03.14.21

EPO and Microsoft Collude to Break the Law — Part VI: A Not-so-safe Harbour

Posted in Europe, Law, Microsoft, Patents at 12:28 pm by Dr. Roy Schestowitz

Previous parts:

Safe Harbour
Thanks to the efforts of Max Schrems, the Safe Harbour Agreement was invalidated in October 2015

Summary: Examining the so-called ‘Safe Harbour’ Agreement, which was neither safe nor a harbour

To ensure that the personal data of European citizens was protected in a manner complaint with EU data protection regulations after it had been transferred to the USA, deals such as the Safe Harbour Agreement and the EU-US Privacy Shield were drafted and implemented to address the shortcomings of nationwide data protection in the USA.

As it turned out, these agreements did not last very long. The Court of Justice of the EU (CJEU) overturned them both because in practice they did not live up to the agreed data protection standards.

These CJEU rulings were a slap in the face for the politicians in the European Parliament who had rubber-stamped the agreements despite warnings from data protection advocates.

The CJEU judgements also gave a clear indication that future agreements of this kind must deliver genuine data protection if they are to be upheld.

“On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side.”This effectively creates an impasse because US providers are subject to American legislation such as the PATRIOT Act, the USA FREEDOM Act, and the CLOUD Act, which are designed to ensure that US authorities and intelligence agencies have access to personal data of EU citizens.

On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side.

However, in July 2000, in the context of an examination of the adequacy of the protection of personal data transferred to other countries, the European Commission took the position that the “Safe Harbour” principles developed by the US were in compliance with Article 25 of the EU Data Protection Directive 95/56/EC and would provide “adequate protection” for the transfer of personal information from the EU to the US.

The European Commission thus gave approval for transfers of personal data to the US by means of executive decision no. 2000/520/EC, the so-called “Safe Harbour decision”.

However, in 2013 this decision was called into question by the Snowden revelations.

The game was over on 6 October 2015 when the CJEU delivered its judgment in the case of Maximillian Schrems v Data Protection Commissioner.

“…in 2013 this decision was called into question by the Snowden revelations.”In this judgment the Court invalidated the European Commission’s Safe Harbour Decision, because “legislation permitting the public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life”.

Maximillian Schrems
Max Schrems in front of the office of the Irish Data Protection Commissioner in Dublin

This landmark judgment of the CJEU in data protection matters which is colloquially known as “Schrems I” was largely due to the efforts of one individual, the Austrian activist and author Maximilian “Max” Schrems who had initiated a legal action in his capacity as a Facebook user claiming that his Facebook data were insufficiently protected.

In essence Schrems argued that the Safe Harbor system would violate his fundamental right to privacy, data protection and the right to a fair trial under the Charter of Fundamental Rights of the European Union.

The striking down of the Safe Harbour Decision by the CJEU resulted in further talks between the EU Commission and the Obama Administration aimed at establishing “a renewed and sound framework for transatlantic data flows”.

The outcome of these talks was a revised framework for regulating transatlantic exchanges of personal data which became known as the EU-US Privacy Shield.

“…the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems.”The European Commission approved the Privacy Shield on 12 July 2016 and it entered into effect the same day.

However as we shall see in the next part, the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2021/03/14/epoleaks-report-march-2021-part-6/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Links 14/5/2021: FreeBSD on the Pine H6, Red Hat Hiring

    Links for the day

  2. Protecting Freenode is Protecting the Free Software Movement

    Freenode may seem like a negligible corner of the Internet, which media never bothers mentioning at all; but Freenode, which many have come to take for granted, is core infrastructure for many Free software projects and protecting the network is essential for the Free Software Movement

  3. EPO Justice

    Justice in Europe's second-largest institution, where the law itself is a second-class citizen

  4. IRC Proceedings: Thursday, May 13, 2021

    IRC logs for Thursday, May 13, 2021

  5. Understanding How Freenode (IRC) Works -- or Doesn't Work -- in 2021

    There is a conflict going on behind the scenes at Freenode, but there are also sincere and well-meaning attempts to undo the damage and get back to normal

  6. [Meme] Judges the Office Cannot Control Are Just Nazis With Weapons in Their Office...

    The EPO hasn’t been run by grown-ups for over ten years; Benoît Battistelli, António Campinos and their confidants cannot grasp the concept of law, just blind loyalty

  7. The EPO's War on Justice and Assault on the Law -- Part 5: Battistelli's “Swedish Chef”

    The EPO's 'courts' are controlled by the people whom they're supposed to judge on; this has been the case for at least half a decade

  8. Links 14/5/2021: KDE Plasma 5.22 Beta and GNOME 40 in Gentoo

    Links for the day

  9. Audio: “Unjust Computing Clamps Down” by Richard Stallman

    The FSF has finally uploaded the LibrePlanet talk of Richard Stallman

  10. Links 13/5/2021: KDE Gear 21.04.1 and LibreOffice 7.0.6

    Links for the day

  11. The EPO's War on Justice and Assault on the Law -- Part 4: The President of the Boards of Appeal

    A deeper look into the ‘sausage factory’ that is EPO tribunals certainly helps us understand the inherent bias of many decisions, including a recent decision on European software patents like a controversial simulation patent

  12. Judging the Judges

    Today we shall take a closer look at Carl Josefsson, a person who shall become a figure of interest if he sends EPO courts to the United States in clear violation of the EPC (looking to rubber-stamp an unlawful decision already made before this case even started)

  13. When EU Authorities Tell You to Complain to the EPO Itself About EPO Privacy Violations...

    “Kafkaesque” at the EPO; Kafka could do a whole novel about the flirtations with or affairs of ‘justice’ at the EPO

  14. The Need for Reliable Governance at Freenode

    Why the current and high-profile (albeit somewhat covert) owner of the network, who seems to care about Free software (it has made him very wealthy), should put the whole thing in reliable hands and not attempt to 'monetise' it in any way

  15. IRC Proceedings: Wednesday, May 12, 2021

    IRC logs for Wednesday, May 12, 2021

  16. Andrew Lee of Private Internet Access/London Trust Media Increasingly Owns and Controls Freenode (Updatedx2)

    The details about Freenode ownership and control are explained in a resignation letter urging users to move to another network

  17. [Meme] eBPF is Not Microsoft's, But It's Certainly Googlebombed by Microsoft

    eBPF isn't Microsoft's. But sites that work closely with Microsoft keep mentioning that term as if Microsoft created it and champions it (typical tactics).

  18. Links 13/5/2021: OpenSUSE Leap 15.3 on Finer Hardware, AMI Dabbling in Free Firmware

    Links for the day

  19. The EPO's War on Justice and Assault on the Law -- Part 3: The Current Line-up

    The composition of the Enlarged Board for case no. G 1/21

  20. System76’s First Keyboard Packs in Plenty of Surprises

    Putting the genie back in the bottle is hard, and moreover the corrective post from Joey Sneddon may cause a bit of a 'Streisand Effect'

  21. Links 12/5/2021: HAProxy Data Plane API 2.3 and Mousepad 0.5.5

    Links for the day

  22. IBM is Destroying Red Hat, Squeezing Red Hat's Work for Cash, Laying Off Staff, and Asking Staff to Resign

    Layoffs are not a new thing at IBM (hardly so in the past couple of decades or more), but they're oversensitive about the Red Hat agenda

  23. [Meme] Longing for the Original IP Kat...

    It would be nice to see more posts critical of injustice at the EPO, as we've just noted

  24. The EPO's War on Justice and Assault on the Law -- Part 2: Just Another Pro Forma Rubber-Stamping Exercise?

    Half a decade after Benoît Battistelli ‘kidnapped’ and then defamed judges (it started in 2014) António Campinos has done nothing to restore lawfulness at the EPO, as controversial referral case G 1/21 shows; in fact, they recently approved European software patents after pressure from Campinos himself

  25. Why I'm Using Just a Landline and Recalling My Richard Stallman (RMS) Interview on Working Locally or How the Signal Processor in Phones is a De Facto Back Door

    A longer-than-expected rant about what mobile phones have turned into and a look back at (or listen to) what Richard Stallman (RMS) told me way back in 2013

  26. The European Campinos Award

    The campinos (peasants) of Europe shall gather around for another ceremony championing farmers and nurses... or not

  27. Personal Thoughts About the EPO 'Kangaroo Court' Scandal

    Some unscripted and unedited thoughts about the current EPO scandal/series, which shows intervention such as stacking by António Campinos, continuing the tradition of Benoît Battistelli with his attacks on justice itself

  28. Doing Justice by Reporting Injustice

    Europe's second-largest institution, helped by Europe's largest, is engaging in a massive attack on the very concept of the Rule of Law and incredibly enough the so-called 'press' (or 'media') doesn't report on it

  29. IRC Proceedings: Tuesday, May 11, 2021

    IRC logs for Tuesday, May 11, 2021

  30. Links 12/5/2021: New Audacity and Musescore Owner Named, Microsoft May Lose "JEDI" (Trump's 'Bailout Package')

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts