One year after Snowden: Where are we now?
It’s now a year since Edward Snowden went public with evidence of mass surveillance and extensive abuses by the NSA, GCHQ and other intelligence agencies. What has changed since then? A global study published today examines responses by governments, parliaments, media and others, finding that “The overwhelming majority of countries have not responded in any positive, measurable way to the Snowden disclosures”.
Digital Rights Ireland contributed the Irish section of the report where, unfortunately, the same is true. Incredibly, we found that the only concrete action taken by the Irish government has been a promise to the United States to take every step possible to extradite Snowden should he land here.
In the Irish section of the report, we reached the following, worrying, conclusions:
While there has been extensive media coverage, there has been no concrete action by the Irish government or parliament to investigate the abuses and the Data Protection Commissioner has refused to examine disclosure of information by Facebook under the PRISM programme. Instead, the government has agreed to assist the US government in the extradition of Mr. Snowden. The response of the Irish government has been marked by an unwillingness to stand up to the United States, rather than any desire to protect the privacy of Irish citizens.
Government and parliamentary action
The Irish government has made only token protest to the US and has not investigated possible breaches of Irish law. As summarised by the political correspondent of the Irish Times:
It is beyond dispute that the Coalition is collectively reluctant to shout or complain too loudly or make any probative inquiries as to whether the bugging and covert surveillance that has occurred in Germany, France and elsewhere has happened in Ireland.
Individual opposition and backbench TDs have raised the issue, but the Oireachtas has not held any formal inquiry, debate or vote prompted by the Snowden revelations.
For the most part Irish media coverage has been confined to reporting and commenting on material revealed elsewhere. There does not appear to have been any investigative journalism considering, for example, the possible involvement of Irish authorities, the role of subsidiaries of US firms or the way in which Irish undersea cables have been tapped. With some honourable exceptions, there has been relatively little media interest even examining the response of the Irish government.
There have been no large scale demonstrations or online campaigns against US surveillance.
Cases before courts and other authorities
Following the Snowden revelations Max Schrems of Europe v. Facebook made a complaint to the Data Protection Commissioner regarding Facebook’s involvement in the PRISM programme. He sought an investigation into how US authorities were accessing personal data transferred from Facebook-Ireland to Facebook Inc. in the US. The Data Protection Commissioner refused to carry out an investigation on the basis that the European Commission’s “Safe Harbour” decision prevented him from examining the actions of US authorities in relation to data transferred under Safe Harbour. Mr. Schrems brought a judicial review against that refusal, and a decision is now pending from the High Court. Whatever the outcome of that decision, the case highlights an important gap in European practice, which currently does not seem to have an effective mechanism to examine abuse of European citizens’ data when transferred abroad.
There has not been any formal response by any of the professional bodies (such as those representing lawyers and doctors) which one might expect to safeguard the privacy of communications.
There is still nothing on the table prompted by the Snowden revelations; however a number of domestic factors including the GSOC bugging scandal, recording of phone calls to Garda stations and the success of Digital Rights Ireland in challenging the Data Retention Directive may collectively help in seeking reform of national law.
Ultimately, the Snowden revelations mean that there is no longer the excuse of ignorance. While the Irish government has failed in its duty to act, with your support we will continue to push for greater protection of privacy online.