For Public Safety Month, Ian Brown and Christopher Marsden the authors of Regulating Code write about the recent scandal involving the collection of Verizon user's metadata, and how it relates to Public Safety. The authors are giving talks at MIT and Harvard today, June 17th.
Public safety month arrives at a crisis point in public trust in government authorities. It has become apparent in the past two weeks that the US National Security Agency and its private subcontractors, together with its international partners in the “Five Eyes” alliance (US, UK, Australia, Canada and New Zealand, and some other partners), have been engaged in much more extensive electronic snooping than previously suspected by their political overseers in both Washington and Brussels. One of the key topics in our recent MIT Press book ‘Regulating Code’, is the necessity of a stronger focus on fundamental human rights in Internet regulation, including privacy and freedom of expression.
The various programmes of the NSA and its partners have been presented with greater clarity than previously, but we argue that transparency is a necessary but far from sufficient condition for creating a better policy-making environment. “We are often told that our response to public safety should be ‘see something, say something’, and in this case the results have been a dramatic increase in calls from legislators for greater information about the nature of surveillance activities by our spy agencies”, they explain. “But saying something is almost meaningless without an educated understanding of the potential solutions to minimize necessary government intrusion in our electronic communications, and their costs and benefits. To make better policy, legislators need to engage with experts and civil society pressure groups in a meaningful open dialogue. How confident can policymakers be that there are the correct constitutional checks and balances on the forms of surveillance undertaken, such as outsourcing intelligence to private contractors such as Booz Allen Hamilton?”
The revelations raise questions in regard to three of the five case studies in the book – privacy, censorship and social networking regulation – with Facebook, Google, Yahoo! and other US-based multinationals handing over data on their non-US customers under the US FISA Amendments Act of 2008. The revelations threaten to derail agreements between US and European governments which permit data exchange while protecting European citizens’ fundamental rights. The implications of a breakdown in trust between European and US governments could jeopardize several other areas of cooperation for public safety, notably air passenger records, financial transfers, and the overall ‘safe harbor’ by which US multinationals can certify their data practices as conforming to European privacy standards.
We should add that other areas of fundamental interest for both our liberty online and public safety are equally victim to a legislators’ evidence deficit, including for instance the decision by the European Commissioner to pursue legislation across the 28 European Union member states to protect network neutrality, despite her belief in a non-existent ‘Internet data explosion’. We point out that we cannot have confidence in Internet policymaking, if we cannot even give credence to the most basic claims in the evidence base.