The Center for Internet, Communications, and Technology Policy’s (CICT) Comments
On Silicon Valley’s Reform of Government Surveillance
By Jeffrey Eisenach
First, the principles laid out by the coalition are hardly radical ones, but rather common sense expressions of rights most Americans surely thought, until recently, they already had. If folks in the national security establishment have problems with any of these, they ought to explain what and why.
Second, based on what we know, it seems clear that many governments, including our own, have been violating at least some of these principles. The political problem facing the U.S. – as is so often the case in privacy matters – is the violation of expectations, which is another way of saying that the U.S. national security establishment appears to have been operating in a political vacuum, either imagining that its surveillance activities (e.g., the NSA’s 1.5 million square foot Utah data storage facility) would never be publicly revealed (Really?), or completely clueless to, and unprepared for, the reaction once they were.
Third, it would be interesting to assess the list of companies joining the coalition based on two variables:
(1) Government contracts as a percentage of revenues; and,
(2) Extent of operations in heavily regulated markets.
All of these companies, I’m confident, rank very low on both metrics. I’m not criticizing anyone here, just noting that there is a relationship between a company’s ability to stand up for freedom, on the one hand, and its economic dependence on the state, on the other. (Imagine if John Hancock had been CEO of a publicly regulated utility and you get my drift.) That’s something civil libertarians who favor more government spending and regulation ought to keep in mind.
The debate will go on, and finding a sensible middle – one that protects our security without compromising our freedoms – will take some work. Is it too much to ask President Obama, our Constitutional-Law-Professor-in-Chief who has presided over everything that is now coming to light, to consider getting out in front on this one?
Here are the five points from the firms’ statement:
1. Limiting Governments’ authority to collect users’ information
Governments should codify sensible limitations on their ability to compel service providers to disclose user data that balance their need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the Internet. In addition, governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications.
2. Oversight and accountability
Intelligence agencies seeking to collect or compel the production of information should do so under a clear legal framework in which executive powers are subject to strong checks and balances. Reviewing courts should be independent and include an adversarial process, and governments should allow important rulings of law to be made public in a timely manner so that the courts are accountable to an informed citizenry.
3. Transparency about Government demands
Transparency is essential to a debate over governments’ surveillance powers and the scope of programs that are administered under those powers. Governments should allow companies to publish the number and nature of government demands for user information. In addition, governments should also promptly disclose this data publicly.
4. Respecting the free flow of information
The ability of data to flow or be accessed across borders is essential to a robust 21st century global economy. Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country’s borders or operate locally.
5. Avoiding conflicts among governments
In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty — or “MLAT” — processes. Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict.
Jeffrey Eisenach is a visiting scholar at AEI. Eisenach has served in senior positions at the Federal Trade Commission and the Office of Management and Budget. At AEI, he focuses on policies affecting the information technology sector, innovation, and entrepreneurship. Eisenach is also a senior vice president at NERA Economic Consulting and an adjunct professor at the George Mason University School of Law, where he teaches Regulated Industries. He writes on a wide range of issues, including industrial organization, communications policy and the Internet, government regulations, labor economics, and public finance. He has also taught at Harvard University’s Kennedy School of Government and at the Virginia Polytechnic Institute.