While current headlines focus on countries spying on each other and companies collecting their customers’ data, the most troubling development is how governments have begun to surveil their own citizens – to the detriment of personal freedom.
The United States government has blacklisted two Israeli companies, NSO Group and Candiru, for supplying foreign governments with advanced spyware that allows them to surveil telephone and electronic communication almost anywhere in the world. The move was apparently triggered by the Indian government’s alleged use of these technologies to spy on its own population, especially people associated with the opposition. It has also been alleged that French President Emmanuel Macron’s cellphone was tapped using NSO’s Pegasus software.
Spying has always been a part of statecraft, and it always will be. Not only is it legitimate for leaders to protect their own country’s interests by gathering intelligence on other nations’ intentions, it is also their duty. They also need to collect information on criminal groups inside their countries. Infiltrating such organizations and listening in to their communications is necessary to ensure security. Internal surveillance, however, should be based on probable cause and approved by a judge.
A few years ago it was reported that U.S. intelligence services had tapped the phones of several European leaders, including German Chancellor Angela Merkel. Europe worked itself up into a hypocritical rage. Chancellor Merkel strongly condemned the practice, but shortly thereafter it came out that the Germans had been listening in on the Austrian government’s communications. This cabaret simply showed how spying is general practice. The intelligence services only sinned by violating the proverbial 11th commandment: Thou shall not get caught.
Interestingly, Palantir, a U.S. company, offers similar technological tools to those sold by the blacklisted Israeli companies. However, the real concern here is governments’ surveillance of their own citizens. Today, many frequently infringe on the human right to privacy and individual freedom in the name of ensuring security.
India was not the only country to procure the Israeli systems in question. Some Western countries did too, including Germany. We can hope that these governments are just using the technology to spy on potential terrorists and other criminals, and not using some pretext to undermine the opposition.
Such practices violate the most important foundation of the rule of law: the presumption of innocence.
Unfortunately, governments have used terrorism as an excuse to water down the rules protecting citizens against illicit state intervention. One good example is the Patriot Act in the U.S., which was passed after the 9/11 terrorist attacks. In 2006, the European Union required member states to store electronic telecommunications data for at least six months and up to two years in the hopes of helping prosecute crimes. Telecom companies were required to store their customers’ information.
The European Court of Justice later declared that member states could not impose a general obligation to retain all data. Nevertheless, the practice continues in other ways. Monitoring criminals – including terrorist groups – is necessary, especially to protect citizens’ lives and property. However, storing all communication data violates the principles of free societies and the spirit of democratic constitutions that guarantee citizens’ protection against the state. Such practices put every individual under suspicion and violate the most important foundation of the rule of law: the presumption of innocence.
The protection of private and personal data is paramount. To this end, in 2016 the European Union adopted the General Data Protection Regulation (GDPR), which is exceedingly complicated and comprehensive. It obliges all enterprises – public or private – to protect personal data and has numerous specific provisions. These rules have cost businesses billions of euros.
All this could be considered worthwhile given how important it is to protect citizens’ privacy. Yet the GDPR only goes so far – governments can still enact legislation to collect and retain data. Supranational tendencies, as well as EU institutions’ and member states’ appetite for such information, have begotten reams of regulations allowing entities to compile and transfer citizens’ data.
Facts & Figures
The Social Credit System in China
China’s Social Credit System consists of a master database, a blacklisting system and a reward and punishment mechanism. Local and national government agencies have pooled their data into the database, and have developed their own lists for “good” and “bad” behavior. Those on the “good” lists are allowed special privileges while those on the “bad” lists have their rights restricted. So far, only local governments have implemented such systems, but many believe a nationwide scheme is only a matter of time.
All this raises questions about data security, and especially about personal freedom. Should governments have so much access to personal information? Should they be able to use it and transfer it wherever they like?
Events in both the past and the present show that politicians and public administrations have a bad track record when it comes to misusing intelligence against their own people for gain. We need not point to India. After all, Watergate was not so long ago – and similar cases are certainly still occurring around the world.
The Covid excuse
The Covid-19 pandemic has offered governments a perfect excuse for introducing strict control over citizens. Once the disease has finally retreated, it is paramount that contact tracing be discontinued and made illegal. Because of the work and technology it requires, some governments have neglected the practice or abandoned it altogether. Nevertheless, it is easy to imagine politicians leaving the rules and infrastructure for contact tracing intact, to be used again at their convenience.
The increasing ubiquity of surveillance cameras also presents a threat to privacy. While police can put these to good use in tracking criminals and preventing certain offenses, having them on every street corner gives the impression that everyone is being watched. This has become an especially common practice in the United Kingdom. Britain has long been a stronghold of personal freedoms – it is, after all, the origin of the saying “My home is my castle.”
This comprehensive collection of data ultimately results in the state controlling the people.
Still, the biggest concern remains the powers governments have acquired to collect information on their citizens through “emergency” legislation and telecommunication data retention. The argument that such measures help prosecute crimes is not sufficient to put the whole population under general suspicion.
Moreover, there is a crucial difference between how governments and how businesses – like the big technology companies – collect data. The state can force people to reveal information about themselves, and can use retaliatory measures if they present false data. On the other hand, modern commerce is making it unavoidable that companies collect data – but that information is more basic: your shopping habits or your favorite food, rather than your personal finances, for example. And customers have a choice as to whether they reveal their data. Besides, it is preferable that such data be used for commercial purposes than for controlling the population.
Governments need certain data to fulfill their duty as a provider of services for citizens. But such comprehensive collection of data ultimately results in the state – led by an anonymous technocracy – controlling the people, the real sovereign. It is a grotesque reversal in governance.
Officials increasingly leak such information to the media to create public pressure for outcomes that benefit them. This is especially true when it comes to judicial systems – if prosecutors think that the case may not be going their way, they can use the media to create a clamor for a particular outcome. At one point British authorities wanted to publish the names of citizens who they thought should pay more in taxes, even though these people had met all of their legal obligations.
Europe talks arrogantly of its liberal democracy and respect for the rule of law. This should mean that the real sovereign – the citizen – is protected against the state, for which laws are also binding. Unfortunately, that is no longer always the case, whether we are talking about the EU or its member states – as shown by the examples mentioned above. Many Western countries are rightfully critical of China’s Social Credit System project (see box), but they should have a closer look at their own practices. It may turn out that we have slowly crept closer to such a system than we would like to admit.