In the abstract, consumers welcome privacy but we also acknowledge that real-world tradeoffs may be inevitable between privacy and safety. Most of us are at peace with surveillance of telephone and electronic records of suspected criminals or foreign spies. If law enforcement lacks the information needed to target and halt unlawful threats, the public can expect to be harmed. Most accept the legitimacy of police surveillance when it is backed by a court determination that, in the particular instance, the public’s interest overwhelms the suspect’s rights of privacy.
In Internet use, consumers knowingly sacrifice a sliver of privacy in return for convenience and useful information. These routine tradeoffs can take place each time we use free (or paid) services such as email and social websites, or each time we browse through advertisement-laden Internet pages. Consumers try to limit how much personal information they give up when signing up for a service and when adjusting safety settings regarding cookies, website privacy and “do not track.” When applications and websites honor our requested safety profile, all goes well and the arrangement is acceptable to most consumers. When our preferences are ignored or when applications contain errant code, our privacy can take a beating.
Unfortunately, law enforcement faces a few public safety issues that are not addressed by a simple court order relying on today’s laws. One instance involves a request by the US Department of Justice for access to the email records of a suspected drug dealer in Ireland. The prosecutors claim that the records sought are business documents of Microsoft and as such are legitimately in the scope of the US court’s order. Microsoft argues that handing over the documents would violate European law and subject Microsoft to prosecution in Europe for privacy violation.
Both sides of the Irish drug dealer standoff are aware that the problem could be solved if the US Department of Justice got a European court order for Microsoft to produce the records. However, two-stage solutions are too slow, too costly, and they increase the chances of “leaks” that could spook the suspects. A bill called the Law Enforcement Access to Data Stored Abroad Act (LEADS) would arrange foreign multi-jurisdiction surveillance authority, but LEADS has not been passed yet. Solutions allowing pairs of nations to issue surveillance orders effective in both nations would probably ruffle some nationalist feathers.
The nationalist factor was evident in the recent European Court of Justice (ECJ) decision that nixed the ”Safe Harbor” transfer of personal information between the European Union and the US. The ECJ said that companies who cooperated with US law enforcement and NSA broached the privacy of European residents, and that made their assurance of privacy protection unreliable. Since the Safe Harbor arrangement requires assurance of privacy protection, it could no longer be used by those companies. Companies such as Microsoft have protections that are proven effective and they can continue transferring data.
Unacknowledged in the ECJ’s Safe Harbor decision was the well-documented surveillance by European intelligence agencies. Britain’s GCHQ uses its huge capacity to harvest emails of domestic and international reporters and of British residents. Germany’s BND is a prolific user of NSA spy tools to collect Germans’ and others’ communications. France’s DGSE admits to collecting phone and email metadata and on occasion full content of French residents’ communications. Intra-Europe transfers of personal information are just as subject to privacy protection failures as those through Safe Harbor to the US. Given that ECJ “forgot” about this, nationalism very likely a factor. Presumably, ECJ invoked the “right to be forgotten” on behalf of Europe’s intelligence agencies.
In a world where users can choose encryption, private information can remain private if you keep the key away from service providers and thieves. This favors email services that store messages on your computer. To add protection from data corruption, a copy of the encrypted information should be kept in offline storage. Under an encryption regime, payoffs from hacking will be scant and obtaining private information will be excruciatingly difficult for law enforcement and intelligence agencies. Encryption will not untangle the multi-jurisdiction problem but it may drastically reduce the total number of law enforcement surveillance requests, because there is no point in sneaking a copy of a well-encrypted file.
While encryption is a massive aid to privacy, you can still undermine yourself by voluntarily trading personal information, or through careless behaviors that allow social engineering, adware and ransomware to succeed.