The international order based on the Peace of Westphalia continues to yield to the pressures of a resurgent polycentricity of international powers described by the idea of Neo-Medievalism. However, the ubiquitous role of information technologies makes us wonder whether even this notion is not now obsolete and does not require to match the new interaction between public and private subjects. The East has already chosen. The opinion of Andrea Monti – Professor of Digital Law in the Degree Course in Digital Marketing – University of Chieti-Pescara – Initially published in Italian by Formiche.net
Meta’s official statement in which the company claims to have -verbatin- never threatened to leave Europe because of the EU policies on personal data protection raises once again the general theme of the power relationship between multinational structures, sovereign states and political alliances. There is, however, a further element that concerns national security: access to the enormous wealth of information accumulated by Big Tech.
Indeed, some analysts begin to say more and more explicitly that these information can no longer stay only in the hands of private entities. This claim deserves further analysis, considering that China, very pragmatically, has already solved and overcome the problem. The laws on national security and personal data protection allow Beijing to access everything that flows on its network directly. It is (for now) the final part of a process started in 1998. It started with the construction of the Great Firewall of China and went on over the years implementing technologies for data collection, including biometric data in the private sector.
Accessing Big Tech-held data
From the Western point of view, access to data collected by Big Tech is now an area of open conflict between the EU and the US. The Austrian national data protection authority and a German court have fired the first blows at Google. These are the first applications of the judgment of the EU Court of Justice known as “Schrems II“, in which the European judges have stigmatized – precisely – the risk that data collected by Big Tech within the EU and transferred to the US become available to the US security apparatus. The American Constitution is indeed very advanced in terms of the protection of rights. However, it is good to remember that, as in every country and net of international conventions, fundamental rights are guaranteed to citizens, not to the person as such. It means, in other words, that the data of the EU citizens could be treated with lesser guarantees since they belong to aliens.
The European attack on the commercial policies of Big Tech
The European decisions have concerned two specific services provided by Google, but the law principles have a general scope. Nothing prevents them from being applied to all services that export data to the US offered by Big Tech within the EU. Cloud, software platforms for everything-as-a-service, applications and hardware that necessarily work with an account attributed by the owner of the operating system… all this, as the Adobe-Venezuela dossier teaches us, is not political fiction. So, we are in front of a clear political signal sent overseas on the need to review the commercial policies of US technology companies.
It is clear that if other national data protection authorities and other courts were to take the path opened by the forerunners, an American reaction could only be to abandon the EU as a last resort. This choice would have consequences comparable to those caused by the energy crisis. Entire industrial and institutional sectors -not to mention people- would suddenly find themselves isolated from the rest of the western world.
The implications of the Meta case
In this perspective, the statement contained in the report Meta filed with the US SEC takes on a much deeper meaning than the simple highlighting of a regulatory criticality that has emerged in European jurisdictions. The subsequent public announcement with which the company clarified that it had never “threatened” to leave the EU is a public relation choice not significantly different from international diplomacy.
Likewise, the mechanism used by the company -sending a cryptic but explicit message, evaluating the effect and then adapting to the consequences- is very similar to that used in foreign policy based on clockwork leaks, functional to support the need for an intervention or, on the contrary, that of inertia but without adopting a formally rigid position.
Finally, even the justifications for Europe’s “notice of abandonment” contained in Meta’s official statement follow the same logic of applying international sanctions: we are sorry to be forced to intervene, we are not the bad guys; it is somebody elses’s fault if we have to act in this way.
It is not essential whether the contents of the report submitted to the SEC and the subsequent statements were or were not the result of a public relations plan aimed at beating the bushes without making any direct request to the EU Commission and national authorities of the Member States. Be as it may, it is what happened. On the old side of the Atlantic, everyone is now wondering whether or not to reconsider the EU policies on data processing.
The Birth of Technoneomedievalism
Although, as Realpolitik teaches, in their dramatic nature, these dynamics are an established model of operation in international relations between sovereign states, in the case that interests us, the disruptive element is that none of the interlocutors is. Not Meta, a multinational, not the EU, which – unfortunately – has not yet completed the process of political and legal transformation towards independent sovereignty.
This dossier only confirms the terminal crisis of the concept of the post-Westphalian nation-state in favour of a system based on the polycentricity of powers that no longer reside solely in the hands of sovereign states.
In the study of international relations, this opinion has been consolidated for some time now under the label ‘Neo-medievalism’, i.e. that condition characteristic of the Middle Ages, when there were no absolute powers. Not even the Holy Roman Emperor could define himself as superior non recognoscens. Even the Pope had to accept the utrumque jus that represented the political synthesis of a logical-juridical contradiction: the existence of two universal juridical orders.
The concept of Neomedievalism has an undoubted heuristic value. However, today, in the light of economic and industrial developments, perhaps it would be more appropriate to speak of Techno-neomedievalism.
Technoneomedievalism is cacophonous, but it accurately describes state of the art. Even though two actors -a company and a group of states associated in a system of international treaties- are devoid of political subjectivity, they exert a conditioning power on each other’s choices and on those of subjects (citizens of other states, institutions and companies) who are foreign to them.
Indeed, to be precise, Meta opposes industrial needs to those of decision-making autonomy of the EU. While the EU, in turn, and using the Trojan Horse of fundamental rights, seeks to obtain a role of equal interlocutor with the US by conditioning the Big Tech sector, which is fundamental to US foreign policy. More than the weapon industry, the ICT sector guarantees direct control over a given country’s administrative, productive, and social life. Limiting it – as France and Germany have done – is not only a way to preserve economic and productive resources within the Union but, above all, it serves to loosen the grip of the US on the vital ganglia of a State.
Data protection as an instrument of political confrontation for the leadership between EU and USA
If this reading were correct, it would be yet another demonstration of how complex US-EU relations are. On the one hand, the NATO allegiance is not and cannot be challenged. On the other hand, the issue of leadership between the two entities remains a contentious matter.
Meta-EU dossier (one would better call it Big Tech-EU) marks the final entry of multinationals in the political arena. They openly orient political choices, up to the point of ventilating measures that are entirely equivalent to international sanctions (in a manner, moreover, not dissimilar to what happened towards China in the Hong Kong protests).
However, at another level, it cannot be overlooked that, as fundamental to US interests, Big Tech companies are necessarily part of US security and foreign policy strategies.
The events linked to the enactment of the Cloud Act, the law that allows American authorities to obtain from their own companies the data also held by their foreign subsidiaries, indicate this condition, which is not without conflict.
Although connected with the governmental apparatus, Big Tech cannot assume the risk of being perceived as “State companies” or, worse, as front companies. The risk of losing credibility in users’ eyes and failing would be too high. Therefore, in a techno-medievalist dynamic, they also use their position of power towards the US administration.
Once again, the events underlying the enactment of the Cloud Act provide clear evidence to support this conclusion. This law was the outcome of the legal actions brought in the US by Microsoft against investigative authorities who had ordered the Redmond company to hand over data residing on systems located in Europe. After various procedural events, the case ended up at the Supreme Court. However, the Court did not issue a final verdict as Congress approved the Cloud Act, which represents a highly imperfect compromise, but still a compromise, between a business entity and a sovereign power.
Conclusions
Due to the historical inertia of the EU and the Member States, the data economy has become a global battlefield, characterized by a front impossible to manoeuvre and by vectors of attack coming from the most disparate directions and directions.
The (albeit belated) choice of European and continental institutions to stem the drift of data towards the US is undoubtedly a fundamental element for the interests of Member States. However, it suffers from a de facto dependence on non-EU technologies from which it is not possible to free oneself in a reasonable timeframe.
In terms of technological public policy, the lesson (harshly) taught by this state of affairs is that science, technology, and the market are an inseparable triad. Not being aware of this situation means -as in the facts we are witnessing- giving up an effective exercise of political sovereignty towards all interlocutors, regardless of their formal qualification.