The democracies on both sides of the Atlantic are trying to balance the legitimate needs of the law enforcement and intelligence communities to access online transactional data with the basic rights of citizens to be free from state intrusions on their privacy. From the recent revelations of massive collection of telecommunications data by the US government to the disclosures of the UK tapping transatlantic telecommunications cables, and of the Swedish government’s warrantless wiretap rules, national data surveillance seems to have few boundaries that the law has effectively protected. American law has generally focused on access restraints for government to obtain privately held information, ignored the collection and storage of data, and granted special privileges to national security actors. By contrast, Europe emphasizes rules related to the collection and retention of data and focuses less on due process obstacles for government access, while also giving government easier access for national security. In each system, the elusive linkage between retention and access, the privatization of state surveillance activity, and flawed oversight for national security create extensive transparency of citizen’s data and undermine values of democracy including the presumption of innocence, the state’s monopoly on law enforcement, and the zone of individual freedom. In effect, government data surveillance law in both Europe and the United States has reached a turning point for the future of information privacy online. Three proposals can help to secure privacy that is necessary to preserve democratic values: stricter retention limits must be combined with stronger access controls; government access to personal information must be logged and transparent to citizens; and government officials must be personally liable for over-reaching behavior. ....
US and European democracies have had great difficulty grappling with the border between surveillance and privacy. At present, the technological infrastructure breeds systems of surveillance and the legal infrastructure embeds liberal permissions for access. In the US, the former chairman of a congressional oversight committee was astonished to learn in the first public report that law enforcement made 1.3 million requests for user transaction data during 2012. Globally, in the last three years, the Google Transparency Report shows that data access requests by public authorities have almost doubled. US authorities make the overwhelming majority of these requests, though six European countries are in the top ten. The extraordinarily rapid growth in Europe and the United States in the number of access requests poses a structural challenge to privacy in democracy from three perspectives. First, data retention and access rules cannot be divorced from one another and the standards for linkage are elusive. Second, the apparatus for surveillance shifts the burden and role of public enforcement to private actors as agents. And, third, national security privilege creates a delicate balance for oversight that requires transparency.Reidenberg concludes
The existence of retained traffic data, the reliance on uncertain access rules, the recourse to an elusive proportionality, the dependence on private actors, and the privileges accorded to national security collectively place privacy and values in democracy at a turning point. In the aggregate, these elements increase the transparency of citizen’s online lives and reduce the sphere of privacy that citizens can enjoy. This transparency is destructive of many fundamental democratic values.
First, the transparency reverses the presumption of innocence. The presumption is central to the philosophy underlying the warrant requirement in the 4th Amendment and the 5th and 14th Amendment principles that citizens are innocent until proven guilty. In Europe, the presumption of innocence is also a fundamental tenant of the Charter on Fundamental Rights of the European Union: “everyone charged with a criminal offence shall be presumed innocent until proved guilty according to law.” Yet, data that is collected and retained without any individualized cause or suspicion by private actors for subsequent access by public authorities contravenes the basic constitutional philosophies. If law generally requires collection and retention, the rationale is that all individuals in the data set are suspect. Similarly, if broad access is afforded to data sets that were created for commercial purposes, the core philosophy is that all individuals in the data set are suspect. These practices transform the presumption of innocence into a presumption of suspicion counter to the core constitutional philosophies.
Second, the forced transparency diffuses the monopoly of the state on law enforcement. Law enforcement, investigation and intelligence activities are blurred when communications service providers must retain and make available client and user data. Function creep assures that this diffusion of resources for law enforcement to the private sector will lead to increasing demands and an expansion of the scope of enforcement activity to encompass private matters and not just public safety and security.
Third, the transparency from private data mining and publicly mandated surveillance (i.e. forced data retention) diminishes the zone of individual freedom. Where data retention is neither sharply limited nor combined with strong, clear access controls, the ability of citizens to make decisions about their personal information and their ability to decide when and how to disclose their thoughts, beliefs and activities are impaired.
Finally, the transparency of personal information through the national security exceptions assures troubling intelligence gathering from inevitable over-reaching. Without a means for effective oversight, the privileges afforded to intelligence operations blur government information gathering into generic, ambient state surveillance. Non-democratic regimes strive for this level of knowledge of its citizenry’s activities. ...
At this turning point, societies need to better secure privacy than the existing framework allows. Substantive and procedural changes are necessary for the preservation of democratic values. And, accountability needs to be effective.
On the substantive side, stringent collection and storage limitations as well as robust obstacles to state access are all necessary conditions to online privacy. The existing demarcation lines are too unstable. Without clear inviolable, red line boundaries, the resulting transparency of citizens’ activities creates a powerful generic surveillance environment that undermines the policy objectives justifying access to extensive data trails in the first place: the investigation of crime, the protection of public safety and liberty. In short, the coupling of strict retention limitations and clear, firm access controls are essential for the future of citizen’s online privacy.
In parallel to the substantive coupling of retention limits with strong access controls, new procedural obligations are needed to secure online privacy from state interference. First, the infrastructure of collection and access to personal information must be transparent. For law enforcement, data transparency logs should be obligatory and available to those whose information is processed. In the United States, there is a precedent for such logs. The Fair Credit Reporting Act requires that anyone furnishing a consumer report keep a log of recipients of the consumer report and provide the identity of those recipients to the consumer upon request. This procedure creates a means of oversight for affected consumers that would apply equally, if not more significantly, to the law enforcement context. In the law enforcement context, the risk of surveillance over-reaching is no less important than abusive disclosures of credit report information. For the law enforcement context, furnishers of personal information to law enforcement should be obligated to keep a log of law enforcement access requests and to make that log available to clients whose information was accessed.
For intelligence gathering, there must similarly be transparency of data access for public security unless transparency presents a clear and present danger for public safety. The determination needs to be made by an authority that is independent of the executive branch. The executive branch should not be in control of the dissemination of access orders. The incentive for selective disclosure to distort the public’s understanding of government behavior is too great if the executive branch controls disclosure of its activities.
Lastly, democratic societies need true accountability for law enforcement and national security conduct. Individuals who over-reach their authority must face penalties. When a senior government officer admits to deceiving a public oversight body, the failure to sanction the individual sends a powerful message of tolerance for wrongful intrusions into ordinary people’s lives and abusive state action.
Unless democratic societies act quickly to rebalance data surveillance by states, those societies will lose a fundamental characteristic of democracy - the protection of a key individual liberty against the absolute control of the state.The comment that "furnishers of personal information to law enforcement should be obligated to keep a log of law enforcement access requests and to make that log available to clients whose information was accessed" is particularly interesting.