Today I learned that the EU is postponing the introduction of new privacy regulations that would make our on-line lives a bit less hostile than is currently the case. They claim to need more time, but yesterday a letter from a group of lobbyist organizations was made public that puts pressure on the European leaders to lessen regulatory pressure on companies operating in the EU. To me, the timing of the delay is therefore suspicious. It seems the common citizen has no say over his digital fate, and if businesses are concerned, they should have none whatsoever. Current regulations are not enacted because companies chose to do business from small countries within the EU, like for example Luxembourg. Within the EU Luxembourg has little impact on the EU as a whole in terms of decision power, but they need big businesses for the tax income that it will generate, so they do little to stop these practices. Thus countries like Luxembourg act as a safe haven for big businesses that want to violate our privacy.
For instance: many companies operating online gaming services like EA, Microsoft and Sony operate their gaming services from a Luxembourg S.A.R.L. that will make it hard for citizens to enact privacy related rights. Access to the Luxembourg courts to enforce such rights is unfamiliar and expensive, leaving these companies to more or less do as they seem fit. Recently the Dutch pricavcy watchdog, College Bescherming Persoonsgegevens (CBP) came to the conclusion that the Netflix service recently introduced in the dutch market is violating the Dutch interpretation of the EU privacy directive, but found that they could not start litigation because it deemed that it did not have the jurisdiction to do so. Netflix also operates from Luxembourg. In a press release the CBP explained that people have to file a suit themselves if they felt that they deserved to be protected. It is left up to the citizens to protect themselves.
Why does this matter? Because your every move is being tracked, all the time. It’s not only used for ‘good’ purposes such as improving targeted ads. (Which in itself I think are a bad practice, but within the spectrum of possible things that can be done with the data, it is actually quite benign)
Besides intelligence services like the DGSE/I: probably the European champion eavesdropping and the NSA: uncontested worldwide champion evesdropping, other people will be able to follow your moves. Criminal hacking is very much on the rise, and it is not unthinkable that skip tracers will hack themselves into your digital life if they feel that they need to. For every good use of the data, there’s also a malevolent one.
Businesses want to increase revenue, but at a cost that I think is too high. There’s no way to escape the traps that are set up to strip you of your privacy if there are no proper safeguards. I feel that all data gathering should be on an opt-in basis, after explicit consent. This would enable real freedom of choice, not just the illusion of freedom in a confederation that is systematically trapping its citizens in cooperation with the big businesses that operate in its territory by so called public-private partnerships, which usually boil down to governments relegating government tasks to businesses though laws and contracts. In itself PPP’s are not a bad thing, but the way they are employed in Europe is a Very Bad Thing indeed. (Think of the data retention laws if you need an example)