Aha Moment

A View To A Kill: How Differences In Data-Sharing May Strain US-EU Relations

In a world that continues to become more integrated and connected through the internet and globalization, how does one maintain privacy? On the individual level, that is a much easier question to address than on the state and global level. The European Union approached this topic with the 1995 Data Protection Directive and, very recently, the General Data Protection Directive (GDPR). They both discusses topics such as the exportation of citizens’ data outside the EU and the right to be forgotten, which enables citizens to wipe links and information from the internet about themselves that meet certain qualifications dictated within the legislation.

Press release and comparison of GDPR and the 1995 Data Protection Directive:

The EU’s massive privacy legislation has sparked the growth of privacy legislation throughout the world, serving as a model for this new wave. It has increasingly become a globalized topic, leading to a more homogenous privacy approach throughout the globe. However, the United States, especially since 9/11, has strongly protested against such privacy legislation, writing legislation such as the Patriot Act. In order to avoid the EU influence, the United States created the Safe Harbor agreement with the EU. The private sector has also rebelled. Google limited the power of the right to be forgotten beyond the borders of the EU in a 2015 court case, citing its right to free speech, the jurisdiction of the EU legislation, and the potential major economic impacts of dealing with the right to be forgotten. This stance has created a divide in the privacy world between the EU and US regimes.

I am researching whether or not it is possible for this divide to be overcome. If this divide were to be overcome, the EU would most likely be the victor with the amount of existing dominance it has in such matters. I want to study the potential implications of the creation of an international privacy law based on EU policy. Going further, I want to explore how that policy would potentially impact legal and economical relationships between states. I would be interested to determine whether EU privacy law could truly become the globalized privacy regime, which was once led by the United States.

As a member of the generation that has grown up with social media and the internet, I have lived in a world that appears to have little privacy and even idealizes openness.

The Millennial Generation and Online Privacy:

The idea of being able to remove information that myself and/or others post from the internet forever is quite intriguing to me. We are constantly being reminded that every post can be seen for eternity, even after it has been removed. I am fascinated with the potential of the right to be forgotten, especially within the United States. I was raised in a NSA and CIA household, so the idea and importance of privacy is something regularly discussed. This includes privacy law; however, it has always had the bias of the US perspective. Growing up in Europe, exposed me to different cultures that value different things. In the US, citizens are willing to compromise privacy for security and freedom of speech, while, in Europe, citizens are much more concerned with maintaining privacy, which is also true for other countries and regions in the world, such as Canada and Latin America whose policies closely mimic those of the EU. My experiences sparked the idea of studying the global privacy regime, leading me to see if I could determine whether one regime could truly become the dominate one in a world with competing priorities.

But one may ask: why is this important? Why does it matter if the EU regime becomes the dominant privacy regime? The effects of such legislation would be colossal. First of all, there are major economic implications. It would dramatically affect the functioning and structure for search engines, especially major ones such as Google.

Latest in the Google versus EU case on the “right to be forgotten”:

New departments would need to be created in order to process and deal with just the right to be forgotten requests, access to certain information and activities of citizens would be restricted, and the sharing of data within search engines would change. Additionally, it would impact databases as citizens could remove their data whenever they desire. Governments, especially the United States, would have to restructure major parts of the government. The key US agencies affected would include NSA, CIA, Homeland Security, FBI, and any others that deal with the intelligence community. It would also realign the priorities that exist within the United States, thereby revolutionizing the post-9/11 era that has been governed by fears of security threats. The United States would pivot into an entirely different direction in intelligence, security, economics, and state-to-state relations throughout the globe, but, most of all, it would completely change the culture.

Furthermore, it would affect how much and which data is shared between states. Currently, the EU only shares information of its citizens with states that meet their security standards, which the United States does not. The only reason the United States has had access to EU citizens’ information is because of the Safe Harbor agreement, which expired this past year. A universal privacy regime would dramatically change the data sharing relationships between states as it would increase the emphasis on security and restricted access. A globalized policy regime would create ease and greater security, but there would also be difficulty in adapting it: economically, bureaucratically, and culturally.