Much is made of the damage to US civil liberties of Ashcroft, Poindexter et al’s new crusade against the enemy within. But, as Henry and I discovered at CFP 2003, few people Stateside have really grasped the deep and permanent damage the war on terror is doing to European human rights and civil liberties. This isn’t simply a case of the US pushing unpalatable policies on its hapless allies (though there’s plenty of that going about), but is a more complicated situation in which the law enforcement / Justice and home affairs crowd have used the US war on terror to ram through retrograde measures that no civilised democracy should tolerate.
The war on terror is being used as a means to unpick, thread by thread, the European privacy protection regime. In two key issues in the last 18 months – communications data and airline passenger data – the Bush Administration has pushed the EU either to gut its privacy protections or simply to flout them. And Justice / Interior ministries throughout the EU member states have been beside themselves with happiness at the prospect of hoovering up terabytes of information about European citizens on the pretext of fighting terrorism.
On communications data, President Bush wrote to the President of the European Commission in October 2001 asking that the protections against the widescale retention of citizens’ data in a draft Directive on communications privacy simply be removed. The European Council of Ministers pushed hard to get Bush’s request implemented, and eventually the European Parliament rolled over. Since then, the Council of Justice and Home Affairs ministers has been manouevring to introduce mandatory retention of traffic data by communications providers (i.e., information on who you’ve called, which websites you’ve surfed to etc). It secretly surveyed member states last summer about their own retention practices. My favourite respnse was from Ireland who answered the question «Have you received any reports from your law enforcement authorities that have indicated an obstruction of their work due to the non-existence of appropriate legal instruments concerning traffic data retention?” with a simple “No.” The Irish Dept. of Justice had just introduced a secret, temporary measure to require telcoms providers to retain their customers’ data for 3 years, the longest period in Europe.
Within six weeks of the September 11 attacks, the UK introduced within a piece of omnibus legislation that covered immigration and asylum, electronic surveillance, disease control, etc. In effect, the bill Anti-Terrorism, Crime and Security Act 2001 was a patchwork quilt of the nastiest measures the Home Office had failed to get through Parliament in previous criminal justice and immigration bills. It was railroaded through Labour’s supine majority in the House of Commons, and only the few brave souls in the House of Lords who threatened to hold it up until after Christmas managed to wrangle some concessions out of a Home Secretary who was completely dismissive of“airy fairy” civil liberties concerns. (I don’t mind saying this episode entirely changed my views about the merits of the House of Lords, but that’s another day’s blog.) This Act introduced mandatory data retention, though it described it as voluntary; the Home Office is still wrangling with industry players on how to implement it. By requiring all citizens’ data to be kept all of the time, and giving access to third parties for reasons that have nothing to do with fighting terrorism or even serious crime, data retention is a disproportionate measure that probably contravenes Article 8 of the European Convention on Human Rights. But until case law determines more precisely the concept of proportionality in this context, some will continue to argue that keeping everyone’s data ‘just in case’, is a proportionate response to terror.
Whether through a single harmonising European instrument, or through piecemeal legislation by EU member states, Bush’s request for mandatory communications data retention in Europe will probably be met within the next year or so. And not simply because the Bush Administration intervened in internal European policy making, but because the powerful domestic law enforcement and security lobbies saw their chance to seize the upper hand, and grabbed it.
Airline passenger data is a slightly different story. Informal agreements between the European Commission and the US government give the US access to EU citizens’ personal data, and force airlines to act in a way that is clearly unlawful. This sorry story deserves a post in itself; suffice to say that earlier this year, the US threatened to stop planes flying from Europe if European airlines did not open their passenger databases to a myriad of unspecified US government agencies and allow those agencies to retain that data for up to 7 years. Just this week, the Swiss data protection commissioner’s annual report directly criticised the US War on Terror for forcing airlines to break Swiss law by handing over passengers’ personal data to US law enforcement without consent or limit. It is galling that these anti-terrorism measures are being eagerly used by some governments to push a radically anti-immigration agenda. I blogged a while back about the Spanish government’s efforts to goldplate access measures to passenger data and push them through the secretive and undemocratic Council of Justice and Home Affairs Ministers.
Two questions. How would the US public react if the EU was seen to involve itself so forcefully in US questions of fundamental rights? And why are the European governments that most strongly supported the US in its war in Iraq – the UK, Spain and Italy – making the most of the war on terror to tip the balance in favour of law enforcement and against privacy and assorted human rights?