Brad Smith, President of Microsoft, held up in one hand the first Microsoft laptop from 1986, complete with floppy disk. In the other he held the latest Microsoft Surface tablet. “We are using antiquated laws to tackle modern-day problems. We need to modernize.” And so he presented the problem the technology sector and global policy makers are currently faced with: using technology laws from 1986, to manage the Internet and data protection now, in 2016.

Advancing technology vs. preserving fundamental rights

Carnegie Europe’s conference on Monday entitled “Digital values: Advancing Technology, Preserving Fundamental Rights” brought together leaders from the technology industry, lobbyists, civil society, and academic experts to discuss how to strike a balance between advancing technology and preserving fundamental rights.

The Microsoft case against the US with regards to their data centres in Ireland last September opened up a fierce debate. The question of whether a US search warrant is valid to obtain data stored on servers in Ireland concerning Irish citizens seems to be a simple one to answer: no. However, the Microsoft Corporation v. United States of America Case has thus far seen the US district court ruling in favour of Microsoft handing over the information in the emails the warrant was concerned with.

The Irish government filed an amicus brief in support of Microsoft, stating that the emails should only be released on request by the Irish government, as they directly concern Irish citizens. Microsoft sees it as necessary to protect the rights of their consumers to privacy, despite being a US-based corporation that falls under US jurisdiction. To date over 28 companies have signed in support of Microsoft’s case.

Loss of trust

With the Microsoft vs. US case, as well as the Snowden revelations, there has been a loss of trust in transatlantic data flows. Not only that, but European citizens have lost their fundamental rights when it comes to protecting their data and privacy. The scrapping of the Safe Harbour agreement in 2015 has for the time being left Europeans with no clear privacy protection with regards to transatlantic data flows: the original agreement between the EC and the US protected EU citizens’ data if transferred by American companies to the US, but, following the Snowden revelations, the European Court of Justice declared it invalid in October 2015.

What was made clear on Monday was that there is still a long way to go with regards to reaching a new EU-US agreement. As Constance Bommelaer, Senior Director of Global Internet Policy at the Internet Society stated, “The conception here in Europe of what private data is, is different to the US conception.” In turn, this is making negotiations for a new policy agreement difficult.

The importance of new Internet laws

The difficulty expressed at the conference was that of reaching an equilibrium between preserving fundamental rights, whilst allowing technology to advance and markets to remain open. “There cannot be national security without cyber security” said Smith, “and we need an Internet that is governed by law. Technology needs to advance, but timeless values need to endure.” Achieving this balance, as well as that between respect for national sovereignty and open markets, national security and privacy, and data confidentiality and data transfers is the hard task European and US policy makers are currently faced with. Věra Jourová, Commissioner for Justice, Consumers, and Gender Equality at the European Commission said that new legislation will ensure that “necessity and proportionality principles will be applied when companies request data,” as well as there being “effective judicial control of national security access to data.”

Social values translated into policy

According to Brad Smith, the fundamental values that need to be translated into legislation rest on four pillars: privacy, security, transparency, and compliance. “Europeans cannot lose their fundamental rights just because someone has decided to move their data,” said the tech President. Technology challenges for 2016 will be the implementation of the digital single market strategy in Europe, adopted in May 2015, as well as the negotiation for new multilateral agreements between the US and the EU, which will protect European citizens’ fundamental right to privacy and control over their data.

Expert Analysis

Global think tanks such as Carnegie have been analysing the issues at hand. The recent publication by visiting Carnegie Europe scholar Sinan Ülgen entitled “Governing Cyberspace: A road map for transatlantic leadership” contains recommendations on how Washington and Brussels should proceed. As the situation stands currently, he states that there is “weak international governance of cyberspace”, and “the United States and the European Union should forge a joint policy vision”, in order to adequately manage the transition phase we are currently living in the aftermath of the digital revolution. A revolution that has “given governments an unalloyed ability to carry out mass surveillance…[which] can be used to constrain democratic freedoms.”

Ülgen states in his work that new cyberspace policy should include the development of norms regulating government-industry collaboration on mass data collection and retrieval, the creation of a multilateral instrument that would prevent cybercrime, as well as efforts to codify norms governing the export of surveillance technologies, and the introduction of penalties in international trade law for economic cyber espionage.

With the speed at which technological progress is moving, legislation will never be able to follow at an equal pace. The need to protect our fundamental rights and create a legal framework for the Internet that reflects our values in this digital age is clear. However, striking the balance between national security, in the post-Paris and Istanbul attacks era, and the rights of citizens and consumers remains stuck in a no-man’s land. For now preserving fundamental rights in the digital age remains solely a debate. To be a citizen of a nation, or a citizen of the Internet?

Photo Credits: Getty Images/Carnegie Europe