Political leaders in Europe have not been shy in expressing their anger about recent revelations about the United States spying on the EU. Germany’s justice minister has said that the United States’ expansive spying programs -- the United States is alleged to have spied not only on the electronic communications of European citizens, but on the EU embassy in Washington, D.C., and the Brussels headquarters of the European Council, where European states make the key decisions that guide European politics -- remind of “the methods of our foes during the Cold War.” France’s justice minister has described it as “an act of unqualified hostility,” while its foreign minister has demanded an explanation, saying that U.S. espionage is “completely unacceptable.”

These reactions cannot be dismissed with the clichéd response that Europeans are unreasonably obsessed with privacy. In truth, there is a long-running battle within Europe between politicians and officials who want to promote security and those who seek to secure privacy. For the last several years, those interested in promoting intelligence sharing with the United States have been winning. If European governments now decide to curtail that cooperation -- a decision that seems increasingly likely -- Washington will have only itself to blame. 

It is true that European privacy law led in the past to tensions with the United States, which cared more about security than foreigners’ civil rights. The United States secretly required SWIFT, a Europe-based financial services consortium, to break European law by providing information for the Terrorist Financing Tracking Program (TFTP). This led to a major political row when it was revealed by The New York Times. U.S. requirements that foreign airlines provide data on passengers flying to the United States similarly provoked controversy, and difficult negotiations over a period of years. 

But old battles over privacy have recently given way to close cooperation on intelligence and counterterrorism. Over the last few years, the United States and the EU began sharing an unprecedented amount of data about their citizens. The European Parliament has accepted deals on sharing financial and airline passenger information. Most recently, the United States quietly negotiated a carve-out from forthcoming EU privacy legislation. This exception would have allowed U.S. information companies to provide information collected in Europe to U.S. agencies without breaking EU law. U.S. officials, including Homeland Security Secretary Janet Napolitano and John Kerry’s brother Cameron Kerry, lobbied extensively to get this carve-out passed by Brussels. 

This relationship came about as a result of a cultural shift in European security policy. Transatlantic controversies from 2002 to 2004, over airline passenger data, and from 2006 on, over the U.S. TFTP, led to intense negotiations between the EU and the United States. Privacy advocates were sidelined from these negotiations, which were rapidly dominated by security officials on both sides of the Atlantic. These security officials developed a thick web of diplomatic channels, including working groups and other semiformal contacts, to smooth over their different regulatory approaches.

This has not only transformed relations between European and American officials but has given new clout to European security officials, who always preferred the American approach to their own. These officials have used transatlantic cooperation to help them remake Europe’s internal rules. They have succeeded in winning over the European Parliament, which was once an obdurate opponent of transatlantic information-sharing. In 2010, the European Parliament, which once saw the U.S. TFTP as a breach of fundamental human rights, reversed course completely. It not only agreed to a new EU–U.S. deal but pushed the EU to build a TFTP of its own.

This quiet transatlantic partnership on counterterrorism policy helps explain why senior European officials were not truly outraged by the U.S. government’s PRISM program. Security officials, based in justice and home affairs ministries, and in the intelligence services, had mostly won their internal battle with privacy advocates. Senior officials still thought it necessary to make public noises about privacy, but did not view the U.S. program as a serious problem. Indeed, German Chancellor Angela Merkel criticized President Barack Obama during his visit to Germany but also seemed to suggest that the PRISM program would not seriously disrupt relations.

But when leaked documents revealed that the United States was also spying on EU officials -- on matters entirely unrelated to terrorism -- Europe's political pendulum swung back in favor of privacy advocates. This spying has no possible benefits for European citizens, and is politically highly offensive. Indeed, the Council of Ministers building is a symbolic cornerstone of the European Union. Greens and libertarians in the European Parliament, who have long been vocal opponents of U.S.-based surveillance, are now demanding that the EU tear up its existing agreements on information-sharing with the United States. The chairman of Germany’s main opposition party has suggested that Edward Snowden could qualify for witness protection under German law. 

Moreover, European security officials have been put on the defensive. The centrists who argued that Europeans could trust the United States to respect their privacy have been hung out to dry, with the revelation that their own colleagues were in the crosshairs of the National Security Agency (NSA). Now conservatives and socialists are joining the Greens and libertarians, calling for the removal of the U.S. carve-out. The European Parliament has passed a non-binding resolution to block cooperation on data-sharing with the United States, while the European Commission is investigating whether the United States has broken the law.

The controversy will have economic repercussions for the United States, as well. Some EU economic officials have called for the pending trade talks between the United States and the EU to be suspended. But the more credible threat comes from domestic European officials, not international negotiators. Each European state has an independent privacy commissioner with the power to investigate privacy breaches and levy fines. The EU’s new privacy laws could increase these fines to a maximum of two percent of corporations’ worldwide annual revenue. The new revelations will likely embolden privacy commissioners to wield their full enforcement powers against U.S. firms -- including the major Internet companies alleged to be cooperating with the NSA. If they are found to have broken European privacy law, they may soon face the unappealing choice of refusing to cooperate with the NSA or paying massive financial penalties to European authorities.

If the United States wants to tamp down this controversy, it must recognize that, for Europeans, privacy is political. It will need to institute its own system of credible and independent privacy oversight and integrate it with existing transatlantic security arrangements. Doing that would allow the United States to rebuild relations with its friends and allay the suspicions of its skeptics.

The U.S. government already has a Privacy and Civil Liberties Oversight Board, but it is toothless and rightly ignored. A truly independent board with investigative powers, public reporting requirements, and strong international relationships would reassure both Europeans and Americans. Homeland security went international a long time ago. It’s time that oversight caught up.

You are reading a free article.

Subscribe to Foreign Affairs to get unlimited access.

  • Paywall-free reading of new articles and a century of archives
  • Unlock access to iOS/Android apps to save editions for offline reading
  • Six issues a year in print, online, and audio editions
Subscribe Now