Skip to main content

Songs on the Security of Networks
a blog by Michał "rysiek" Woźniak

Friends of TTIP and data protection in Brussels

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

I had the pleasure of attending the Friends of TTIP Breakfast Debate #4, about data protection, privacy and TTIP. What’s symptomatic is that one of the questions posed in the information about the debate, was phrased:

  • “What are the dangers of data protection for TTIP?”

What is clear from this little titbit are the priorities of people involved in TTIP negotiations. Namely, their main interest isn’t protecting rights and freedoms of EU citizens. It’s getting TTIP signed into law. Well, at least now we know, right?

Anyway, I was prepared by a friend with some interesting questions, that were both on-topic and probably quite stirring (we’re not great friends of TTIP ourselves). I was not prepared, however, for the surprise I was going to get.

Namely, panel speakers had many of the same questions!

The Panel: NSA, data protection and TTIP

The debate oscillated mainly around the question whether or not Snowden leaks and data protection are relevant to TTIP negotiations. There were some that claimed that these issues are separate and do not influence one another (namely, EPP MEP Axel Voss and Erica Mann, a Socialist MEP turned Facebook lobbyist). Mrs Mann went as far as to say that mixing privacy, data protection and TTIP discussions is dangerous. Mr Voss acknowledged however that safe harbour has its weaknesses.

Mrs Mann also stated, to my amusement, that “big ICT companies, like Facebook, are as European as they are American, as they operate here and have a lot of users here” and that there are already several EU companies building upon the infrastructure of Facebook (so, “Facebook is good for EU business” argument).

Kostas Rossoglou, a senior legal officer at BEUC, took a firm stance that data protection is a crucial topic for TTIP negotiations. Or, rather, that data protection is not for negotiations, as privacy is considered a human right in the EU, and cannot be waived in a trade treaty.

In no uncertain terms Mr Rossoglou stated that TTIP cannot be allowed to weaken existing EU consumer and data protection regulations, that arbitration processes regarding data protection and safe harbour are ineffective, and that it’s clear that the NSA scandal is connected both with data protection and TTIP – after all, how can we trust self-regulation by companies that have already broken our trust (by giving away users’ data to three-letter agencies, regardless whether it was legal in the USA or not)?

The conclusion is simple: safe harbour has proven ineffective at protecting EU citizens rights by being a de facto free pass for US companies and US agencies to work-around the EU personal data protection regulations, and US and EU privacy protection systems seem to be irreconcilable.

Rainer Koch, of Deutsche Telekom (and the fourth person in the panel) didn’t have much to say about data protection and privacy, being more interested in competitiveness that TTIP purportedly would strengthen.

Question time!

Then there were questions from the public. Several people spoke; notably, a representative of the European Commission commented on the topic by stating that NSA and data protection are not, in their opinion, topics related to TTIP, as TTIP negotiations are not concerned with fundamental rights (that’s an interesting take on the fact that TTIP simply seems to ignore data protection and privacy as fundamental human rights in the EU).

There was also a person from the US Department of Trade (the US party to the negotiations), explaining how well the arbitration actually works (hint: nope, it doesn’t, as a private citizen to actually start an arbitration process has to pay several hundreds of dollars, not returnable).

Many of questions I wanted to ask had already been brought up by Mr Rossoglou, but I still had a few up my sleeve:

Secrecy of negotiations

Around 5000 amendments, 100 compromise positions, but still 0 documents the public can read; how can TTIP have legitimacy when negotiated in such an opaque, non-transparent manner? I seem to remember other trade agreement that had been negotiated in secret…

To my surprise all the panelists agreed that more transparency is required. That’s a big step. Now we just have to make them follow up on that with concrete actions…

Facebook controls the economy

While many EU companies build upon Facebook, the power dynamic is extremely one-way – Facebook can unilaterally kill the whole industry with a stroke of a pen (just as Twitter has). Which European company has been represented in similar meetings in the US? Why isn’t there a European company here to support TTIP?

Of course, I had missed Deutsche Telekom’s participation to the panel, so I immediately retracted the last part – but the main question still stands. How can Facebook claim to be a boon to the economy if it can kill a whole branch of ICT market just by changing their API policy?

Does Facebook share as much with EU security agencies?

Do american companies whom Mrs Mann claims to be as European as American share as much data with European security agencies as they apparently do with NSA?

Mrs Mann’s reply was “we only give data upon legal request” – which leaves us to wonder if they heed such “legal” requests also in Belarus, Russia, China and Iran? After all, these countries also have courts and court orders, right?..

Facebook mixes the discussions itself

How can you claim, Mrs Mann, that privacy, data protection and TTIP topics are dangerous to mix while working for a company that actually builds its business model on this very mix? Private citizen data are your trade secrets! There was a time when Facebook didn’t even want to give users’ data to users that created the content themselves!

Somehow Mrs Mann was not willing to reply to this question.

Wrap-up

During the wrap-up panel session all the panelists agreed that more transparency is needed. What was remarkable was that Mr Voss said that TTIP can be a good used to renegotiate safe harbour, and that the US has to understand how important an issue personal data protection and privacy is in EU, and has to acknowledge that, as apparently the US government does not respect EU privacy regulations; that deep-mining and analysing data taken by US government from Internet giants is simply not acceptable; and that safe harbour has to be improved, “otherwise we are not willing to go forward as we have in the past.”

These are some strong words, strong positions on important issues that seem so much better than what we had heard during the ACTA process. Hopefully they will influence the policy in the right way.