Late last month, Justice Secretary Michael Gove publicly embraced Euroscepticism in all its scarlet-robed Vote Leave glory. In doing so, he slammed the monstrous bureaucracy of the European Union, which, he claimed, sends law after redundant law to the desks at Westminster.
Buried deep within his statement – whose concerns ranged from VAT and deportation to size limits on olive oil containers – was an orphaned half-line that went largely unnoticed: “…[European Court of Justice] judgements on data protection issues hobble the growth of internet companies.”
You could be forgiven for missing the incongruity of this reference, since the impassioned speech did give the impression that a frustrated shopper not being able to find a large enough can of oil was in the same league as big businesses forced to abide by elaborate data protection laws. Gove implied that we were all in this together against cumbersome, futile red tape. It turns out that isn’t quite true.
Why? To answer that, we must consider two key data judgements recently passed by EU courts. Both come out in favour of consumer privacy over company or government intrusion, and we can only assume that Gove is referencing decisions like these when he criticises the ECJ’s stance.
The first is the “right to be forgotten“. The EU court called for the 1995 Data Protection Directive to be updated for the digital era, and ruled in a landmark judgment that where the digital information concerning an individual is “inaccurate, inadequate, irrelevant or excessive”, he or she has a right to request for the concerned links to be removed by search engines. To date, Google alone has received over 400,000 such requests.
The second is the annulment of the “Safe Harbour” directive. In October 2015, the EU court declared invalid an agreement that allowed American companies to transfer EU citizens’ data to servers located in the United States by “self-certifying” themselves as privacy compliant. The verdict observed that the Safe Harbour scheme “enables interference, by United States public authorities, with the fundamental rights of persons” and that granting public authorities generalised access to individual communication “must be regarded as compromising the essence of the fundamental right to respect for private life”.
In light of this information, Gove’s stance begins to look strikingly disingenuous.
When it comes to designing products, internet companies are happy to invest in technological innovation that enables ever more intrusive mining of data from users in order to maximise advertising revenue. Complex infrastructure is swiftly and efficiently put in place.
Yet when similar measures are demanded in the interest of privacy compliance, Gove claims they are draconian. The issue here isn’t one of stultifying bureaucracy, but of the economic imperative of internet companies pitted against fundamental user rights. Their “growth” isn’t at odds with ECJ judgments, but a margin of their profit might be. This is clearly a matter of concern for a government that allows them to pay tax at “mates’ rates“, sometimes as low as 3 per cent, while its high ranking ministers meet frequently with their representatives.
Profit was the only thing that mattered – or so it seemed, until the Snooper’s Charter sailed through its second reading in parliament. Less than three years after Snowden’s explosive NSA-GCHQ revelations, the surveillance techniques that were considered scandalous to a democratic society are now being legitimised. When Theresa May’s practically Orwellian bill was tabled, it became clear that privacy wasn’t just collateral damage in the pursuit of profit – it was, in fact, the primary asset at stake.
Both Internet Services Providers (ISPs) and internet companies were implicated as intercept partners by the cables Snowden helped expose. We might never find out if their data was accessed by cooperation, coercion, or entirely without their knowledge, but accessed it was.
Presently, both parties have voiced their strong opposition to the Investigatory Powers Bill, whose provisions would oblige them to collect, store and allow access to a wealth of personal communication.
When observed from this vantage point, there seems to be something more sinister than a favouring of big business at play in Gove’s trenchant rejection of ECJ diktats: EU data protection/retention/transfer regulations might also end up impeding the government’s ability to surveil at scale.
But it is determined to do just that. Privacy concerns are increasingly countered with vague references to “threats” and “terrorists”. In the scramble to pre-empt crime, the definition of criminality is wilfully obfuscated, establishing suspicion as the default attitude of the state towards its citizens.
The desire for overarching surveillance that this attitude engenders brings to mind the prescience of 20th century philosopher Michel Foucault, who noted that as a society moves from the dungeon model to the surveillance model of discipline and punishment, it is not darkness, but visibility that is a trap. The insidious, everyday collection of data from individuals that results in constant visibility is a new form of imprisonment, one that is being increasingly and indiscriminately meted out to people regardless of criminality.
In a political landscape where the corporate need to increasingly mine data for revenue and the government’s need to access this data for law enforcement are both treated as non-negotiable, the citizens’ right to a dignified private life is viewed as an aberration – a bureaucratic hurdle that “hobbles” ambitions of growth, profit and governmental omniscience.
Shreeppriya Gopalakrishnan is a social anthropologist who writes about digital hierarchies and British politics.