Last week, I suggested that most commentators were misinterpreting a speech John Brennan made, assuming he intended to implicate just encryption and Edward Snowden in the Paris attack. Given that he repeatedly invoked changes the Europeans have to make, I think he was also complaining about European efforts to reclaim some data (or Internet software) sovereignty, with the effect that US counterterrorism programs are not as comprehensive. For example, to the extent terrorists use non-US based Internet services, they will elude PRISM, with its easy access to metadata and often content. In the wake of the Paris attack, Berlin-based Telegram shut down a bunch of channels ISIS was using, which suggests that may have been what Brennan was complaining about.
Yet that highlights a key issue: before the Snowden revelations, the US (with the UK and other Five Eyes members) largely could claim to exercise counterterrorism hegemony, in part because of our preferential position on the global telecommunications fiber network, in part because our tech companies served much of the world, and in part because many of our allies preferred to have us do the job. Some of the Snowden revelations — and the German investigation into BND’s partnership with NSA — have shown the cost of that: that the US gets European spooks’ help to spy on European targets of interest solely to the US.
It’s probably most effective to have one hegemonic dragnet, but it’s not clear whether it’s healthy (and now that US hegemony is beginning to crack, the dragnet will likely become less effective).
Given the comments of French Finance Minister Sapin today, US dragnet hegemony will continue to crumble. Along with a call to change certain laws on asset seizures and pre-paid bank cards, Sapin called for Europe to develop its own capability to access and analyze SWIFT data.
Sapin said that the SWIFT system had two computer servers, one in Europe and one in the United States, but that Europe currently relied on U.S. authorities to collect and analyze the vast amounts of data flowing through it to detect security issues.
“We Europeans don’t have the capacity to exploit our own data. I don’t think this can carry on this way,” Sapin told a news conference. “Since we do not have the means to analyze the data located in Europe, we transfer all of this data to the Americans, who have the capacity to analyze it.”
As a reminder, access to SWIFT — Society for Worldwide Interbank Financial Telecommunication, the international bank transfer system through which most international transactions take place — has been a contentious issue for some time. Europe tried to demand more equitable access in 2009-2010 when one of the servers for the system got moved to Brussels, only to find the US was cheating on the spirit of the agreement in 2011. What Sapin describes — Europe just sending all its data to the US in bulk — is what came out of that effort to reclaim some control over the data. In the last few years, it has become clear how US control of SWIFT makes it easier to dictate policy, especially regarding sanctions, to allies (I suspect, too, it has been used to collect embarrassing details about EU elite ties to unsavory characters, like Qaddafi). Obviously, having exclusive access to records of who is transferring money to whom can be incredibly valuable for the US, in ways that go well beyond terrorism.
From his comments, it’s unclear whether Sapin says Europe doesn’t have the technical capability or bureaucratic/legal authority to access and analyze this data. Given his explicit comment that the Paris terrorists used pre-paid bank cards to plan their attack (which would probably be adequate to transfer money between Belgium and France), it’s also not clear that the attackers used international transfers that would have shown up on SWIFT. But he’s going to use this opportunity to demand equitable access to the data.
The US would surely love to maintain a monopoly on omniscience. In the name of counterterrorism efficacy, they might be able to make an argument to do so. But either because they’ve already lost that omniscience — or because their dragnet failed to keep France safe — they’re likely to continue to lose that monopoly. It’s not clear that has any benefit for privacy (redundant dragnets are more invasive than single ones). It will likely have consequences for US hegemony more generally.