Protecting Data or Protecting Dominance? Authority as an Enabling and Constraining Force

In 1995, the EU’s Data Protection Directive caused significant strains in the transatlantic relationship. The Safe Harbour agreement, designed to permit transatlantic data transfers, was heralded as a new kind of agreement to bridge the divide in conceptions of privacy and data protection. However, in 2015, the European Court of Justice invalidated Safe Harbour as the result of a complaint by the Austrian citizen Maximilian Schrems causing a severe disruption in transatlantic relations. In contrast, while the unilateral decision of the US to impose a requirement on airlines to share Passenger Name Records (PNR) with US authorities caused significant unrest among European policymakers in 2003, a global regime of PNR sharing is now in emergence. The paper analyzes these two instances of conflict between the EU and the US in the post-Snowden era as examples of a broader ongoing struggle over authority in the area of data governance. Theoretically, the research connects the evolving literature on authority in the global realm with practice theory. I argue that practice theory is particularly suitable to study the struggles, conflicts and contestations that occur in the context of multiple overlapping claims to authority. Therefore, the article uses the analytical tool of “orders of worth” (Boltanski and Thevenot 2005) to grasp how actors use background knowledge to create and contest hierarchies through different justificatory patterns. I combine this with a Bourdieusian approach and evaluate whether actors justify their authority claims with reference to the same orders of worth to assess whether “dominated and dominant recognize the same principle of domination” (Steinmetz 2006:455), which is understood as the recognition of authority. I conceptualize the area of data governance as a distinct field formed around the control over data as a specific type of capital. Therefore, I focus on practices of meaning making as constitutive of authority and trace these through a document analysis focusing on e.g. court proceedings, policy documents, press releases and other documents. The article makes three substantive contributions. First, I argue that the field of data governance has defined boundaries of relevant justifications and is characterized by a logic of production and a logic of security rather than a logic of fairness or social justice. While the existing literature often focuses on the balance between civil liberties and public surveillance practices, I argue that a bifocal approach on security and economic surveillance practices is necessary. For instance, while the PNR case demonstrates how a discourse shifts towards security, the invalidation of Safe Harbour shows how security justifications might fail in the context of public-private cooperation in surveillance. Second, I argue that even institutionalized authority relations are often fragile and vulnerable to contestation by non-state actors. Third, the article demonstrates that the divergences in the interpretation regarding the scope and extent of public surveillance vary not only between the EU and the US but also between different European actors.