Europe and Privacy: For a Protection Embedded in (decentralized) Technical Architecture?

The protection of personal data via technical means, often referred to as “privacy by design,” is an issue currently being negotiated in key arenas at the European level. Discussions as sensitive as they are decisive are underway between the European Union and the United States on the “safe harbor”, i.e. the set of principles that allow for American companies to use European data for commercial purposes, and on the “umbrella agreement” concerning the rights of European citizens in the case of data transmission within the frame of judicial proceedings. Furthermore, after nine months of investigation on the Snowden affair, the European Parliament has demanded the acceleration of negotiations on data protection, the suspension of the safe harbor as well as the Terrorist Finance Tracking Program. The EP’s resolution in relation to these issues calls for, inter alia, the creation of a “digital habeas corpus”. In all of these arenas, the promotion of Internet services supported by decentralized and peer-to-peer architectures may be considered as a means to define and protect personal data in alternative ways, “by design” rather than by policy. Because such documents set the framework of national legislation for years to come, it seems important that their treatment of privacy by design issues also include explicit references to the “dwarfs” of the Internet as well as to its “giants”. Can P2P architectures, in this context, serve as an alternative strategy that Europe could pursue for the protection of personal data?