'Fortress Europe' is turning inwards after battling immigration. Surveillance of its own citizens has become a commercial imperative and a European security-industrial complex is forming. However, in our time of CCTV, DNA databases, biometric passports, digital identity cards, Automatic Number Plate Recognition (ANPR) and facebook privacy settings, European citizens are acutely aware of the conflict between security and liberty. This trade in privacy has fuelled the debate around the Data Retention Directive, which aims to fight serious crime by storing most of our electronic communication. One of the remaining strongholds against the directive is Norway.
In 1785 Jeremy Bentham, the utilitarian, devised what has since been known as the perfect prison. The Panopticon is an architectural design that allows for observation from its centre without the incarcerated knowing they are being watched. From 1953 to 1955, Fidel Castro was imprisoned in the only panopticon ever to be built. In Presidio Modelo (image) on the Cuban island Isla de la Juventud, however, the revolutionary was kept in solitary confinement throughout his stay. The lawyer's vocal opinions were considered too subversive for him to join the rest of the prison population. Thus, in the only realisation of Bentham's prison, an Achilles' heel was found in its failure to control communication. In Europe, a construction is currently being erected which extends the observational powers of Bentham's panopticon to include the observation of our communication. Something akin to the perfect prison is being built by a combination of a European programme, which funds a large number of surveillance projects, and a European directive that aims to record our digital communication.
What is often referred to as the European Union's Security Research Programme (ESRP) is the area of the Seventh Framework Programme (FP7) that is concerned with security. The seven-year long programme, initiated by the European Commission, makes EUR 1.4 billion available for security-related research.
The ESRP has been criticised for being saturated by conflicts of interest, where the "design of the ESRP has been outsourced to the very corporations that have the most to gain from its implementation" (p. 5, NeoConOpticon). A report by TNI (Transnational Institute) and Statewatch says of the programme's inception:
As EU policy-making goes, it was an extraordinary process. The ‘Group of Personalities’ (GoP) on security research was convened in 2003. It met only twice but served to cement the structure, objectives and ideology of the future ESRP. The GoP included the European Commissioners for Research and Information Society, plus, as ‘observers’, the Commissioners for External Relations and Trade, the High Representative for the EU’s Foreign and Security Policy, as well as representatives of NATO, the Western European Armaments Association and the EU Military Committee [...] Also represented were eight multinational corporations – Europe’s four largest arms companies (EADS, BAE Systems, Thales and Finmeccanica), and some of Europe’s largest IT companies (Ericsson, Indra, Siemens and Diehl) – along with seven research institutions, including the Rand Corporation. (p. 9, NeoConOpticon)
Whilst many of the projects that receive funding through ESRP have aims that appear to enhance our security without negatively affecting our civil liberties, others suggest a new paradigm in European surveillance:
The commercial potential of the ESRP has predictably been seized by the actors in the security- and defence industries. They are, as experts in their field, certainly required for policy-making. But in ground as fertile as ours after the terror attacks in London and Madrid, they should not be at the helm of European security of the future.
Now, if the ESRP reconstructs the observational power of Benthams's prison (the principle of full visibility from a single point at its centre), then the Data Retention Directive firmly removes the Achilles' heel that was found in the Cuban panopticon.
Directive 2006/24/EC, otherwise known as the Data Retention Directive (DRD), is considered a consequence of recent European terrorism. It aims to 'harmonise' the retention of data across the European Union. Its purpose is to "ensure that the data is available for the purpose of the investigation, detection and prosecution of serious crime". In practise, this means that traffic and localisation data has to be retained by service providers (of telephone, mobile phone, IP-telephone, e-mail and Internet); in layman's terms, this means that information to be kept is that which can determine who communicates with whom, where and when this communication occurs, and how it occurs. (The viral You are a Terrorist (Du bist Terrorist)) is a satirical response to German social marketing campaigns but the first 45 seconds accurately reflect the scope of the DRD.)
The directive was published in March 2006 and required transposition (implementation) by September the following year. Upon adoption of the directive, nearly all the European member states opted to take the postponement, until March 2009, of retaining Internet data.
In July 2006, only two months after the directive came into force, Ireland brought a case to the European Court of Justice, demanding that the directive be annulled, claiming that "it was not adopted on an appropriate legal basis". Ireland's argument was that the directive, whose aim is to combat organised crime and terrorism, should not be legally tied to laws concerning the internal market (trade). Ireland lost the case in 2009, and the directive, which in a sense stores digital identities, is today allied to the imperatives of the internal market, leaving European citizens exposed to future commercial interests.
One consequence of Ireland's failed action was that the directive continued to apply to all the members of the European Economic Area (EEA), and not just the members of the European Union. In Norway, an EEA-member through EFTA, this forced politicians off the fence and into the debate that had already produced a very successful petition, a popular facebook group and other initiatives.
Although it never became a campaign issue in last year's general election, even the re-elected 'red-green' coalition's political programme embodies the disagreement in the Government on the directive:
The Norwegian Labour Party would like to implement the Data Detention Directive, assuming that the Directive does not interfere with or have negative consequence for the right to privacy or personal information protection. The Socialist Left Party and Centre Party oppose the implementation of EU's Data Detention Directive.
A recent public consultation on the directive shows that the Labour party faces a significant uphill struggle in trying to get it implemented. The first hurdle is to find enough courage/folly to face up to the vast array of organisations who advise against implementation. These include several Government departments, the main trade union (LO), data privacy organisations, journalists' and editors' unions, national and international lawyers' groups and, most poignantly in a debate that often invokes the paedophile threat, the Ombudsman for children.
The second hurdle, should courage/folly have been secured, is to get the directive through Parliament (Stortinget). Without its two coalition partners, and with most other parties arguing against implementation, support is required from the main opposition party, Høyre. However, several of its regional entities are explicitly against the directive, leaving little support or chance for it ever to pass into law.
Hurdles aside, there is another outcome: the veto. Norway, Iceland, Switzerland and Liechtenstein (EFTA) have the right to veto EU directives. Although Norway has never used her right to veto, this could be the path of least resistance for the Government. Today, four years after the Data Retention Directive came into force, Greece, Sweden and Ireland have all been found guilty of failing to comply with European law as they have not yet implemented the directive.
After the successful first four European "freedoms" - the movement of goods, services, people and capital - it seems that information is next in line. It is a natural process in an economic and political union to harmonise legislation across borders to enable such freedoms. Schengen is one example; the euro another. The aim is to increase the "interoperability" between members of the union - to create a seamless integration between different systems. The system the European Union intends to harmonise this time, in an increasingly digitised existence, is our Social system.
History may not absolve Europe for implementing the Data Retention Directive.