European Commission Outlines Steps To Restore Trust In EU-US Data Flows 75
hypnosec writes "The European Commission has outlined steps it believes will pave the way for restoring faith in EU-U.S. data flows following revelations about NSA spying activities under its PRISM program. The EC notes that spying on its citizens, companies, and leaders is unacceptable; and that citizens of U.S. and EU need to be reassured about protection of their data, while companies need to be reassured that the existing agreements between the two regions are respected and enforced. The Commission outlined a total of six areas that it believes require action including swift adoption of the EU's data protection reforms; making Safe Harbor safer; strengthening data protection safeguards in the law enforcement area; commitment from the U.S. for making use of a legal framework; addressing European concerns in the on-going U.S. reform process; and promoting privacy standards internationally."
We have a reform process in the US? (Score:4, Insightful)
>> addressing European concerns in the on-going U.S. reform process
Really, we have an active privacy reform process in the US? I haven't heard much about that since Obamacare finally went off the rails.
Re:We have a reform process in the US? (Score:4, Insightful)
Given your US news I can see why you wouldn't know anything about it really.
Re:We have a reform process in the US? (Score:5, Interesting)
What, you mean the latest news about a four game suspension from the Seahawks isn't news, or Dancing With the Stars new season?
No wonder why most of the clued Americans end up reading Al Jazeera these days when 5-10 years ago, AJ was joked about as the "terrorist news network". Thanks to an earlier reference, dw.de is another decent source (although all the above have their bias, and one can easily see it in the way their stuff is phrased.)
On a realistic note, the Europeans have a valid issue about this.
There are diplomatic solutions (trust, but verify), but there are also technological solutions. One of those could be passthrough encryption in one country before data is stored in another, where if company "A" wants to store data in their home country, the data from country "B" would have to be encrypted in that country by a key only held there. Of course, there is a lot of room to compromise keys (key management is in itself a major undertaking), but done right, it isn't impossible.
Re: (Score:2)
MJ is legal in WA and CO - in terms of the Seahawks being suspended.
There are no methods to overturn an unjust invasion of Privacy and the constant violations of the US Constitution - nobody ever goes to jail for doing that.
Ever.
The revolution is coming fast, you can hear it boiling.
Re: (Score:1)
Yes, the reform is in the direction of no-privacy for everyone.
Re: (Score:3)
Yes, the reform is in the direction of no-privacy for everyone.
I have to say it, but we should mod up the AC.
The active privacy reform across the industrial world (yes, EU, UK, AU I'm talking to you as well, not just US) is the assertions that:
1. there no right to privacy for the citizens
2. there IS a right to privacy for n, where n=power or money (read: police, government, corporate interests)
3. noting a vast power unbalance as a result of 1 and 2 makes one a terrorist
Isn't that America's job? Restoring trust? (Score:1, Troll)
Re: (Score:2)
I see you are a coward, good thing since you are clearly mentally disturbed.
Trust in USA? What's that? (Score:5, Insightful)
Well, unless it's "trust" as in "I trust US to screw everyone at every opportunity".
--Coder
We have the solution! (Score:3, Insightful)
More lies! This will work this time. We're sure of it!
You'd be a fool to trust the US anywhere near your data these days. All the stuff revealed lately is just *some* of what's what.
What we don't yet know.......
Justice has been severely folded, bent, mutilated, and trampled. It's going to take DECADES to restore even a small percentage of the trust erased lately.
Re:We have the solution! (Score:5, Informative)
This. If NSA chief have no problem lying to US congress, and had no consequences after that was found out, what stop them to keep lying to Europe all they want?
And what was released till now is just the tip of the iceberg (or just a snowflake over it) so far it has been released 500 out of 200000 [nydailynews.com] of the documents that Snowden got.
There is no reasonable trust anymore, but they can be gullible all they want, or just play this as a theater to keep their population at bay.
Not sure about that. (Score:2)
We have some equipment at work, with factory and maintenance access codes. Those codes change, seemingly at random, until you know the secret. Date and time determines the proper access codes. I suppose that it would be a fairly simple matter to only allow access within certain time frames - that is, simply to null xx% of the now-valid codes.
This isn't a new system, by any means. The machinery runs SysV dated late 1990's.
Re: (Score:2)
But Senator! (Score:2)
I can't understand why the Senator is shocked that our spies lied to him. They are SPIES, after all! Do you really expect that spies are going to tell you the truth about anything?
Restore? (Score:2, Insightful)
Difficult to *restore* a faith that was never there.
Re: (Score:2)
Restore trust?? (Score:3, Insightful)
Heh, that's a good one. How do you restore trust in a system that is corrupt by design, not by defect? You cannot ever trust any system to works on concentrated authority. It is impossible to acquire adequate oversight.
"EU won't suspend data sharing accords with U.S." (Score:5, Informative)
That's the more concise headline today at Reuters -- http://www.reuters.com/article/2013/11/27/us-eu-us-security-idUSBRE9AQ0F120131127 [reuters.com]
The European Union backed down on Wednesday from threats to suspend agreements granting the United States access to European data, rejecting calls for a tougher stance over alleged U.S. spying.
The move marks an abrupt about-turn for the European Commission, the EU executive, after warnings it issued in July to U.S. officials following revelations that Washington had spied on European citizens and EU institutions.
Cecilia Malmstrom, the EU's commissioner for home affairs, said she had found no proof of U.S. wrongdoing, either in the sharing of flight passenger records or in the tracking of international payments...
Sophie in 't Veld, a Dutch Liberal member of the European Parliament, criticized the Commission's move.
"They are putting diplomatic relations ahead of citizens rights. The Commission is being extremely timid to the Americans," she told Reuters.
"They have done an investigation and concluded that everything is hunky dory. This is not serious," she said, adding that taking the United States at its word was naive.
Re: (Score:3)
If the EU had at least the same size balls as Brazil, they would demand reciprocity.
Let's see how long the Americans would tolerate their data being "safely shared" with Europe's governments.
What? A storm during thanksgiving? Snow at Christmas! Playoffs? The superbowl !!!!! (5, for insanity)
What was the topic again, Obamacare?
Re:"EU won't suspend data sharing accords with U.S (Score:5, Insightful)
Re: (Score:3)
Alleged? What part of the official U.S. policy and actions they have admitted to, apologized for but vowed to continue, is alleged?
That is not a neutral story. I wouldn't trust it.
Humans not citizens (Score:1)
The EC notes that spying on its citizens, companies, and leaders is unacceptable; and that citizens of U.S. and EU need to be reassured about protection of their data
Either you don't spy on everybody or don't even bother making a statement. Humans are humans whether citizens of your country or not. As long as you make a distinction between your own citizens and others you generate ill will towards yourselves, which creates enemies, which forces you to get defensive.
Your forefathers made proclomations about Human Rights, not citizen rights. Listen to them, they had the right idea, do the right thing and treat all humans equally.
This will be swept under the rug (Score:2)
They'll just continue spying anyway (Score:4, Interesting)
When we have flaps like this that occur, you know, something will change, and I expect we'll get some sort of announcement that will - that the Europeans can point to as a curtailment and as a change. But as time goes by, flaps blow over, and the permanent interests of ourselves and our allies reassert themselves.
Paul Pillar, 28-year veteran of the CIA [wbur.org]
Re: (Score:2)
Re: (Score:2)
Who knows? At least CGHQ has been doing some pretty heavy surveillance [theguardian.com] and spying on an international level too in recent years. Never underestimate the capacity of a government hellbent on eavesdropping everything that is being sent down the wire.
Re: (Score:2)
Here we're talking about the EU and they have two branches of government, the commission that backed down and the parliament that wants stronger action.
The EU commission is made up of lackeys of the member countries, the EU parliament is very much 'of the people' and they have to share power.
Give it some time and we'll see who wins, the establishment in the countries or the people of the EU.
This is one of the reasons I am very much pro-EU unity.
Re: Waste of time (Score:1)
Can operate with secrecy: i assume your definition of "secrecy" include being front page of every decent newspaper?
Europe has battered wife syndrom (Score:3)
"The USA isn't always like that, only when I do something wrong. I love the USA, I could never stop being it's partner." - EU
One Step (Score:1)
1. Trust No One
That's it. Cryptography has always and will always run on jungle rules.
Either you break it and get the cleartext, or you can't break it and you don't get the cleartext.
There is no middle ground. They can read your messages and spy on you or they can't.
If your "allies" can read your messages, they will. Full stop.
Re: (Score:2)
What's wrong with cutting the wire? (Score:2)
Seriously? We just don't need to share that much information. There's no "reform" unless the US stops breaking ITS OWN LAWS. That's where reform starts.
As much as I would hate an even "worse" US life, I think it'd be for the best that the way government here is doing business ceases to be profitable.
Re: (Score:2)
Even if the US abode by its own laws, spying on foreigners, including EU Citizens, would still be allowed, under those laws. Changing laws to include EU Citizens in the list of persons not to be spied upon would be a confidence building measure... but we all know that the US won't stop snooping in Europe. There are way too many juicy trade secrets there to steal, so a no-spy rule w.r.t. Europe won't make it through Congress.
Re: (Score:2)
The US constitution is a limit of what government can do. Not just a limit on what the government can do to people living in the US. The very idea that it only applies to the people of the US is a twist of interpretation. The constitution is how this government should behave MORALLY. If it's immoral to do it in the US, it's still immoral to do it to other people.
Re: (Score:3)
The US constitution is a limit of what government can do.
Evidently not.
Re: (Score:2)
According to the WikiLeaks/Manning revelations, the French are the worst industrial spies in Europe. "France is the country that conducts the most industrial espionage on other European countries, even ahead of China and Russia, according to leaked U.S. diplomatic cables, reported in a translation by Agence France Presse of Norwegian daily Aftenposten's reporting."
Another quote, "In October, 2009, Berry Smutny, the head of German satellite company OHB Technology, is quoted in the diplomatic note as saying:
Re: (Score:1)
There is no penalty for the NSA to break our own US laws, and all the EU-US treaties or US-Canada treaties signed.
Everyone knows that, especially those of us who have worked in the belly of the beast.
No penalty - none. Nobody is going to jail for breaking the law, except those who tell the truth.
Step One: Destroy the NSA Data Center in Utah (Score:1)
Preferably by a drone strike. US can't collect data if it has nowhere to store it.
Re: (Score:2)
Re: (Score:2)
"will be" ? Already is.
For the US/NSA trust is a one way street (Score:5, Insightful)
The EU tried going the trust route and it got burned. This situation is indicative of the scorpion and the frog [wikipedia.org].
Two Easy Steps : (Score:2)
Step 1 : Dismantle the NSA, and file criminal charges against their leadership.
Step 2 : There is no step 2.
Re: (Score:2)
Step 1: Dismantle the NSA...
Step 2: ???
Step 3: Profit!
Re: (Score:1)
Step 1 : Dismantle the NSA, and file criminal charges against their leadership.
Step 2 : There is no step 2.
Step 4. Profit from selling EU private data to US corporations!
Re: (Score:2)
Step 1 : Dismantle the NSA, and file criminal charges against their leadership.
Step 2 : There is no step 2.
Sure there is, and more. Restoring trust at this point would entail the above, plus destroying the office facilities, computers, equipment, and network infrastructure used by the NSA. Followed by a decade or two of unlimited access and inspection of any similar government assets by a neutral outside party. Then, maybe, someone will trust USA, data, and security in the same sentence.
Those "accidental" undersea cable breakages? (Score:2)
Remember how undersea cables kept getting broken by anchors? Was the NSA behind this? It could happen in at least 2 ways:
1. Break the cable, the repairer installs interception device.
2. Break the cable, tell the operator that breaks will keep happening unless the operator allows access to its network.
I would never trust EU-US data flows (Score:1)
I for one would never trust EU-US data flows - the US side will always ignore any treaties about privacy and steal the personal information of EU citizens.
Always.
Without question.
This is why the US is 31st in download speeds - we reward insanity.
correction (Score:2)
Restore the (mistaken) /belief/ that you can trust the US.
I.o.w.get some sense of naievete back.
I fear that's gonna be a cinch. Apathy has been a high
demand US export item for longer than just the past year.
Reassure me all you goddamn want (Score:3)
Same shit, different day.
Punish the guilty (Score:2)
It's great they're talking about reforms to prevent this happening again, but there's one critical element no one is talking about: prosecuting people for the crimes they already committed. The NSA has been breaking laws on a massive scale all over the world, but there hasn't been one single prosecution of anyone for any of them. Until they see the law applies to them too, they'll have no reason to not just keep ignoring it. And then all the reforms in the world will be nothing but paper, things to ignor