Slashdot Mirror

← Back to Stories (view on slashdot.org)

EU Court of Justice Declares US-EU Data Transfer Pact Invalid

Posted by timothy on from the clashing-visions dept.

Sique writes: Europe's highest court ruled on Tuesday that a widely used international agreement for moving people's digital data between the European Union and the United States was invalid. The decision, by the European Court of Justice, throws into doubt how global technology giants like Facebook and Google can collect, manage and analyze online information from their millions of users in the 28-member bloc. The court decreed that the data-transfer agreement was invalid as of Tuesday's ruling. New submitter nava68 adds links to coverage at the Telegraph; also at TechWeek Europe. From TechWeek Europe's article: The ruling was the court’s final decision in a data-protection case brought by 27-year-old Austrian law student Max Schrems against the Irish data protection commissioner. That case, in turn, was spurred by Schrems’ concerns over the collection of his personal data by Facebook, whose European headquarters is in Ireland, and the possibility that the data was being handed over to US intelligence services.

12 of 205 comments (clear)

  1. Obvious ruling by Anonymous Coward · · Score: 5, Insightful

    The court simply stated what looks obvious to anyone in good faith: if you do business in a country, you have to abide by the local laws. And given Snowden's revelations, it's purely ridiculous to claim that privacy rights can be respected if foreign data are stored in the US.

    So google, facebook, twitter, microsoft, cloud computing services, etc... will have to open their wallets and create data centers inside single EU countries. Otherwise GTFO.

    Technology must respect the law, not the other way around. Sorry billionaire nerds.

    1. Re:Obvious ruling by rmdingler · · Score: 4, Insightful

      And given Snowden's revelations, it's purely ridiculous to claim that privacy rights can be respected if foreign data are stored in the US.

      It's pretty ridiculous to claim privacy rights can be respected with regard to personal information stored anywhere.

      Do you reasonably suspect the surveillance powers will have any problem crossing imaginary lines in the dirt?

      --
      Happiness in intelligent people is the rarest thing I know.

      Ernest Hemingway

    2. Re:Obvious ruling by Xest · · Score: 4, Interesting

      "It's the smaller US companies that are probably going to take the brunt of this - the one that don't currently have any servers in the EU."

      Actually I'm not sure that that's the case. If a company operates only in the US (e.g. is headquartered there, only makes money there, only has staff there), but an EU citizen gives them their data, then the EU citizen is effectively accepting that their data will be held under the US' weaker data protection regime.

      The problem here is that Google, Facebook et. al have set up European subsidiaries for tax dodging purposes and so EU citizens are interacting with EU subsidiaries who are held to EU data protection standards. Those subsidiaries cannot make the decision for users to send their data to weaker data protection regimes - only the users themselves can opt to do that.

  2. This ruling won't fix anything by Richard_at_work · · Score: 5, Insightful

    Simply keeping the data in the EU won't fix anything so long as that data is still being held by US controlled entities, as those entities will still be forced to hand over the data regardless of where it is (lets face it, Microsofts battle against that particular issue is destined to fail).

    The only real way this is going to be solved is to force all EU data to be stored by entities that are not owned or controlled by a non-EU entity. Which means Amazon SaRL will be unconnected to Amazon.com and effectively competing against each other.

    1. Re:This ruling won't fix anything by currently_awake · · Score: 4, Insightful

      You don't understand how this works. The NSA will ask their Euro allies to get the data for them, therefore ensuring continued access.

    2. Re:This ruling won't fix anything by PolygamousRanchKid+ · · Score: 5, Interesting

      I don't have any problems with the US spooks asking an EU spook for the data from a specific suspected Muslim terrorist. The EU spook would probably comply, due to sharing agreements that are already in place.

      However, what the NSA does, is to simply harvest anything they want from anyone. I am not comfortable with that. And I don't believe an EU spook would set up a system enabling such universal access. If the EU spook can say the data was harvested outside the EU by the NSA, the EU spook has no problems. If the EU spook enables harvesting . . . we will see the EU spook in court.

      Note that Snowden's revelations did not result in any legal action in the US, despite that the NSA is clearly violating the law. This decision by the EU court is the only legal action that I know of.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:This ruling won't fix anything by gstoddart · · Score: 5, Interesting

      Simply keeping the data in the EU won't fix anything so long as that data is still being held by US controlled entities, as those entities will still be forced to hand over the data regardless of where it is (lets face it, Microsofts battle against that particular issue is destined to fail).

      And then those entities will be in violation of EU law, and will end up paying massive fines or other penalties ... which would hopefully be severe. So severe as to cripple the companies.

      See, no matter what the US believes, they can't trump the EU law. So if Microsoft's battle to not hand over this data fails, Microsoft in Europe will fail. It really is that simple.

      And at the end of the day, the corporations are going go realize they can't jeopardize their revenue by pulling out of those markets.

      The US doesn't get to pass laws which trump local laws any more than Iran does. And the US can't exempt those entities from local laws, which means this will come down to corporate self interest versus a government who feels it is entitled to collect this information.

      So the bottom line is: too damned bad for the US, because once Microsoft in Europe starts getting fined billions of dollars and people start getting thrown in jail, they're very quickly going to realize they can't do it.

      It really is about time the world tells the US that our privacy and legally protected rights don't take a back seat to US security interests. We don't give a shit what the US wants.

      --
      Lost at C:>. Found at C.
  3. Re:TTIP declares... by Chrisq · · Score: 5, Funny

    ... All euro courts are invalid. Seriously, eurosluts, what do you think you can do? Where are your carriers? Har har har.

    Yes but we'll laugh back when highly polluting VWs have to be accepted on US roads because they meet European standards

  4. Re:Laughable by PolygamousRanchKid+ · · Score: 5, Informative

    If you look at how this law case started, it was initiated by a private citizen. Not by the EU executive branch. The EU justice branch made a decision that the EU justice branch is visibly not comfortable with, because it places a lot of companies in legal limbo. Read more here:

    http://www.economist.com/news/...

    Because the EU executive branch did nothing about it themselves . . . well, it shows that they were in cahoots with the USA/NSA folks.

    So in this case, it is not a shakedown by the EU. The EU governments and Executive branch were perfectly happy with the way things were. It was a private citizen who appealed to the EU highest court that caused this.

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  5. Re:Laughable by Schmorgluck · · Score: 4, Insightful

    Nope, the real motivation is compliance to EU laws, like every company has to. Companies who believe they can fully own data about EU citizens and do whatever they want with it are in for a lot of trouble, whatever their nationality. European companies, and even governments, have been condemned too.

    --
    There's nothing like $HOME
  6. Re:They will be a muslem country in a few years. by kilfarsnar · · Score: 5, Informative

    The European union will be isis by the time they are done.

    Looking at some of the appeasers here it wouldn't surprise me

    Wow, you guys have really been taken in by the US media's propaganda. They want you to be afraid. A frightened populace is a controllable populace.

    Do you really not see how the fear of Muslim terrorists has been used to curtail your freedoms and tighten control of the authorities? We now have the NSA and who knows who else spying on everyone, the FBI looking at what you read, border checkpoints miles from any border and police using evidence collected in secret, all in the name of protecting us from terrorists.

    Terrorists use violence to put fear into a population. Well who is really putting fear into our population? The media and the government spokespeople who feed them information. They want you to be afraid so you'll support their wars (that they lie to us about) and their restrictive policies at home, and keep watching their news channels. Don't fall for it.

    --
    "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
  7. Re:They will be a muslem country in a few years. by Zontar+The+Mindless · · Score: 4, Insightful

    If ISIS want to send infiltrators to Europe, they can do it much more quickly, easily, and reliably with a few fake passports and some plane tickets.

    --
    Il n'y a pas de Planet B.