Regulating Governmental Data Mining in the United States and Germany: Constitutional Courts, the State, and New Technology
Schwartz, Paul M., William and Mary Law Review
INTRODUCTION I. DATA MINING AND RASTERFAHNDUNG (DATA SCREENING) A. Data Mining in the United States B. Data Screening in Germany C. The Statutory Regulation of Data Screening II. THE FEDERAL CONSTITUTIONAL COURT'S DATA SCREENING OPINION A. Background of the Case B. The "Concrete Danger" Requirement 1. The Right to Informational Self-Determination 2. Proportionality Review and the Failure of the Lower Courts C. The Dissent III. NEW TECHNOLOGY AND A TALE OF TWO CONSTITUTIONAL COURTS A. New Technology and the "New Constitutionalism" of Europe B. Two Approaches to Informational Privacy CONCLUSION
For the anthropologist Clifford Geertz, law is "part of a distinct manner of imagining the real." (1) In Local Knowledge, he argues that, at a fundamental level, legal systems create a way of envisioning the world and then develop different kinds of "techniques"--whether through legal institutions, methods, or doctrines--that make this vision the correct one. (2) The consequence is, of course, that the law in different countries will "see" different things. This point proves applicable to the study of comparative privacy law. Building on Geertz's insight, this Article searches for distinct as well as shared aspects of one area of law in two countries. It seeks to determine whether German and American lawyers, judges, and policymakers are seeing the same or different things when regulating one form of technology--namely, data mining.
As a further matter, current privacy scholarship has a great need for targeted studies that look at specific areas of information use in different countries. After a first generation of broader comparative studies, today's privacy scholarship needs more targeted analysis of specific areas of data use. As Spiros Simitis has argued, "[e]ffectiveness of data protection law crucially depends on the ability to react in a fashion that focuses on concrete situations of processing, and the ones that are especially important from the perspective of the affected party." (3) In such a fashion, this Article will look at how the legal systems of Germany and the United States respond to the use of data mining by the government for law enforcement and national security purposes.
As an initial matter, it is important to establish certain basic terminology. Americans commonly refer to "data mining"; in Germany, the standard reference is to "Rasterfahndung," which literally means "a screening search." (4) In this Article, I use data mining as the general term of art and to refer to the practice in the United States. In discussing German law, I refer to this practice as "data screening." This term is a closer translation of the German concept, and its use will permit a reader to know at a glance that a reference is to Germany. Another benefit of this approach is that it avoids an assumption that American and German jurists are using the same mental map when they speak of "data mining" or "data screening," respectively.
Although this Article employs these two terms, a computer remains a computer, whether in the United States or Germany, and the underlying technology in both countries is the same. One can, therefore, provide a unitary definition of data mining as a series of techniques for extracting knowledge from large stores of digital data. Alternative terms for this technique include "knowledge mining from data, knowledge extraction, data/pattern analysis, data archaeology, and data dredging." (5) Another definition views data mining simply as involving "a diverse set of tools for mathematical modeling." (6)
Part I of this Article explores the basic regulation of this technique in Germany and the United States. It finds a long engagement with data screening in Germany, one that dates back to the battle against the Red Army Faction in the 1970s. …