European Court of Justice, By sprklg, Kirchberg, CC BY-SA 2.0
‘You know, you go to protests in Germany and in France and they just don’t do that level of intelligence gathering. And when I’ve spoken to activists in Europe they talk about Britain as in, as if it’s this fortress. “You can’t possibly break the law,” you know, you — people say “oh, yeah, you know this person spray painted this bank.” And people are like “oh, did they get caught? Presumably in Britain, you know it’s such a surveillance state.”’
Proponents of Brexit love to paint the European Union as an authoritarian institution which poses an existential threat to an ancient tradition of British (or English) liberty. Those who have come into meaningful contact with British domestic security practices, such as the anonymous British activist quoted above, beg to differ.
While the European Union may not have a perfect record in standing up for the privacy rights of its citizens, there is no reason for thinking that Britain would do better on its own. On the contrary, if anything, European institutions have played a role in helping to counterbalance some of the UK’s more draconian tendencies.
Perhaps the most problematic piece of European legislation for those concerned about state surveillance of their day to day lives is the Data Retention Directive, which requires member states to store records of citizens’ phone and online interactions (though not the ‘content’ of these interactions) for between six months and 2 years. The IP address and time of use of every email, phone call and mobile text message sent or received within the EU have been made available to police and security authorities’ requests.
Ironically, this piece of legislation was the brainchild of the Blair‑era British government, which took advantage of the aftermath of the 7/7 bombings to push the measure through the European Council. And yet, two years ago, in a dramatic challenge by Digital Rights Ireland, the European Court of Justice overturned the directive on the grounds that it was incompatible with fundamental rights. The Commission did pressurise Member States to implement the legislation and could still introduce a new version that takes account of this judgement, but has not yet produced one.
On the other hand, the European Commission has also passed the Privacy Directive, which is a useful instrument protecting the rights of European Citizens relative to the data amassing powers of large Internet corporations. The Austrian law student Max Schrems became a poster-‐‑boy for the powers of the directive when he successfully forced Facebook to provide him (in a mountain of pdf documents) all the data they held on him. No doubt Facebook saw this as an example of just the kind of ‘red tape’ Brexiters rail against.
While far from perfect, the European parliament has also played an active role in defending the digital rights of European citizens. The parliament called European authorities and member states to do more to safeguard citizens' surveillance concerns in response to the Snowden leaks. In a 2015 resolution it urged the commission to ensure that all data transfers to the US are subject to an adequate
level of protection, criticised recent surveillance laws in several EU countries (including the UK) and even asked EU member states to grant protection to Edward Snowden. Although one can debate the extent of the EPs real impact on these questions, at least it has served as a forum where European electronic rights activists concerns have been heard and welcomed.
By contrast, the UK has shown that it is perfectly capable of developing highly expansive ways of spying on its own citizens without any need for interference from Brussels. Much has been made of the supposedly ‘unlawful’ data-sharing relationship between the UK’s spy agency GCHQ and America’s NSA, based on a ruling last year by the Investigatory Powers’ Tribunal. In reality, what is perhaps more shocking is that the Tribunal actually found that GCHQ’s relationship with the NSA was, apart from one small and ‘entirely hypothetical’ possibility ‘lawful and human rights compliant’. This was the same arrangement that saw GCHQ (with NSA’s massive technical assistance), tapping transatlantic fibre optic cables that allowed it to spy on virtually the entire Internet. The Tribunal’s report is a testament not to the restrained nature of trans-Atlantic intelligence sharing, but to the toothlessness of British laws regulating surveillance.
If Britain leaves the EU and (a near certainty in the event that it does) the European Court of Justice and (potentially) European Court of Human Rights as well, it is almost certain that British police and intelligence will still want to cooperate with their European counterparts in much the same way as before. All that will have been removed are human rights and democratic safeguards presently available to hold this to account. We know the people who are likely to be in charge after an EU exit vote have spoken of trying to reorient the UK’s trade and freedom of movement relationships towards other English speaking countries. In surveillance-land, this is already largely the case. Britain freely shares intelligence and helps to spy on the world through the ‘Five Eyes’ club of English speaking countries. In the modern world, of course, intelligence sharing is often vital. But where there is transnational power, there ought also to be transnational responsibility. For all its faults, the EU can, on occasion, offer the clout in a globalised world to hold others to account on behalf of its citizens. A global web of opaque arrangements between secretive agencies in which the strongest individual powers exercise a policy of divide and rule is the likely alternative.