TTIP Undermines Privacy

In September 2014 Atlantic-community.org asked us for our statement on the transatlantic trade agreement, TTIP. We wrote an article on TTIP and privacy, but to this day Atlantic-community.org have not published it. We are now documenting this article on our own website – in English and German.

Summary: (Artikel auf Deutsch) TTIP will lead to a loss of privacy standards and will undermine European privacy legislation. Privacy is not even a topic in the negotiations, while ignoring privacy is a billion-dollar business. TTIP is about making money without giving a dime for privacy.

Protest against TTIP

There is a lot of protest against TTIP and similar trade agreements in Germany and across Europe. October 11, 2014 was declared a “European Day of Action”, when protesters went out onto the streets and launched a petition that aims to collect at least one million signatures against TTIP. (You find the current signature count on the website Stop-TTIP.org.) While the most prominent issues in these protests might be the secrecy of negotiations and the intransparent, non-democratic and extra-judicial nature of investor-state dispute settlement (ISDS) schemes, there is also significant concern about threats to privacy and consumer and citizens’ rights. Safeguards on processing personal data are stronger in the European Union than in the USA. TTIP is about trade, and trading data is a very big business – as one can see with all the data that Google, Facebook and many others collect. They are profiling their users, professing that this would be for their best: their best search results, their best infotainment, best comfort, and, well, advertisements that fit their interests best. But nobody can know what these companies really do with the collected data. As there are companies officially selling profiles collected from sources like Facebook, chances are high that Facebook and Co. are selling raw data – if not the profiles themselves.

No informed consent

An obvious objection might be that users have agreed to their data being collected and analyzed. But users could only agree if they knew what is actually going on. Terms speak very vaguely of data being “collected”, “analyzed to best fit your needs” and “shared with partners”. Nobody knows what exactly is done with their data and who these partners are. So there is no way for users to give informed consent. This is underlined by the fact that lobbyists are attacking informed consent regulations in the European Union. But users cannot have sovereignty without an effective mechanism for informed consent.

Business with sensible data

These practices go against many Germans’ and Europeans’ sense of privacy. But the conflict goes further: In the USA, highly sensible data, e.g. about diseases or homosexuality, are collected without any consent from the persons concerned, and then sold by data brokers to the pharmacy industry, for example. This is a billion-dollar business which Americans are eager to bring to Europe. US citizens seem not to be bothered by this at all, as one can see by the Wikipedia article “Personal health record”. It describes threats like loss or theft of health records and such. But the fact that database owners may use health records for something completely different is not even mentioned in the article.

TTIP undermines European legislation

From what we gather about the ongoing negotiations, TTIP threatens to align privacy safeguards and thus undermine European legislation. The EU-Commission actually has no mandate to negotiate privacy standards. But the US already tried to raise current plans for a EU General Data Protection Regulation as part of their TTIP agenda. The regulation would establish a unified ruleset across Europe and impose heavy penalties on privacy violations. Not surprisingly, this has faced heavy lobbying from the US government, the US Chamber of Commerce, Google, Facebook and many others, and in the context of TTIP the regulation has been called a trade barrier. The TTIP draft explicitly talks about web hosting, data processing and data storage, data mining and territorially distributed computing. Other documents state that both the US Chamber of Commerce and companies want to make data communication part of the agreement. So TTIP is about making money without giving a dime for privacy.
Current practices can show us how low the standards might become. In the USA there are hardly any privacy regulations, which is why European companies cannot process personal data in the USA. But there is the so-called Safe Harbor Agreement, which allows US companies to process European personal data if they simply claim to follow European privacy laws. They do not have to prove this, nor is there any auditing. This harbor is anything but safe – it’s a sham.

Our data is not a commodity

There cannot be a fair trade agreement if profits for industry and trade are given priority over the common good. Civil rights, democratic processes, consumer protection, environmental conservation and privacy must be safeguarded and further developed. All these rights establish limits to unbounded commerce, and there is good reason to do so. We need international legal protections for these rights, not secretive backroom deals. TTIP takes away power from democratically elected governments and places jurisdiction in the hands of dubious arbitral tribunals, even though there are functioning legal systems in Germany, Europe and the USA that investors can turn to in cases of conflict. Privacy protection must be more important than investment protection. Privacy is a fundamental right, and our rights as well as our data are not commodities to be traded or negotiated.

Rena Tangens
Rena Tangens is a German privacy activist and Internet pioneer. She is a co-founder of German privacy and digital rights NGO Digitalcourage and is one of the brains behind the German Big Brother Awards.


We protect your privacy and basic rights. Support our work with a donation or become a sponsoring member.


Picture Rena Tanges: Fabian Kurz CC BY SA 3.0