How to Fix the NSA Mess

If the Internet is ever to be trusted again, the EU needs to set a new standard that limits surveillance

  • Share
  • Read Later

The Summer of Edward Snowden has given way to a Winter of Mistrust. The revelations from the former NSA contractor triggered all manner of responses—vocal support, shrugs, cries of outrage, and dismay. But now that he’s settled into legal limbo in Moscow, we’re left to confront what may be his most dismaying revelation: the basic expectation of private communications on the Internet is now commonly seen as fiction. The already fragile trust that supports the global Internet—the greatest marketplace of ideas and commerce the world has ever enjoyed— has taken a heavy blow. Though people may not share the same view of Snowden, most of us share a common interest in finding a way back to trusted communications online. The question is how.

(MORE: Edward Snowden Gets a Job in Russia)

Of course, Snowden hasn’t told us much that most people in the business of technology or law enforcement didn’t already suspect was happening. Many nations follow the same logic for conducting digital surveillance. If it is legal, technically possible, and affordable—it’s happening. As for U.S. intelligence agencies, we learned the intersection at the heart of that Venn diagram features a very large area of activity. But the muted response from most of the world’s governments (with the exception of Brazil and Germany) suggests they weren’t that surprised either—or have been enjoying cooperation with the NSA. Snowden’s documents helped demonstrate the difference between what governments will tolerate from one another—in secret—and what the public will tolerate from other governments in the light of day.

The irony for Snowden is that his professed goal in releasing the documents—to protect the free and open Internet from mass surveillance and technical balkanization in pursuit of security—has perhaps never been more in jeopardy. In fact, his revelations may have made things worse. There may now be more recognition and agreement that the current balance between security and liberty has come unmoored from democratic values. But the prevailing responses to this epiphany have not steered things back towards guarantees of the rights of citizens on the Internet. Many nations have simply shrugged, confirmed in their belief that the digital world is ruled by the Lord of the Flies. Others—most notably in Brazil and in some European capitals—have responded by a turn inward towards “technological sovereignty.” For supporters of Internet Freedom, neither one of these outcomes is positive. We are headed towards a world in which the logic of intelligence agencies— “trust no one”—contaminates the Internet and degrades its social and economic value to the world.

(MORE: The Future of the Internet: Balkanization and Borders)

The way back from this abyss is not a magic formula of technical solutions or digital Maginot Lines around national Internets. The only answer is a steady march through difficult politics. First, we must have a public debate about these issues. Second, we must come together to devise common standards. Third, we expect Europe will have to lead this process, and present a unified case to the U.S. Brazil’s threats have the spirit of righteous outrage but would not produce the right policy or produce change at the international level. Europe has the right incentives and geo-political influence to lead—if it can get organized.

To begin, Europe has to put its own cards on the table. We know a lot about the NSA now and their closest partners at the British GCHQ. But the same facts about how the European intelligence systems work remains unknown. You can’t protest against Washington’s secret surveillance systems that target foreigners if you’re doing the same thing yourself. A new study points out that Europe and the United States are more alike than you’d think when it comes to surveillance law and policy, even if the scope of their practical capabilities is different.

We need the courage of strong convictions here for two reasons. One, it would prompt a declaration of what a new standard of digital surveillance should look like (a return to “necessary and proportionate” under a strict oversight regime). Second, it would blaze a path for domestic reform that sets an example for what others should do. Surveillance will not go away.  It is a critical tool of law enforcement and counterterrorism, but its growing power in the Internet age must be circumscribed.

Germany is a logical choice to lead this work because of its own history with totalitarianism in the 20th Century and its strong cultural support for privacy and limits on state control over individual liberty. And with recent reports that Chancellor Angela Merkel’s phone may have been tapped by the NSA, the political pressure for answers will grow. If Berlin lifts up the banner, Europe could organize itself around a new policy of restricted surveillance practices that are applied to all citizens of the EU—actually enforcing what they are already theoretically bound to do in protection of privacy under the European Convention on Human Rights.

If the EU united around a new standard, it would almost certainly count the global Internet industry as an ally, led by the titans of Silicon Valley. These companies are caught in a tug-of-war between governments and customers and would jump at the chance to be a part of a solution. Together, they could join forces with a growing chorus among civil society groups in the US and around the world that change must come sooner than later to Washington.

The old adage about history repeating itself is ringing in our ears. This road through hard politics is more or less what the European Parliament embraced as the path forward after the last major scandal over electronic surveillance—the exposure of the Echelon program in 1999. The final report and recommendations from Brussels were issued to member states in July of 2001. These were not dissimilar to what must be done now, but the events of 9/11 swept all of that aside. Just as President Obama has declared his intention to end the war on terror, he should also take a strong interest in leading an effort to reset his policies on surveillance to restore the balance between security and liberty—and in so doing, restore some of the trust that the Internet has lost.

Ben Scott is Senior Advisor to the Open Technology Institute at the New America Foundation and directs the European Digital Agenda program at the Stiftung Neue Verantwortung in Berlin. Georg Mascolo is the former Editor-in-Chief of Der Spiegel is now a visiting scholar at the Weatherhead Center for International Affairs at Harvard University. Scott and Mascolo recently co-authored a paper called Lessons from the Summer of Snowden. This article was originally written for New America Foundation’s WeeklyWonk