Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part V: The EU GDPR

Previous parts:



The EU GDPR
The US CLOUD Act and the EU GDPR entered into force at around the same time, but these regulations pursue completely different and inherently incompatible goals.



Summary: The António Campinos-led EPO is violating the privacy not only of EPO staff but also everyone whom that staff interacts with, in a clear violation of the General Data Protection Regulation (GDPR); today we explain the GDPR

A few months after the adoption of the CLOUD Act by the US Congress, the European Union's General Data Protection Regulation (GDPR) entered into effect on 25 May 2018, two years after the EU member states had reached agreement on a major reform of the existing EU data protection framework.



"The principles underlying the GDPR are not uniquely European and some of its protections can be found – albeit in weaker, less prescriptive forms – in US privacy laws and in Federal Trade Commission settlements with companies."The GDPR replaced the 1995 EU Data Protection Directive which was adopted at a time when the Internet was in its infancy. The new Regulation aimed to provide a reformed framework giving EU citizens more control over their own personal data and improving their security both online and offline.

The GDPR applies to all EU member-states and also to all countries in the European Economic Area (EEA) which includes Iceland, Norway, and Liechtenstein.

The principles underlying the GDPR are not uniquely European and some of its protections can be found – albeit in weaker, less prescriptive forms – in US privacy laws and in Federal Trade Commission settlements with companies.

However, in contrast to Europe, the US does not recognise a universal fundamental right to privacy. Notwithstanding the fourth amendment to the US Constitution, US government authorities can often obtain personal information without court approval. Legislation that provides a legal framework for the handling of data at approximately the same level as the The European Commission found in that the Safe Harbor Principles would provide "adequate protection" under Article 25 of Directive 95/56/EC, when it comes to the transfer of personal information from the EU to the US.

GDPR only exists in one single state: California.

"GDPR aims at protecting personal data, and thus the rights and information of European citizens."Although the US CLOUD Act and the EU GDPR entered into force at around the same time, these regulations pursue completely different goals.

GDPR aims at protecting personal data, and thus the rights and information of European citizens.

In contrast, the US enacted the CLOUD Act to clarify, extend, and speed up official access to electronic information held by US-based global providers, irrespective of the storage location of that data.

The bottom line here is that US companies are by nature not able to guarantee EU GDPR compliance, even if they provide their services via European subsidiaries.

"The bottom line here is that US companies are by nature not able to guarantee EU GDPR compliance, even if they provide their services via European subsidiaries."Regardless where their data processing operations are located, US companies fall under the jurisdiction of the US CLOUD Act which places them in a situation of conflict with the GDPR.

Likewise European data processors can’t be GDPR-compliant either if they rely on use US-based cloud providers to handle their services.

The inherent incompatibility between EU data protection regulations and US "data harvesting" legislation has been confirmed by the judgments of the Court of Justice of the European Union in the landmark judgments known colloquially as "Schrems I" and "Schrems€ II" which we will look at next.

Recent Techrights' Posts

Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites
They tarnish the Web with junk and then die
On "Learning to Code"
quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing
it paves the way for us to squash all the SLAPPs from Microsofters
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These
Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer
We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!
Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs
self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt
Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful
The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal
slippery slope
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025
IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!
Links for the day
Links 19/06/2025: Ghostwriting Scam and Fentanylware (TikTok) Buying Time
Links for the day
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Gemini Links 19/06/2025: Unix Primitivism, Zine Club, and Gemini Protocol Turns 6 at Midnight
Links for the day
Links 19/06/2025: WhatsApp Identified as Assassination 'Crosshairs', Patreon Now Rips Off People Even More
Links for the day
"Told You So": Another Very Large Wave of Microsoft Layoffs Now Confirmed in Mainstream Media
So we were right to believe the rumours, based on the credibility of prior such rumours
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 18, 2025
IRC logs for Wednesday, June 18, 2025
Gemini Links 18/06/2025: Magit and Farming
Links for the day
Slopwatch: BetaNews is Now a Slopfarm (Like Linuxsecurity) and Google News is Overwhelmed by Slopfarms
The Web is bad
Links 18/06/2025: SCOTUS Decision on Fentanylware (TikTok) Still Ignored, 4.5-Day Work Weeks
Links for the day
Links 17/06/2025: Windows TCO and G7 Rifts
Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025