By Tim Keller
Differences between the United States and Europe about privacy issues have been a problem for some time now. Recent events have brought those problems to a breaking point. There is a very real potential for harm to U.S. business if the problem is not resolved soon.
U.S. technology businesses are likely to be the most adversely effected. A study by The Information Technology & Innovation Foundation estimates that U.S. cloud services providers might lose as much as $35 Billion as a result of the NSA PRISM revelations. The development of a European search engine is already under discussion. Technology businesses would not be the only U.S. businesses facing new challenges. New restrictions on the transfer of data between the EU and the United States have already been proposed. Should that end the U.S.-EU Safe Harbor Program, U.S. businesses of all types will find working with their European affiliates increasingly difficult.
"New leadership is needed because government and the businesses most associated with privacy issues are simply not trusted.”
At the core, the problem is one of trust. Solving that problem will require new leadership and new approaches.
New leadership is needed because government and the businesses most associated with privacy issues are simply not trusted. They have not demonstrated to Europe that they are serious about protecting people’s privacy. The public in both Europe and the United States needs somewhere else to look for leadership.
To address this, the business community needs to get between the public and Google, Facebook and the other perceived bad actors with respect to privacy matters. Whether individually or as part of new coalitions, members of the business community can credibly call for effective privacy regulation if they separate themselves from those who might never be truly trusted by the public.
When they do speak on this issue, the voices of members of the business community need to be heard as the voices of individuals rather than entities – the voice of individuals concerned about their own privacy and the privacy their families, friends, co-workers and neighbors. Trust is built with a demonstrated understanding of the other party’s point of view. A CEO speaking to the public in the voice of an individual concerned about the privacy of the CEO’s family would be far more credible than the “we respect your privacy” statements made in the business’ privacy policies.
"New approaches are needed, because the approaches that have been taken by our government and the business community have not addressed the core issue of trust.”
New approaches are needed, because the approaches that have been taken by our government and the business community have not addressed the core issue of trust.
For example, the government’s stakeholder approach to developing privacy regulation is a failure. The outcome of the National Telecommunications and Information Administration mobile app transparency initiative is proof enough. All that the process produced was a set of voluntary guidelines and the majority of the participating stakeholders did not commit to comply with them.
In the short term, government adopting guidelines rather than regulations might be less expensive for business, but in the long term our customers are the arbiters of our success. The present situation in which U.S. business is threatened with the loss of markets in Europe is evidence of the risks of choosing short-term benefit over long term gain. Our advisors need to help us keep that in mind and our representatives need to act with that in mind.
"The present situation in which U.S. business is threatened with the loss of markets in Europe is evidence of the risks of choosing short-term benefit over long term gain.”
Finally, we need a discussion about the importance of trust to the economies of both Europe and the United States. There is a relationship between trust and economic success. Even if Europeans completely abandoned U.S. information technology, the economies of Europe and the United States would remain very much intertwined. A lack of trust will damage them both.
The NSA PRISM matter might be the latest inspiration for European doubts about U.S. privacy laws and practices, but those doubts have existed for a long time. We can see this as an opportunity to create a different kind of relationship that is founded on real trust. It is easier said than done, but it is absolutely necessary.
Timothy Keller is Partner at Lindquist & Vennum LLP and leads the firm’s Information Technology, Internet and Ecommerce practice. He provides legal counsel to clients on technology-related transactions and intellectual property matters. His clients include both emerging and established. Tim speaks and writes on technology-related legal matters and blogs about the legal issues arising in the Big Data technology world at www.bigdataandthelaw.com.
Tim has extensive experience in the information technology industries. Before joining Lindquist & Vennum, he served as general counsel for the Cray Supercomputer Division of Silicon Graphics, Inc., as senior division counsel of Silicon Graphics, Inc., and as technology counsel at Cray Research, Inc. His practice includes:
- Drafting and negotiating domestic and international agreements for the development, purchase, sale, license, certification, marketing and distribution of computer hardware, computer software and other technology products
- Assisting clients with the preparation and planning necessary for major software development and implementation projects
- Helping clients resolve disputes concerning unsuccessful software development and implementation projects
- Advising clients on outsourcing development and other functions to international affiliates and unaffiliated business partners
- Advising clients on open-source software issues
- Providing counsel regarding the identification, protection and commercial exploitation of technology assets
- Advising clients on the conduct of business over the Internet, including the preparation of hosting agreements, site-use terms and conditions, and other agreements and policies
- Drafting and negotiating domestic and international agreements for the license of technology and intellectual property rights
- Advising clients on U.S. and foreign laws regulating the international transfer of technology