Privacy Advisor

NSA Leak Continues To Send Shockwaves Through Privacy World

June 11, 2013

By Jedidiah Bracy, CIPP/US, CIPP/E

In our continuing coverage of the fallout from the recent leak of the National Security Agency's surveillance programs, a slew of implications—from effect on trade negotiations, to developments with the proposed EU data protection regulation, to calls for baseline privacy legislation in the U.S.—are continuing to emerge this week.

World Leaders React to NSA Programs

Government leaders and data protection officials across Europe, Canada, South Africa and Pakistan are all expressing concerns about the privacy implications from the NSA programs.

German Chancellor Angela Merkel plans to raise the surveillance issue when President Barack Obama visits Berlin next week—his first state visit as president—according to The Associated Press. Obama’s defense last Friday of the NSA programs has not reassured Germany’s head of state.

European Commission Justice Commissioner Viviane Reding said she is eager to question U.S. officials at a meeting in Dublin, Ireland, this Friday. She seeks clarification on whether the program allows access to individual cases, stems from “concrete suspicion” or if larger data sets are accessed. The Guardian also reports on reactions from government officials in Germany, Italy, France, Pakistan, Egypt, South Africa, Rwanda, Kenya and Zimbabwe. An Italian government official said, “If what we’re reading is, either partially or wholly true, this is a question of very serious violations of Italian and European citizens’ basic rights.” The report also noted that Russian authorities have remained silent on the issue, “a silence that analysts said reflected their own approach towards Internet privacy.” In a Live Mint op-ed, one columnist says it’s “time the government of India stopped twiddling its thumbs and took strong measures such as enacting a Privacy Act to protect the rights of its citizens.”

Canadian Privacy Commissioner Jennifer Stoddart plans to work with other data protection officials around the world to determine whether a joint fact-finding mission will be needed. She also expressed concern about Canada’s own data-mining efforts.

U.S-EU Relations

Reding’s spokeswoman said the European Commission has raised European privacy concerns “in its dialogue with the U.S. authorities, especially in the context of the negotiations of the EU-U.S. data protection agreement in the field of police and judicial co-operation…This was also raised, by the way, by (Reding) at her last meeting with U.S. Attorney General Holder in Washington in April.”

The European Parliament has delayed a vote on an airline passenger name register (PNR) that was scheduled for Monday. German MEP Jan Philip Albrecht said, “The concerns with the proposed system have not in any way diminished. If anything, with the latest revelations about U.S. infringement of the privacy rights of European citizens, we should be even more cautious about establishing more data grabbing and profiling systems.”

Will This Affect the EU Regulation?

Field Fisher Waterhouse Partner Eduardo Ustaran, CIPP/E, writes about how the PRISM disclosures will affect the proposed EU data protection regulation. “You can count on the PRISM story being used as a strong argument in favour of a tough stand on the future EU privacy framework,” he writes.

GigaOm reports that the European Commission knew about the NSA program and that it will ultimately be up to individual EU governments to determine whether they will allow such surveillance.

Slate reports on how U.S. surveillance efforts are “making trouble for American high-tech companies.”

Cause for Baseline Privacy Legislation in the U.S.? Will It Hurt the Ad Industry?

With attempts of passing baseline privacy legislation in the U.S. stalled over the past few years, Kate Kaye of AdAge asks, “Could the PRISM data surveillance scandal become the watershed moment that propels it forward?” Linda Goldstein, a Manatt, Phelps and Phillips partner, said, “The privacy legislation has been a bit on the back burner, and I think this may help focus more attention on it and perhaps put it on the front burner,” and added, “This could have a significant impact on consumer attitudes which ultimately could impact consumers’ willingness to share information with brands.”

Edwards, Wildman, Palmer Partner Thomas Smedinghoff said, “I think it may put more pressure on the ad industry in terms of this whole behavioral targeting issue…I certainly don’t think it’s going to help the ad industry.” The Center for Democracy & Technology’s Justin Brookman said government has such enormous access to data because so much is collected by corporations. “A lot of what the government knows about us,” he said, “they know because of companies, so you have to have some confidence that you have some control over the data they collect on you…it’s hard to fix government access.”

Sen. Al Franken (D-MN) said he’s not surprised by the programs. “I can assure you, this is not about spying on the American people,” he noted. “I have a high level of confidence that this is used to protect us, and I know that it has been successful in preventing terrorism.”

Jim Harper, of the Cato Institute, opined that the NSA "redefined privacy for its own purposes." And in a column for Esquire, Charles Pierce rhetorically asks the American government, "can you tell me what's being done in my name?"

Let the Privacy Lawsuits Begin

According to Wired, the “first of what likely will be many lawsuits challenging the constitutionality” of the NSA’s phone surveillance programs was filed on Sunday. The suit claims the government illegally spied on their Verizon accounts.

Privacy Perceptions: Privacy Policies ≠ Total Privacy

NPR reports on how young people view privacy—based on a recent Pew Research Center survey—in light of the recent disclosures. Though the Pew poll noted individuals between ages 18-29 consider privacy a priority, a poll taken during the NSA news found that only 12 percent were following the story closely.

Perhaps more interestingly, the report analyzes perceptions of privacy policies. Communications Prof. Joseph Turow said the “whole idea of privacy policies is a misnomer, at least in terms of people’s expectations.” The report adds, “In survey after survey, Turow says, huge majorities of Americans mistakenly believe that a website having a privacy policy means they’re entitled to privacy—that their information won’t be shared or sold. That’s just not the case in most instances, even though some sort of protections may be in place.”

A new Washington Post-Pew Research Center poll found that a large majority of Americans back the NSA’s phone tracking methods, and 52 percent say no broad-based surveillance should happen.

Read more by Jedidiah Bracy:
Reactions to NSA Disclosures Continue
The NSA’s PRISM Program and Reactions
Council of European Union Releases Draft Compromise 
Medine’s Confirmation Moves PCLOB Forward; Questions Remain About Cybersecurity Authority