Two weeks ago, the European Court of Justice ruled on the case Maximilian Schrems v. Data Protection Commissioner. The case dealt with safe harbor treaties that allowed companies like Facebook and Google to easily transfer users’ digital information across the Atlantic despite legal frameworks differing between the US and European countries. The decision gave Facebook and other American companies an ultimatum: adhere to privacy laws in individual European countries or stop operating in the European Union. Europe has long taken a different approach to privacy than the US with several constitutions including a right to be forgotten with laws defending the real and digital privacy rights of citizens. In light of this decision, Americans ought to take a look at our own views on privacy and how they have become complacent or indifferent at best.
When the infamous news that the NSA had been running a massive data collection program broke, Americans were alarmed and angry: their personal data had been collected with an egregious lack of consent and they had little control over how it had been used. Considering that ire, it is curious that we—especially younger generations—raise little to no ruckus over data collection and retention by private companies like Facebook.
A part of our idleness with regards to privacy seems to come from a feeling of helplessness. As far as many of us are concerned, going online already means ceding ownership of our behavioral information. It is a little disconcerting to see an obviously targeted ad on Amazon after doing a search for the company’s page but not altogether objectionable. In these small uses of our data, we have become used to and resigned to our personal data being traded online to create advertising profiles. “What does it matter?” we ask. “I’m just a user.”
The error in that attitude and why we ought to change how we view privacy is that there are potentially problems down the road with not having control over our online data. Companies collecting data are governed by the interests of the market, not the interests of keeping your data private and away from others. Further, your online data will never be fully secure: if a company is holding information on you, that data can be stolen and misused. Numerous tech companies also have policies in place to give consumer data to intelligence agencies upon request. Finally, it is a matter of autonomy to consider that our actions should be generally safe from the eyes of others unless there is due cause for surveillance. Big Brother should never be the norm.
Looking at the European court decision, it is evident that we do not have to live in a world where we do not control our data online. We can and should make privacy start as a universal right instead of something ceded with so little as a Terms and Conditions agreement link. America already has a patchwork of regulation in place with the Privacy Act of 1974, the Gramm-Leach-Billey Act and the Health Insurance Portability and Accountability Act of 1996 to ensure that our government, financial and health records are guaranteed to remain private, but this is a laws-against-violations versus laws-for-protection approach to the right. Like so many other rights, we should consider them inherent until stripped, not the other way around.
In the internet age, our notion of privacy needs to extend past financial and health records to our increasingly digitized lives. It is not just the president who will be scrutinized for their digital footprint in twenty or even ten years. Just as we can give a banker or doctor personal details and trust they will remain private, we ought to be able to use the internet with the knowledge that our personal information will remain under our control. Only with a radical shift with regards to privacy from the American perspective to the European tilt will we have the chance of seeing regulation like the laws in Europe.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.