceptions of what privacy means, it seems clear that those working “on the ground” in the privacy profession could help bridge that gap. 

photo credit: Stuck in Customs via photopin cc

Note from the Editor:

Kenneth Bamberger will discuss his "privacy on the ground" research in the breakout session Dubunking Myths of European and U.S. Privacy: New Data on Corporate Privacy Management at the IAPP Data Protection Intensive, April 23-25 in London, UK.

More from J. Trevor Hughes

About the Author

J. Trevor Hughes is the President and CEO of the International Association of Privacy Professionals (IAPP), the world’s largest association of privacy professionals.

Hughes is an experienced attorney in privacy, technology and marketing law. He has provided testimony on privacy issues before several committees within the U.S. Congress, British Parliament and EU Parliament.

Hughes previously served as the executive director of the Network Advertising Initiative and the Email Sender and Provider Coalition. He is an adjunct professor of law at the University of Maine School of Law and frequently speaks about privacy issues at conferences around the world.

See all posts by J. Trevor Hughes

Comments

  • April 22, 2013
    Karn Jani
    replied:

    Both, US and EU, have one basic similarity which amplifies the need for on-the-ground assistance from people engaged in privacy day in and day out. Both realise the need for access to information at the same time protection of certain information for security purposes. Privacy, in the process, gets sidelined. But EU has gone far ahead in keeping a higher standard than US regardng data protection.

    The only catalyst which can bring these two economises closer and balance the equation is trade. As with intellectual property, trade can also be coupled with privacy rights in bringing the two sides to talking terms. Thats how capitalist economies have survived and managed to extend their clout.

  • April 23, 2013
    John Kropf
    replied:

    A great summary of the cultural and historical differences in the trans-Atlantic approach to privacy.  My thought is that this is a privacy debate that is not about privacy—it’s one of following the long standing principle of mutual recognition.  The U.S. and EU have different frameworks in many other areas such as customs, trade, telecom, airlines and transportation, and most significantly in civil vs. common law.  In all these areas we’ve recognized the legitimacy of the other’s system through the age-old principle of mutual recognition.  What makes data privacy so different that we can do the same?

  • April 23, 2013
    Pauline C. Reich
    replied:

    Jon Bing at the University of Oslo has been cited for discussion of how Norwegians protected privacy from Nazis - see also Ralph Freedman’s novel Rue the Day, which recounts that era in Europe and later in US. See out book Reich and Gelbstein, Law, Policy and Technology: Cyberterrorism, Information Warfare and Internet Immobilization (IGI Global, late 2012)) for discussion of current privacy vs. security issues in the US, India, Germany.

  • May 31, 2013
    Orwell got it right
    replied:

    Orwell famously said, when discussing Nazism and totalitarianism,  “The most hateful of all names in an English ear is Nosey Parker.” Thus giving one reason why England (the name used then) was not likely to adopt fascism.  Unfortunately, I don’t think America is quite so pure in its dislike of Mr. Parker. Fascism is still quite possible here. And it’s still a shame to be an American and admit that it is so.  But so it is.

    http://www.k-1.com/Orwell/site/work/essays/lionunicorn.html

    Someone please tell me I’m wrong.  I’d love to be wrong in this instance.

To post your comment, please enter the word you see in the image below:

To post your comment, please enter the word you see in the image below:

Get your free study guide now!
Get your free study guide now!