Forgot your password?
typodupeerror
EU Facebook Privacy

EU High Court To Review US-EU Data Safe Harbor Agreement 60

Posted by Unknown Lamer
from the unsafe-harbor dept.
jfruh (300774) writes with news that a complaint in Irish Court against Facebook for possibly sharing personal data of EU citizens with the NSA has escalated to the European Court of Justice which will review the continuance of the U.S./EU Safe Harbor Framework in light of PRISM. Under European laws, personal data of EU citizens can't be transferred to countries that don't meet EU standards for data protection. The U.S. doesn't meet those standards, but American companies have worked around this by using EU standards for the data of European citizens, even that data stored on servers outside of Europe. Now the EU's highest court will decide if this workaround is good enough — especially in light of revelations of the NSA's Prism data-mining program.
This discussion has been archived. No new comments can be posted.

EU High Court To Review US-EU Data Safe Harbor Agreement

Comments Filter:
  • by Opportunist (166417) on Wednesday June 18, 2014 @09:39AM (#47262063)

    Considering that the USA don't even need it but could essentially siphon the data directly from European countries with the aid of European governments... does it really matter?

    That's essentially pondering whether the front door should be locked when the back door is opened from the inside by those we employ to guard it.

  • by Joe Gillian (3683399) on Wednesday June 18, 2014 @09:50AM (#47262161)

    The decision by the Irish DPC not to investigate makes perfect sense - this case is essentially all politics, and nothing more. The finding is inevitably going to be that the existence of the NSA violates European data privacy laws, but there really isn't a whole lot the EU could do about it - they can't tell the US to shut down the NSA, and they can't revoke the ability of non-EU servers to host EU data without effectively creating a second Great Firewall. Nothing can ultimately be done about it, and so the only real result would be this "Europe-v-Facebook" group scoring some political points.

  • by Anonymous Coward on Wednesday June 18, 2014 @09:56AM (#47262233)

    The site must be shut down and everything there destroyed (except the employees), effective IMMEDIATELY. DO IT NOW.

  • Re:At what point (Score:5, Insightful)

    by Poeli (573204) on Wednesday June 18, 2014 @10:57AM (#47262823)

    And leave behind a 500M people market? Abandon all their current contract and cloud services? I don't think so. The EU is the second biggest market after China.

    Even if they do, several European companies will quickly fill the void (like in China) and the USA based companies will have an extra couple of competitors in the world.

  • by Xest (935314) on Wednesday June 18, 2014 @11:08AM (#47262953)

    Plus it seems pretty clear that GCHQ is in breach of the Data Protection Act in the UK, which makes allowance for law enforcement, but obviously by harvesting all data GCHQ goes beyond that. The specific exemptions in law are:

    - the prevention or detection of crime;
    - the capture or prosecution of offenders; and

    Obviously harvesting data of innocent non-crime committing people achieves neither of these things. Which is why I suspect GCHQ's acts wont survive subsequent court challenges anyway - even if they succeed in national courts, they'll get slapped down at European level as whilst the creation of the UK's supreme court has created a puppet for parliament in the judiciary they still have no way of manipulating the European Court of Justice.

    So it's a multi-pronged approach. Saying "Well there's no point fixing this, because that is broken" is stupid when "that" is also being targeted for fixing also. As you imply, just because there's more than one issue doesn't mean we should deal with none of them, it just means they have to be dealt with as separate cases.

  • by Jahta (1141213) on Wednesday June 18, 2014 @01:15PM (#47264171)

    No, the trouble is that the jurisdiction of the Patriot Act (and all other US laws) ends at the US border; regardless of what agencies like the NSA like to believe.

    Got bad news for you. It is NOT illegal for the NSA to spy on foreigners.

    Any more than it is illegal for the espionage agencies in your country to spy on foreigners.

    That is, in fact, what espionage agencies are for - to spy on people.

    Got bad news for you. While the activities of the NSA may be technically legal *inside* the US, they are certainly not legal anywhere *outside* the US. The same is true in reverse; the US certainly doesn't operate a "live and let live" policy towards foreign espionage agencies operating inside its borders.

    In any event, the point here is that US companies operating in foreign countries can't use the Patriot Act (or any other US law) as an excuse for flouting local laws. The personal data of EU citizens is protected under EU law. If US companies want to do business in Europe then they must abide by those laws.

    The US wouldn't tolerate foreign companies breaking US law in America. What makes you think other countries should tolerate US companies breaking their laws?

Some people have a great ambition: to build something that will last, at least until they've finished building it.

Working...