This morning’s news that the Court of Justice of the European Union has declared the Data Retention Directive to be invalid has been greeted with joy amongst privacy advocates. It’s a big win for privacy – though far from a knockout blow to the supporters of mass surveillance – and one that should be taken very seriously indeed. As Glyn Moody put it in his excellent analysis:
“…this is a massively important ruling. It not only says that the EU’s Data Retention Directive is illegal, but that it always was from the moment it was passed. It criticises it on multiple grounds that will make it much harder to frame a replacement. That probably won’t be impossible, but it will be circumscribed in all sorts of good ways that will help to remove some of its worst elements.”
I’m not going to attempt a detailed legal analysis here – others far more expert than me have already begun the process. These are some of the best that I have seen so far:
Daithí Mac Síthigh: http://www.lexferenda.com/08042014/2285/
The full impact of the ruling won’t become clear for some time, I suspect – and already some within the European Commission seems to be somewhat in panic mode, looking around for ways to underplay the ruling and limit the damage to their plans for more and more surveillance and data retention. Things are likely to remain in flux for some time – but there are some key things to take from this already.
The most important of these is that privacy is worth fighting for – and that when we fight for privacy, we can win, despite what may seem overwhelming odds and supremely powerful and well-resourced opponents. This particular fight exemplifies the problems faced – but also the way that they can and are being overcome. It was brought by an alliance of digital rights activists – most notably Digital Rights Ireland – and has taken a huge amount of time and energy. It is, as reported in the Irish Times by the excellent Karlin Lillington, a ‘true David versus Goliath victory‘. It is a victory for the small people, the ordinary people – for all of us – and one from which we should take great heart.
Privacy often seems as though it is dead, or at the very least dying. Each revelation from Edward Snowden seems to demonstrate that every one of our movements is being watched at all times. Each new technological development seems to have privacy implications, and the developers of the technology often seem blissfully unaware of those implications until it’s almost too late. Each new government seems to embrace surveillance and see it as a solution to all kinds of problems, from fighting terrorism to rooting out paedophiles, from combatting the ‘evil’ of music and movie piracy to protecting children from cyberbullies or online pornography, regardless of the evidence that it really doesn’t work very well in those terms, if at all. Seeing it in that way, however, misses the other side of the equation – that more and more people are coming to understand that privacy matters, and are willing to take up the fight for privacy. Some times those fights are doomed to failure – but sometimes, as with today’s ruling over data retention, they can succeed. We need to keep fighting.