On March 21st, the Netherlands is holding a referendum on new internet regulation that would enable the ‘secret services’ to monitor citizens and organizations. The regulation allows for bulk interception that might lead to the detection of suspect or criminal activities. Currently, army and police institutions are already permitted to search for specific data and demand cooperation from corporations or social media. The new regulation is framed in the media as a ‘dragnet’ and that metaphor rightly addresses the change from specific data searches to bulk interception: from the monitoring of whole neighborhoods to the systematic surveillance of whole networks of friends and colleagues. There are safety arguments in favor and privacy arguments against the regulation.
There is much to do about internet regulation in the EU. In the UK and France, the police and military are already allowed to intercept data on a mass scale. At the same time, the EU is establishing new regulation to protect citizens against data analysis of corporations. May 25th will see the implementation of the GDPR (General Data Protection Regulation), a regulation that requires corporations to stop collecting personal data without approval. This regulation prompts corporations to save and analyze data in an anonymous way. Hence, many corporations have to start isolating those parts of data bundles that are not relatable to a specific person.
There is a growing awareness of the data tracks people leave on the web. The question is whether citizens are willing to accept the control of governments, serving partly to protect them against others with ignoble intentions, partly against the power of large data companies, vividly depicted in the novel The Circle. The moral dilemma is the trade-off between safety and privacy. The practical question regarding safety policy remains whether bulk scale ‘data mining’ will really aid us in finding suspect people and organizations.