SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
With Trust Destroyed by Mass Spying, Top EU Court Asserts Need for Privacy Reform
European Court of Justice finds Safe Harbor agreement violates "essential" privacy rights
Oct 06, 2015
Europe's top court on Tuesday delivered a historic blow to mass surveillance with a ruling that found the right to personal privacy trumps government spying.
The European Court of Justice (ECJ) found in its decision (pdf) that the so-called "Safe Harbor" agreement, which allowed U.S. companies to "self-certify" that they met strict privacy safeguards while pulling data from European servers, "must be regarded as compromising the essence of the fundamental right to respect for private life" as guaranteed by the European Convention on Human Rights.
The case was brought by Austrian privacy activist Max Schrems, who argued that American surveillance operations such as PRISM--exposed by National Security Agency (NSA) whistleblower Edward Snowden in 2013--rendered useless the privacy safeguards in the Safe Harbor agreement, which for years has allowed technology companies to transfer user data across continental boundaries.
Tuesday's ruling was celebrated widely by privacy advocates, including Snowden himself, who toasted Schrems on Twitter, writing, "Congratulations, @MaxSchrems. You've changed the world for the better."
The bottom line, Snowden said, is that "the #SafeHarbor ruling indicates the indiscriminate interception of communications is a violation of rights."
The ECJ's ruling means companies in the U.S. and EU have to come up with alternative ways of transferring user data--and could impact as many as 4,000 firms, including tech giants like Facebook and Google.
Jens Henrik-Jeppesen, director of European Affairs at the Center for Democracy and Technology (CDT), said the ECJ's decision "shows the need to step up reforms of government surveillance practices."
"The invalidation of the Safe [Harbor] agreement should spur governments on both sides of the Atlantic to ratchet up long-overdue reform efforts," Jeppesen said, adding that it was "undoubtedly a major jolt for companies and will likely adversely impact their operations."
Schrems specifically named Facebook in his complaint (pdf) to the ECJ, charging that the company forwards information from its Ireland office, where data on more than 83 percent of its users is stored, directly to the NSA and other U.S. intelligence agencies.
Moreover, the court said, the U.S. did not provide adequate recourse for European citizens seeking legal redress over violations of their privacy rights, which "compromises the essence of the fundamental right to effective judicial protection."
"This judgement draws a clear line," Schrems said on Tuesday. "It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible."
As for what real-world solutions may be on the horizon, Schrems said the U.S. government would have to implement "severe changes" in American law and "more than just an update to the current 'safe harbor' system. Otherwise full compliance with EU fundamental rights and the judgment will be very hard to achieve."
But, he said, "There are still a number of alternative options to transfer data from the EU to the U.S. The judgement makes it clear that now national data protection authorities can review data transfers to the U.S. in each individual case--while the 'safe harbor' allowed for a blanket allowance."
Despite some "alarmist comments" about how the ruling may impact the way tech companies do business, Schrems said he sees no reason why better data protection and reviews of data transfers would cause "major disruptions" for consumers or providers.
Nonetheless, notes Electronic Frontier Foundation international director Danny O'Brien, the "fundamental incompatibility of U.S. mass surveillance with European data protection principles" could "certainly force the companies to re-think and re-engineer how they manage the vast amount of data they collect."
However, O'Brien added, it will take more than better "reviews" of data transfers to protect Europeans from mass surveillance.
The "geographic siloing of data" by itself, he argues, "is of little practical help against mass surveillance if each and every country feels that ordinary customer data is a legitimate target for signals intelligence. If governments continue to permit intelligence agencies to indiscriminately scoop up data, then they will find a way to do that, wherever that data may be kept. Keep your data in Ireland, and GCHQ may well target it, and pass it onto the Americans. Keep your data in your own country, and you'll find the NSA--or other European states, or even your own government-- breaking into those systems to extract it."
Other observers had even stronger words for the decision. The World Wide Web Foundation called it a "landmark judgment." The internet advocacy group's global campaign manager Renata Avila said, "Today's Judgment puts people's fundamental right to privacy before profit."
"Without effective safeguards for privacy, the Web as we know it could wither and die," Avila said. "Following today's ruling, new safeguards must now urgently be put in place that protect the Web as it should be, a secure and private space where people can start businesses, research confidential topics or just chat with friends without the fear of being subjected to unwarranted government snooping."
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
Europe's top court on Tuesday delivered a historic blow to mass surveillance with a ruling that found the right to personal privacy trumps government spying.
The European Court of Justice (ECJ) found in its decision (pdf) that the so-called "Safe Harbor" agreement, which allowed U.S. companies to "self-certify" that they met strict privacy safeguards while pulling data from European servers, "must be regarded as compromising the essence of the fundamental right to respect for private life" as guaranteed by the European Convention on Human Rights.
The case was brought by Austrian privacy activist Max Schrems, who argued that American surveillance operations such as PRISM--exposed by National Security Agency (NSA) whistleblower Edward Snowden in 2013--rendered useless the privacy safeguards in the Safe Harbor agreement, which for years has allowed technology companies to transfer user data across continental boundaries.
Tuesday's ruling was celebrated widely by privacy advocates, including Snowden himself, who toasted Schrems on Twitter, writing, "Congratulations, @MaxSchrems. You've changed the world for the better."
The bottom line, Snowden said, is that "the #SafeHarbor ruling indicates the indiscriminate interception of communications is a violation of rights."
The ECJ's ruling means companies in the U.S. and EU have to come up with alternative ways of transferring user data--and could impact as many as 4,000 firms, including tech giants like Facebook and Google.
Jens Henrik-Jeppesen, director of European Affairs at the Center for Democracy and Technology (CDT), said the ECJ's decision "shows the need to step up reforms of government surveillance practices."
"The invalidation of the Safe [Harbor] agreement should spur governments on both sides of the Atlantic to ratchet up long-overdue reform efforts," Jeppesen said, adding that it was "undoubtedly a major jolt for companies and will likely adversely impact their operations."
Schrems specifically named Facebook in his complaint (pdf) to the ECJ, charging that the company forwards information from its Ireland office, where data on more than 83 percent of its users is stored, directly to the NSA and other U.S. intelligence agencies.
Moreover, the court said, the U.S. did not provide adequate recourse for European citizens seeking legal redress over violations of their privacy rights, which "compromises the essence of the fundamental right to effective judicial protection."
"This judgement draws a clear line," Schrems said on Tuesday. "It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible."
As for what real-world solutions may be on the horizon, Schrems said the U.S. government would have to implement "severe changes" in American law and "more than just an update to the current 'safe harbor' system. Otherwise full compliance with EU fundamental rights and the judgment will be very hard to achieve."
But, he said, "There are still a number of alternative options to transfer data from the EU to the U.S. The judgement makes it clear that now national data protection authorities can review data transfers to the U.S. in each individual case--while the 'safe harbor' allowed for a blanket allowance."
Despite some "alarmist comments" about how the ruling may impact the way tech companies do business, Schrems said he sees no reason why better data protection and reviews of data transfers would cause "major disruptions" for consumers or providers.
Nonetheless, notes Electronic Frontier Foundation international director Danny O'Brien, the "fundamental incompatibility of U.S. mass surveillance with European data protection principles" could "certainly force the companies to re-think and re-engineer how they manage the vast amount of data they collect."
However, O'Brien added, it will take more than better "reviews" of data transfers to protect Europeans from mass surveillance.
The "geographic siloing of data" by itself, he argues, "is of little practical help against mass surveillance if each and every country feels that ordinary customer data is a legitimate target for signals intelligence. If governments continue to permit intelligence agencies to indiscriminately scoop up data, then they will find a way to do that, wherever that data may be kept. Keep your data in Ireland, and GCHQ may well target it, and pass it onto the Americans. Keep your data in your own country, and you'll find the NSA--or other European states, or even your own government-- breaking into those systems to extract it."
Other observers had even stronger words for the decision. The World Wide Web Foundation called it a "landmark judgment." The internet advocacy group's global campaign manager Renata Avila said, "Today's Judgment puts people's fundamental right to privacy before profit."
"Without effective safeguards for privacy, the Web as we know it could wither and die," Avila said. "Following today's ruling, new safeguards must now urgently be put in place that protect the Web as it should be, a secure and private space where people can start businesses, research confidential topics or just chat with friends without the fear of being subjected to unwarranted government snooping."
Nadia Prupis
Nadia Prupis is a former Common Dreams staff writer. She wrote on media policy for Truthout.org and has been published in New America Media and AlterNet. She graduated from UC Santa Barbara with a BA in English in 2008.
Europe's top court on Tuesday delivered a historic blow to mass surveillance with a ruling that found the right to personal privacy trumps government spying.
The European Court of Justice (ECJ) found in its decision (pdf) that the so-called "Safe Harbor" agreement, which allowed U.S. companies to "self-certify" that they met strict privacy safeguards while pulling data from European servers, "must be regarded as compromising the essence of the fundamental right to respect for private life" as guaranteed by the European Convention on Human Rights.
The case was brought by Austrian privacy activist Max Schrems, who argued that American surveillance operations such as PRISM--exposed by National Security Agency (NSA) whistleblower Edward Snowden in 2013--rendered useless the privacy safeguards in the Safe Harbor agreement, which for years has allowed technology companies to transfer user data across continental boundaries.
Tuesday's ruling was celebrated widely by privacy advocates, including Snowden himself, who toasted Schrems on Twitter, writing, "Congratulations, @MaxSchrems. You've changed the world for the better."
The bottom line, Snowden said, is that "the #SafeHarbor ruling indicates the indiscriminate interception of communications is a violation of rights."
The ECJ's ruling means companies in the U.S. and EU have to come up with alternative ways of transferring user data--and could impact as many as 4,000 firms, including tech giants like Facebook and Google.
Jens Henrik-Jeppesen, director of European Affairs at the Center for Democracy and Technology (CDT), said the ECJ's decision "shows the need to step up reforms of government surveillance practices."
"The invalidation of the Safe [Harbor] agreement should spur governments on both sides of the Atlantic to ratchet up long-overdue reform efforts," Jeppesen said, adding that it was "undoubtedly a major jolt for companies and will likely adversely impact their operations."
Schrems specifically named Facebook in his complaint (pdf) to the ECJ, charging that the company forwards information from its Ireland office, where data on more than 83 percent of its users is stored, directly to the NSA and other U.S. intelligence agencies.
Moreover, the court said, the U.S. did not provide adequate recourse for European citizens seeking legal redress over violations of their privacy rights, which "compromises the essence of the fundamental right to effective judicial protection."
"This judgement draws a clear line," Schrems said on Tuesday. "It clarifies that mass surveillance violates our fundamental rights. Reasonable legal redress must be possible."
As for what real-world solutions may be on the horizon, Schrems said the U.S. government would have to implement "severe changes" in American law and "more than just an update to the current 'safe harbor' system. Otherwise full compliance with EU fundamental rights and the judgment will be very hard to achieve."
But, he said, "There are still a number of alternative options to transfer data from the EU to the U.S. The judgement makes it clear that now national data protection authorities can review data transfers to the U.S. in each individual case--while the 'safe harbor' allowed for a blanket allowance."
Despite some "alarmist comments" about how the ruling may impact the way tech companies do business, Schrems said he sees no reason why better data protection and reviews of data transfers would cause "major disruptions" for consumers or providers.
Nonetheless, notes Electronic Frontier Foundation international director Danny O'Brien, the "fundamental incompatibility of U.S. mass surveillance with European data protection principles" could "certainly force the companies to re-think and re-engineer how they manage the vast amount of data they collect."
However, O'Brien added, it will take more than better "reviews" of data transfers to protect Europeans from mass surveillance.
The "geographic siloing of data" by itself, he argues, "is of little practical help against mass surveillance if each and every country feels that ordinary customer data is a legitimate target for signals intelligence. If governments continue to permit intelligence agencies to indiscriminately scoop up data, then they will find a way to do that, wherever that data may be kept. Keep your data in Ireland, and GCHQ may well target it, and pass it onto the Americans. Keep your data in your own country, and you'll find the NSA--or other European states, or even your own government-- breaking into those systems to extract it."
Other observers had even stronger words for the decision. The World Wide Web Foundation called it a "landmark judgment." The internet advocacy group's global campaign manager Renata Avila said, "Today's Judgment puts people's fundamental right to privacy before profit."
"Without effective safeguards for privacy, the Web as we know it could wither and die," Avila said. "Following today's ruling, new safeguards must now urgently be put in place that protect the Web as it should be, a secure and private space where people can start businesses, research confidential topics or just chat with friends without the fear of being subjected to unwarranted government snooping."
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.