When it comes to online privacy, it seems that the only ones to care about it are the actual users and activists groups, while the governments of the world appear to be keen to undermine it in any way they can.
While in the United States things are rather clear as to the government’s position towards online privacy since it does next to nothing to limit the NSA’s mass surveillance capabilities, in the European Union things are a bit different and the international body is trying to set a trend about how each member state regards basic human rights, including those in the online realm.
Following a previous decision taken by the European Union, countries across the continent are starting to abolish bills that have been rightfully called “Big Brother laws” – those that allow governments to order telcos to collect and store online data with few to no limitations for a set time period. The trove of information is then made available to the authorities when they request it.
Romania is one of the most recent countries to make a move against such laws after the Constitutional Court found the Big Brother law to be unconstitutional.
Softpedia talked about this and the way this all fits in the international discussion about online privacy with Ioana Avădani, the executive director of the Center for Independent Journalism in Romania, an NGO that has been fighting against the Big Brother law, as well as the government’s desire to have pre-paid phone users give out their identities.
Softpedia: The Center for Independent Journalism has been one of the main bodies to oppose several laws that affect people’s privacy in Romania. One of these is the one that forces users to register their prepaid cards with a valid name and ID number, which they claim is important for national security reasons. Why is it important for the law to be deemed unconstitutional?
Ioana Avădani: The current draft is a follow-up to the previous Romanian legislation that rules the so-called “traffic data retention” (better known as the Big Brother Law). The whole body of legal texts is actually the transposition of the European Directive to the same avail – and it is bearing the same original sin: does not discriminate between wrongdoers and the rest of citizens. In essence, the communication operators were held by the law to save and preserve for 6 months the traffic data of all and every electronic communication going through their systems so that the law enforcement agencies can track down any activity related to law infringement.
Basically, all users of any electronic communication (e-mail, mobile phones, texting) were treated as potential criminals, having their traffic monitored. In addition to this, all users could be traced and located exactly via the data of their communication, which constitutes a violation of privacy. Both privacy and the presumption of innocence are basic human rights, provided by the Constitution. Therefore, their violation has to be deemed as unconstitutional.
The very Directive this Romanian law transpose has been found in violation of the privacy by the European Union Court of Justice. Also, the Big Brother law was ruled unconstitutional by the Romanian Constitutional Court on July 8.
Is the Romanian government starting to use the term “national security” as loosely as the NSA in this particular instance?
It is more like an international trend and the Romanian authorities are no exception. We are still paying the price of the terrorist attacks at the beginning of 2000s – and we pay it with our freedom. Noteworthy, the provisions of the Big Brother law expands the use of the traffic data to the so-called “serious crimes” (exceeding the field of national security).
According to the law, the data can be accessed by law enforcement agents not only in cases of crimes against state security, but also in cases dealing with infanticide, rape, escape, assault, destruction of goods and offending a public officer. As one can see, much broader than state security.
Another issue that you’re opposing relates to the open WiFi networks available throughout the country where users will have to provide their identity in order to be able to connect to them. How will this affect users, aside from the obvious added steps?
As described above, it is a matter of privacy. Nobody should keep records of where a person has been and when they logged in. Especially for free and public networks.
The Constitutional Court in Romania finally decided to fall in line with the European Union and has marked the so-called “Big Brother” law as unconstitutional, a success for privacy advocates everywhere. What is your opinion on the issue?
It is for the second time when such a law is declared unconstitutional – and we have to wait for the ruling of the Court to see the grounds of this latest decision. As I mentioned before, the law is a transposition of a European Directive. Romania was caught between a rock and a hard place: adopt a legislation that was against its own Constitutional provisions or infringe the EU rules, refuse to transpose a Directive and be fiend for this.
The Romanian Government decided to adopt the law – without trying very hard to provide the guarantees for the privacy of its citizens. For example, Germany refused to transpose the Directive and challenged it. The recent decision of the European Union Court of Justice solves this dilemma and puts the pressure on the European Commission and the European Parliament to amend the Directive.
Online privacy is one of the hottest topics in the world following the NSA leaks and yet the Romanian government seems to completely ignore this and keeps trying to push laws affecting online users. Is this a matter of ignorance or what may be the catalyst behind these increased efforts to kill online anonymity?
I think it is a combination of factors. One of them is the still powerful culture of secrecy and control in Romania. Over the last 25 years, a lot has been done at legislative level on this, but the practice has always lagged behind. The last years (especially from the Wikileaks scandal on) witnessed more intense efforts to protect the secrecy of the public authorities and figures and impose stronger control over the citizens (who may “misbehave”).
This is something that Romanian institutional culture understands and likes and practices. I would say that we can see the increasing influence of the law enforcement and intelligence services over the Romanian legislation and norms.
Another important factor is, in my opinion, the lack of understanding of how the Internet works displayed by many lawmakers. Otherwise, it is very difficult to understand how they approve measures that are clearly not applicable and even practically impossible.
One mention here: most of these decisions have been taken without a serious, consistent consultation of the expertise groups, professionals and civil society – actors that could bring value to the discussion and decision. Once again, “national security” seems to not imply any “national” consultation – but just the ”security” actors.
A third potential factor, and here I speculate, as I don’t have proof on this, is the economic potential of such measures. They involve huge investments in equipment, storage units, security measures. Somebody will definitely benefit from these investments – and somebody else will have to pay. In the case of the private entities, we know for a fact that this type of investment will be paid by us, the users, as it will be reflected in our bills. For the public expenses, the less we know, the more we can suspect.
A couple of weeks ago, Romania appeared for the first time on NSA’s list of targets, among all other countries in the world, sans four. There has been no official position from the government or the local Intelligence services. Why is that?
It appears that national security is not about us, the people. These are issues that, apparently, we should not know or care about. And this gets us back to the culture of secrecy, the culture of “Government knows better.” Isn’t it ironic that we start to miss the good old “We have everything under control” messages from yore…