Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part V: The EU GDPR

Previous parts:



The EU GDPR
The US CLOUD Act and the EU GDPR entered into force at around the same time, but these regulations pursue completely different and inherently incompatible goals.



Summary: The António Campinos-led EPO is violating the privacy not only of EPO staff but also everyone whom that staff interacts with, in a clear violation of the General Data Protection Regulation (GDPR); today we explain the GDPR

A few months after the adoption of the CLOUD Act by the US Congress, the European Union's General Data Protection Regulation (GDPR) entered into effect on 25 May 2018, two years after the EU member states had reached agreement on a major reform of the existing EU data protection framework.



"The principles underlying the GDPR are not uniquely European and some of its protections can be found – albeit in weaker, less prescriptive forms – in US privacy laws and in Federal Trade Commission settlements with companies."The GDPR replaced the 1995 EU Data Protection Directive which was adopted at a time when the Internet was in its infancy. The new Regulation aimed to provide a reformed framework giving EU citizens more control over their own personal data and improving their security both online and offline.

The GDPR applies to all EU member-states and also to all countries in the European Economic Area (EEA) which includes Iceland, Norway, and Liechtenstein.

The principles underlying the GDPR are not uniquely European and some of its protections can be found – albeit in weaker, less prescriptive forms – in US privacy laws and in Federal Trade Commission settlements with companies.

However, in contrast to Europe, the US does not recognise a universal fundamental right to privacy. Notwithstanding the fourth amendment to the US Constitution, US government authorities can often obtain personal information without court approval. Legislation that provides a legal framework for the handling of data at approximately the same level as the The European Commission found in that the Safe Harbor Principles would provide "adequate protection" under Article 25 of Directive 95/56/EC, when it comes to the transfer of personal information from the EU to the US.

GDPR only exists in one single state: California.

"GDPR aims at protecting personal data, and thus the rights and information of European citizens."Although the US CLOUD Act and the EU GDPR entered into force at around the same time, these regulations pursue completely different goals.

GDPR aims at protecting personal data, and thus the rights and information of European citizens.

In contrast, the US enacted the CLOUD Act to clarify, extend, and speed up official access to electronic information held by US-based global providers, irrespective of the storage location of that data.

The bottom line here is that US companies are by nature not able to guarantee EU GDPR compliance, even if they provide their services via European subsidiaries.

"The bottom line here is that US companies are by nature not able to guarantee EU GDPR compliance, even if they provide their services via European subsidiaries."Regardless where their data processing operations are located, US companies fall under the jurisdiction of the US CLOUD Act which places them in a situation of conflict with the GDPR.

Likewise European data processors can’t be GDPR-compliant either if they rely on use US-based cloud providers to handle their services.

The inherent incompatibility between EU data protection regulations and US "data harvesting" legislation has been confirmed by the judgments of the Court of Justice of the European Union in the landmark judgments known colloquially as "Schrems I" and "Schrems€ II" which we will look at next.

Recent Techrights' Posts

EPO Staff Explains Why It Cannot Issue EPC-Compliant European Patents (in Other Words, Why Many Fake Patents Get Issued)
chaos inside
 
Chris Rutter, Winchester College, Clare College choir, Arm Ltd, underage workers & Debian accidental deaths
Reprinted with permission from Daniel Pocock
Gemini Links 25/02/2024: Blocking Crawlers and Moving to gemserv
Links for the day
IRC Proceedings: Saturday, February 24, 2024
IRC logs for Saturday, February 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] Objective Objection at the EPO
No more quality control
Links 24/02/2024: More Sanctions Against BRICS, Software Patents Squashed
Links for the day
Microsoft's Demise on the Server Side Continues Unabated This Month
Netcraft says so
Bonnie B. Dalzell Explains Her Experience With Richard Stallman
new essay
Gemini Links 24/02/2024: OpenBSD Advocacy and Nonfree Firmware Debated
Links for the day
Mark Shuttleworth & Debian Day Volunteer Suicide cover-up
Reprinted with permission from Daniel Pocock
IRC Proceedings: Friday, February 23, 2024
IRC logs for Friday, February 23, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/02/2024: EA Planning Layoffs and 'Liquor Regulators Are Seeking Revenge on Bars That Broke Pandemic Rules'
Links for the day
Gemini Links 24/02/2024: In Defense of Boilerplate and TinyWM Broke
Links for the day
Microsoft's Pearls of Wisdom: Layoffs Are Growth
Microsoft boss: layoffs are "long-term growth."
[Meme] Hide the Bodies
hiding EPO's role in funding Lukashenko
Josef Kratochvíl and All the European Patent Organisation's Chiefs (at the Administrative Council Too) Notified That Over 1,000 Members of Staff Demand Action on Patent Quality and Compliance (Industry Too is Alarmed That Many Invalid Patents Get Granted)
Huge corruption
Microsoft Lacks a Solid Strategic Plan Other Than Buying Its Own Stock (and Paying Staff in Shares)
Beware and be cautious of bubbles
Debian trademark canceled
Debian trademark canceled
Links 23/02/2024: Feed Aggregator and 2 Years of Invasion, Alexei Navalny’s Mother Blackmailed
Links for the day
Gemini Links 23/02/2024: Getting 'Sick' of Modern Tech and Deletion of One's Reddit Account
Links for the day
Links 23/02/2024: 227 Microsoft Layoffs Noted in Santa Clara and Disaster in Rivian
Links for the day
IRC Proceedings: Thursday, February 22, 2024
IRC logs for Thursday, February 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day