Behind Edward Snowden’s revelations -which have once again highlighted the digital sovereignty issues- lies a strategy identified and explained by Mr Olivier Iteanu: the concept of Law Intelligence, which consists in using legal systems to exert one’s domination. The United States have been very effective in using that strategy through the Patriot Act, which enabled the NSA to collect user data directly from the providers.
Yet, as early as 1995, Europe had issued a directive concerning the protection of personal data. The American authorities had reacted with a self-regulation programme called “Safe Harbor”, whereby US companies participating in the programme could continue trading with Europe and hosting personal data of European citizens. Mr Iteanu further explains: “The Big Four indeed participated in that programme, but they did the same with PRISM…”
Digital sovereignty: owned by the State or the citizens?
The round table highlighted two opposing definitions of sovereignty: the dictionary’s version, defining it as the “supreme power recognised to the State, which implies its exclusive competence over the national territory and its absolute independence in international affairs, where its only limits are its own commitments”, and that of Marc Mossé, head of Legal & Public Affairs at Microsoft France, who defines the specific digital sovereignty as “the protection of individuals’ rights”. “I don’t think sovereignty stops at borders. Individuals should have the right to make their own decisions, in particular regarding how they treat their data. ” Further, Pierre Bellanger, founder and CEO of Skyrock, considers that all individual sovereignties should work together “to create a sovereignty around a State, because power is in numbers. ”
Digital sovereignty does not imply withdrawing into oneself.
For Pierre Bellanger, digital sovereignty is “not about nationalism. There is no withdrawal or isolation agenda. […] Sovereignty and freedom are synonyms.” “Neither is it a movement against the Internet.” This medium is indeed “the most powerful lever of wealth generation and of emancipation.” But should it be at the cost of our freedom? ”
However, this latter consideration should be nuanced: “In 2012, the US Congress prevented two Chinese equipment manufacturers from accessing the market,” recalls Olivier Iteanu. “So, ‘No withdrawal into ourselves‘ does not always means ‘Being totally open‘…”
How can we protect individuals’ rights in the field of digital data?
The panellists are unanimous: the legal approach should be used. “One thing liberalism does not take into account is asymmetry: the legislation alone, and not contracts, will solve the problem,” adds Pierre Bellanger. Marc Mossé confirms: “Indeed, we must use the law. For instance through international treaties. The law should be clear and easy to implement by providers.”
Olivier Iteanu recalls the key role of jurisdictions: “The only people capable of stopping the Big Four are the judges.” Marc Mossé confirms: “The US Supreme Court has awarded the 4th Amendment’s protection to data stored in smartphones, but such provision is rather intended to the Cloud.”
Regarding the issue of extraterritoriality, Pierre Bellanger reminds the audience that the law describes the concept of a virtual stable site, which in fact consists in legally setting the server’s location on the territory and perfectly complements a future law that will oblige all servers collecting, processing and storing personal data of European citizens to be located in Europe.
- EncroChat: Deciphering of the End-to-End Encryption Service Used by Criminals Cybercrime
- Preserving Digital Footprints and Cyber Resilience: Training the Swiss Police Cybercrime
- Ransomware in Six Questions (by the Ministerial Delegation to the Security Industries and the Fight Against Cyberthreats, French Ministry of the Interior) Cybercrime