In a major address to the German Marshall Fund yesterday, outgoing Commerce Department General Counsel Cameron Kerry brought some refreshing clarity to the current discussions of privacy and government surveillance.
He started in the right place with a ringing endorsement of the progressive use of big data as a tool for economic and social improvement. He referred favorably to “breakthroughs in medical research from aggregated health care records that can produce information far more robust than the limited populations of medical trials,” and cited a recent example:
“The drug Herceptin was developed through identification of the HER-2 oncogene from records of 9,000 breast cancer patients. IBM is working with hospitals and the IBM-WATSON natural language system to collect anonymized medical records in ways that protect privacy and analyze unstructured data applying the power of new analytic technologies across many different text-based medical records previously unintelligible to computers.”
As SIIA noted in a recent whitepaper, the seamless flow of data across borders is important to the growth of data-driven innovation and the global economy. Kerry underscored the economic importance of cross-border data flow:
“Trans-border trade – and especially transatlantic trade – now relies on the continued open flow of data, and cutting off these flows would cause significant and immediate economic damage. Moreover, it would lead to loss of competitiveness on both sides as other economies around the world that embrace open Internet architectures and freedom to experiment with data analytics offer havens for innovators. Our economic future is at stake in our international engagement.”
Then he noted the importance to transatlantic trade of the Safe Harbor arrangement that has governed transfers of information from the European Union to the United States for well over a decade. He warned of the dangers a weakening of this framework would pose to transatlantic trade:
“Today, more than 4,000 companies have subscribed to the Safe Harbor Framework. Many of these are U.S. subsidiaries of EU companies that also rely on the framework…Safe Harbor is a fundamental building block of the trade relationship between the United States and Europe…Any step back from Safe Harbor would send the trading relationship between the U.S. and the EU backward.”
This worry about a threat to the Safe Harbor Framework is not idle. On July 19, 2013 Viviane Reding, European Commission Vice President, issued a statement saying, “The Safe Harbour agreement may not be so safe after all.” On July 24, 2013, a statement from the Conference of German Data Protection Commissioners indicated that it would examine whether transatlantic data transfers “should be suspended on the basis of the Safe Harbour framework.”
The basis for this threat to the Safe Harbor in both cases is the NSA revelations regarding government surveillance–but this is mixing up apples and oranges.
The EU Data Protection Directive and the Safe Harbor both provide an exception for national security purposes. In the US and EU regime, the law, regulation, and policy considerations that relate to protecting consumer privacy in a commercial context are completely different from the law and policy and constitutional considerations that govern government surveillance.
Moreover, putting onerous burdens on the commercial transfer of information as a backdoor way to control government surveillance is self-defeating and counterproductive. It distracts from real measures that might protect citizens from overly intrusive government surveillance and it puts an unnecessary burden on commerce that is not justified by the need to preserve and protect consumer privacy in a commercial context.
Kerry’s remarks yesterday show he grasps these issues clearly. It might have been his last public statement before leaving his current post at the Commerce Department, but it sets a promising roadmap for Obama administration policy in this area.
Mark MacCarthy, Vice President, Public Policy at SIIA, directs SIIA’s public policy initiatives in the areas of intellectual property enforcement, information privacy, cybersecurity, cloud computing and the promotion of educational technology. Follow the SIIA Public Policy team on Twitter at @Mark_MacCarthy