By Maria Monti
As Hobbes used to say “the human being is a social animal” and sharing information, interactions, and details of our personal life is essential. In the modern world, young and old people use online platforms to socialize, communicate, and acquire or spread information. As of October 2024, 5.52 billion people are internet users and therefore have used the Internet to upload content, send emails and messages, or even do simple research online. Such information is stored and controlled by the smartest software, but what if the information people think is safe and secure was instead used every day to research the population?
Governments use data to “keep an eye” on citizens and ensure safety, for example by tracking illegal markets and individuals suspected of terrorism and to uncover possible threats to national security. However, to which extent governments and the private sector access personal data is a compelling ethical question. On the one hand, some arguments emphasize the responsibility to ensure the protection of citizens, and that access to personal data is therefore necessary for a superior goal. On the other hand, the potential abuse of this power or the threat of information leakage might represent a menace to freedom of expression and action.
The access to cross-border data is a valuable tool for many governments to get to know their citizens and help create a safer society. Accessing to such data is restricted to indispensable motifs and can happen only through legal and open ways, such as the official purchasing of data, the voluntary providing by companies in case of an imminent threat to the safety, and the compelled access through a legal process (which is true only for democratic countries, since non-democratic countries are more prone to coercion). Furthermore, discussing the motifs for which such access would be justifiable, the prevention of crime and terrorism stands out among the main objectives. Law enforcement agencies can use data to track down criminals, monitor potential terrorist activity, and prevent cyber attacks.
Balancing the interests of the country with appropriate mechanisms under a lawful process is an undeniable need. More and more governments worldwide are building a completely new law system dedicated to the protection of online privacy of users, with 69% of the countries that now have data protection and privacy legislation in place. For example, the General Data Protection Regulation (GDPR) in the European Union seeks to protect individuals’ privacy rights by imposing strict regulations on data collection and usage. Such laws should protect citizens’ fundamental privacy rights and at the same time respect the sovereignty of other nations. Indeed, it is true that the globalized world has become more flat and countries’ borders seem to blur on the internet, but regulations and laws should be respected worldwide even when exporting data from one location to another.
Regarding that, the ICC (International Chamber of Commerce) published a white paper that covers the policy recommendations for governments and businesses to ensure transparent and legal access to data. The paper shows a draft of seven principles that would guarantee the establishment of common global rules on obliged access of data, these include: acting under existing legal bases, the pursuit of legitimate aims, the requirement for approval by an administrative body, the handling of personal data in a way that ensures its security, transparency of action, reporting non-compliance and remedies in case of data breaching.
Such regulations would increase the trust that citizens put in institutions and would create a more transparent procedure from governments regarding the use of data and the privacy of Internet users.
At the same time, the concerns about the potential abuse of such powerful tools are a compelling argument among citizens. Indeed, access to data can be threatening to target political opponents, suppress opposition, and target the privacy and liberties of the population. The possible risk of data breaches or unauthorized access to information is the main concern of citizens. In addition to that, the population starts feeling a sense of constant surveillance which, in the long term, can harm individuals’ mental health and trust in organizations. Such worries have a strong base to raise since history has shown that the access of private data by the government without the direct consent of the users has already happened.
An example is the revelations of Edward Snowden in 2013 that showed that the US government had engaged in extensive surveillance of its citizens, including the collection of phone and internet records. The former NSA (National Security Intelligence) contractor and whistleblower (who must report government wrongdoing), revealed in an interview many programs which were collecting data from citizens without clear authorization. The first program to be revealed was PRISM, which allowed for direct access to data on the servers of Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. In addition, the initial report included details about NSA call database, Boundless Informant (a data analysis and visualization tool), and a secret court order requiring Verizon (the second largest communication agency of the US) to hand the NSA millions of Americans’ phone records daily, as well as the surveillance of phone and Internet records of French citizens. Their specific targets were French people either “suspected of association with terrorist activities” or in “the worlds of business, politics or French state administration.” It was shown that the NSA was harvesting millions of email and instant messaging contact lists, searching email content and tracking and mapping the location of cell phones. In addition, the NSA was shown to be secretly accessing Yahoo and Google data centers to collect information from hundreds of millions of account holders worldwide by tapping undersea cables using the MUSCULAR surveillance program (a surveillance program jointly operated by Britain’s Government Communications Headquarters, GCHQ, and the NSA).
Another example is China’s Social Credit System which is an extensive government data collection initiative. The system assigns citizens a social credit score based on their behavior, evaluating from financial responsibility to social interactions. Such data is collected thanks to the collaboration of every field of the industry, from social media to the health care system and law enforcement. While some argue that it promotes social order since citizens have an incentive to portray respectful actions toward society, critics view it as a form of constant surveillance and control, potentially leading to discrimination and social exclusion.
In conclusion, the intersection of data privacy and government surveillance presents a complex and multifaceted challenge that requires careful navigation. As our reliance on digital platforms continues to grow, so does the potential for both constructive use and misuse of personal data. While the need for governments to access data for legitimate purposes -such as crime prevention and national security- can be justified, this necessity must be balanced against the fundamental rights of individuals to privacy and freedom from unwarranted scrutiny.
Photo: Markus Spiske via Unsplash
