Digital Privacy in European Post-Communist Democracies

Munib Mesinovic | Aug. 18, 2020

Few can argue that the digital privacy debate is a purely technical question and that the “solutions” will also be of a solely technological nature. It has become clear that any attempt to address this question needs to consider the social context as well. One crucial question of our time is “what does privacy mean for a democracy?” Many so-called democratic countries today struggle with the legislation, adaptation, and regulation of privacy in many different areas of information sharing that are beyond just the internet. There is also a profound disconnect between the people who demand better protections and safeguards and the governmental institutions operating the system. Within this group of democratic societies, post-communist countries form a special group that sets them apart not only by their past but also by their current narratives and contexts surrounding privacy. This article explores the digital privacy discourse in post-communist countries and aims to highlight that conversations around digital privacy have a strong context outside of Western and Northern Europe and should be heavily considered when implementing European-wide digital policies and regulations. It draws from my personal experiences living in a European post-communist democracy, Bosnia and Herzegovina, as an engaged young person and is also supplemented by conversations and interviews with fellow Bosnians and citizens of other European post-communist democracies.

Learning from different, often underrepresented, narratives surrounding privacy can offer more insight into how we should change not only legislatively, but also socially and behaviorally, our approach to protecting privacy in a digital society. Within these discussions, the context of Eastern and Southern Europe has been missing, especially one drawing on their shared history within communism. In European post-communist democracies (EPCDs), many questions on privacy either have not been raised or remain unanswered. Are there societal practices instilled in those communities, many of which have “outgrown” communism just two decades ago, that foster or hinder privacy guarantees? How is the privacy debate developed, in what kinds of frameworks, and on what platforms? What kind of data is available, and is being collected, in these countries? And, under whose control is it? With election hacking being in the headlines in the US and the UK, how are young democracies dealing with such an impactful data breach on the cornerstone of democracy? And last, but not least, is the technologically advanced age preventing the people of EPCDs from achieving the freedoms they so adamantly fought for?

What studies have identified is that people living in such communities have less support for democracy and open markets. A starting assumptive pointer, therefore, is that people do not care enough about their digital privacy to act because of remnants of communism such as institutionalized corruption and distrust. Such discussions become more important as EU-wide regulation is put forward and widely implemented in many of the post-communist countries, now under its banner, without those countries’ different contexts in mind.

The European Commission special report on data protection, which is within the framework of the Eurobarometer as a measure of public opinion, puts forward several survey results about European-wide attitudes to data privacy and online privacy settings. The first interesting survey result was on the question of whether the respondents had ever changed any privacy settings from the default ones on any of their social media accounts. It should be noted that, to ensure the significance of the results, over 57% of the total number of respondents actively use social media. What the data insinuated, as one can see in figure 1, is that people in EPCDs were less likely to have changed their privacy settings from their default states. What is not certain, however, is if they did not change their settings because of personal choice or because of lack of knowledge of their ability to do so.

Figure 1. Have you changed your privacy settings on social media?

The data further indicates that people in EPCDs, on average, are the least likely among European states to turn to their national governing bodies for data protection and regulation enforcement. Figure 2, also from the European Commission special report, suggests something similar by showing how EPCDs are below average when it comes to having faith in public institutions to deal with privacy regulations and enforcement.

Figure 2. To whom would you prefer to send a complaint about protecting your data? (multiple answers possible)

To investigate further, I conducted a series of interviews with nationals from the above-mentioned EPCD countries. The demographic of the interviews was heavily skewed towards the age group of early 20s due to access to such individuals. The interviews were conducted at the NYU Abu Dhabi campus among students and employees. The interviewees were reached out to through, ironically, social media, and a total of nine interviews were conducted. The interviews are of an exploratory and investigative nature meant to bring up existing worries, experiences, and opinions on the topic among these communities rather than to reach definitive answers on the above questions — any such attempt has to come from a larger empirical study built with an informed and comprehensive hypothesis. The nationalities included in our interviews were: Bosnia and Herzegovina, Serbia, Macedonia, Bulgaria, Romania, Poland, Lithuania, and Ukraine.

What all the interviewees’ responses shared was a heavy presence of distrust in their governments, their perception of their governments as inefficient and unknowledgeable when it comes to anything digital, and their description of the general public’s lack of concern or discussion of anything remotely touching upon digital privacy. The interviews indicated that all countries, except Poland, have heavily politically controlled media that most people follow and that any knowledge of digital privacy issues (Snowden, government surveillance, election hacking by Russia or other entities) can only be seen on foreign news outlets.

Additionally, the interviews mentioned several examples of when a digital privacy scandal would arise only to be quickly framed as a political scandal to be taken advantage of in the media. An example was given of a Romanian Minister-to-be who had political rivals “unearth” his modeling photos which they used in the media to discredit him. The scandal became entirely focused on the photos themselves and their political context and no mention was made of how the photos were obtained or whether that was a violation of someone’s (digital) privacy. Similar situations have occurred in Bosnia and Herzegovina, North Macedonia, and Poland, where scandals of wiretapping and hacking were always construed as political scandals and no discussion was facilitated on the acts themselves as anything relating to digital privacy by the domestic news media. In Ukraine, however, the interviewee’s experience with digital privacy is intertwined with the revolution and with the government's attempts to crack down on digital privacy during the pre-revolutionary period; people rallied together online, in part, to resist government surveillance and social manipulation, and when the government started to intrude on online platforms, that fueled the revolution more. The digital privacy debate was a part of the revolution ideology, still being hijacked in a way by a political context, albeit a revolutionary one.

But... what does this have to do with communism?

As far as the questions on the possible influence of the communist heritage are concerned, there is a split of opinions. Some interviewees believe, and they are in the majority, that the communist mentality has little effect when it comes to these attitudes or the lack of them, and that it has more to do with the post-communist period being considered a corrupt failure. Others think that the communist “way of thinking” of relying on the government and trusting it too much makes people indifferent to asking questions about the consequences of the digital tools they are so frequently using.

Thus, whether this indifference to digital privacy is a result of some sort of communist historical influence is neither straightforward nor widely agreed on. To recall, we have seen how figure 1 and conversations with the members of EPCD communities suggest a lack of concern or action when it comes to digital privacy among the EPCD public. Additionally, as seen in figure 3 below, nationals from most EPCD countries appear much less likely to act on any kind of digital dangers by, for example, using privacy software tools, compared to the EU average (entry with a blue dot under it). Since digital privacy is not discussed or developed in public and educational discourse and no scandals pertaining to it have ever developed in the digital privacy context, rather than only the political one, the public remains indifferent and unaware of the meaning and the importance of the term. The interview responses also support the findings of a recent report by the Organisation for Economic Co-operation and Development (OECD): that economic, social, and political inequality as well as lack of progress compared to the rest of Europe are constantly on people’s minds, thus making digital privacy less of a priority. Thereon, most of people’s time, focus, and discussion is spent on political deliberations and attacks.

Figure 3. Do you use software that prevents your online activities from being monitored?

These aforementioned problems in the post-communist society are perceived as coming from governmental inefficiency which leads to distrust. This necessitates more public focus on political instability than digital privacy which is perceived, as one interviewee put it, as a “first world problem.” Therefore, the common attitude among EPCD nationals towards digital privacy and the importance of it seems to come not from their shared communist heritage as much as from their collective post-communist challenges and current political instabilities. Even in the cases where communism enters the barely existent public discourse on digital privacy, such as in Poland, it is only used as a controversial word to stir up anti-communist animosity towards government involvement in general, thereby serving, once again, political opponents and the opposition rather than the digital rights of the people as such.

Similar arguments have been made trying to explain the pre-Snowden era in the US filled with a relatively general lack of concern over digital privacy which later exploded following several revelatory events. As Phillip Rogaway notes, “It wasn’t until Snowden that I finally internalized that the surveillance issue was grave,” noting that other problems such as the environment and sustainability were a larger concern that attracted more attention.

It seems that the attitude among EPCDs towards the importance of digital privacy is at a minimum and is deeply coupled with political narratives. The lack of discussion, information, and education on these issues and concerns necessarily means there is less pressure to create, adopt, and regulate laws that would help oversee and manage online activity and autonomy, which in the end, contributes to a lagging judiciary that is years behind contemporary technology and its dangers. What is missing is not just an Eastern European Snowden or anything similar, but also independent newspapers and portals, a strong political opposition, and an informed and involved public.

Further, the term “digital privacy” and its meaning or connotations do not appear in news or public discourse more likely due to the post-communist political and economic lag than due to the communist period itself. The goal of this article is to highlight that conversations around digital privacy have a strong context outside of Western and Northern Europe and should be heavily considered when implementing European-wide digital policies and regulations. Well-founded hope remains that there will be heightened interest in the creation of similar resources in academia and public discourse in European post-communist democracies alongside other unheard voices on digital privacy around the world.

We believe in furthering the conversation on digital privacy beyond this article. Here are a few resources from Munib to get that started:

1. Communist socialization and post-communist economic and political attitudes | G. Pop-Eleches & J. A. Tucker

2. GDPR explained: How the new data protection act could change your life | Channel 4 News

3. INTERNATIONAL GDPR One Year On – Eastern Europe | Ius Laboris

4. GDPR Tracker in Hungary | Bird&Bird

5. Posts tagged "Eastern Europe" | DATAPORTAL


Map/chart credits to Sohail Bagheri