Home / Blogs

Governments Shouldn’t Play Games with the Internet

Governments often use small players as pawns in their global games of chess. Two weeks ago the European Court of Justice invalidated the EU-US Safe Harbor (“Safe Harbor”) framework, turning Internet businesses into expendable pawns in a government game. But for the past fifteen years, Safe Harbor allowed data flows across the Atlantic—fostering innovation and incredible economic development.

The Safe Harbor agreement mirrors the original goal of the Internet, ubiquitous information sharing regardless of borders. Now, with quadrillions of bytes of data transferred daily between our nations, accounting for trillions of dollars in trade, the Internet is essential for the global economy.

It’s no surprise that European institutions are looking for leverage to force the US government to negotiate further surveillance reforms. What’s troubling is the “strategic” move by European governments to conflate Snowden revelations of government surveillance with commercial data practices, in order to invalidate Safe Harbor. European governments don’t like that the American government spies on them and are using the Safe Harbor to reshape the negotiations. And while privacy is a fundamental right in Europe, it feels like governments are fighting and that private citizens and businesses have become the pawns.

But while the battle of global powers goes on, others are trying to misapply the European Court’s decision for their own benefit. Last month, at an Internet Caucus Safe Harbor event in Washington, EU panelists avoided discussing the European Court’s decision and instead turned their fire on private-sector data collection. However, the sinking of Safe Harbor was not about private businesses; it was about government surveillance. If we want to address the concerns of the Court, this sleight-of-hand is a dangerous distraction.

For more than 30 years, the EU has recognized that “cross-border flows of personal data are necessary to the expansion of international trade.” Since the Court’s decision was solely about government surveillance, the solutions must come from government-to-government dialogues. And only governmental entities can address these problems.

Our industry has pushed for surveillance reforms and we’ve achieved quite a bit in the U.S. since the initial Snowden revelations. Internet companies lobbied Congress to pass the USA Freedom Act, which prohibits the bulk collection of communications metadata under various legal authorities. NetChoice member companies have also been instrumental in pushing for enactment of the Judicial Redress Act, which the U.S. House of Representatives recently passed unanimously. Additionally, the Privacy and Civil Liberties Oversight Board published two comprehensive reports with concomitant recommendations related to key sections of the Foreign Intelligence Surveillance Act (FISA).

But these surveillance reforms must occur on both sides of the Atlantic. The US government should reform its surveillance, and European governments should do the same. Indeed, the European Court’s decision raises serious questions about whether surveillance laws in EU member states can withstand legal scrutiny under European law. Fortunately, there are wise folks in Europe who are now looking inward and realizing that their own laws are susceptible to the Safe Harbor legal challenge.

To overcome this Internet setback, governments on both sides of the Atlantic should enact government surveillance reforms as they enact a successor to Safe Harbor

Governments may see international diplomacy as a game of chess, but they’re playing with fire if they treat Internet businesses as game pieces to be attacked and taken off the board.

By Steve DelBianco, Executive Director at NetChoice

Filed Under


Up until recently, businesses were not players John Laprise  –  Nov 2, 2015 8:48 PM

Up until recently, businesses were not players in the international diplomacy game, merely pawns. While some governments might be on board with this new state of affairs, many are not and will continue treating business as pawns in the Great Game in which state surveillance is a key level of play.

The two, private data collection and government Todd Knarr  –  Nov 3, 2015 3:04 AM

The two, private data collection and government surveillance, are intertwined. As it stands, the situation reminds me of the spam RBL situation. As long as private companies can freely move data from the EU to the US without repercussions, they have no reason to argue with the US government when it demands they turn over the data nor to press for the US government to change the laws. We had the same situation with spammers: the activity was coming from people who were paying the ISP, the complaints were coming from people who didn’t and so the ISP had absolutely no reason to do anything about the spammers. RBLs changed that, now hosting spammers caused complaints from other customers of the ISP and now the ISP had to decide whether the money it was getting from spammers was worth the money they’d be losing if other customers decided to leave for ISPs who weren’t getting blacklisted. The same applies here: now there are repercussions to turning data over to the US government, companies now have a good reason to press the US government for change, and the US government will face pressure from people it does have to answer to.

The safe-harbor provisions had obligations that went along with the benefit of free data transfer. I see no fundamental problem with the EU holding that if companies can’t or won’t fulfill the obligations that they can’t get the benefit.

Nice one John Berryhill  –  Nov 6, 2015 6:32 PM

“European governments don’t like that the American government spies on them…”

But European citizens just love it?

In democratic societies, Steve, the operative assumption is that the governments represent the people in those societies.

Neither European nor American citizens are enamored of the various ways in which their data is exploited (yes, all by ‘click here to agree’ fictions) by big business and big data either. 

Your point would make a whole lot more sense if you could point to some reason to believe that the governments in question are not merely doing their jobs and reflecting the will of the people who elected them.

...and European citizens may be just as concerned that their own governments spy on them. Steve DelBianco  –  Nov 6, 2015 7:26 PM

John -- European governments spy on traffic that passes over their networks, too. And they picks-up traffic for both European and non-European citizens. See this report I guess you could say those European governments are just doing their job, which may include spying on internet traffic. I'm saying that government spying is the reason cited by the court to sink the Safe Harbor. So lets not suggest that private online services -- based in the US or in Europe -- are the cause of this problem.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet




Sponsored byDNIB.com

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API