Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part VI: A Not-so-safe Harbour

Previous parts:



Safe Harbour
Thanks to the efforts of Max Schrems, the Safe Harbour Agreement was invalidated in October 2015



Summary: Examining the so-called 'Safe Harbour' Agreement, which was neither safe nor a harbour

To ensure that the personal data of European citizens was protected in a manner complaint with EU data protection regulations after it had been transferred to the USA, deals such as the Safe Harbour Agreement and the EU-US Privacy Shield were drafted and implemented to address the shortcomings of nationwide data protection in the USA.



As it turned out, these agreements did not last very long. The Court of Justice of the EU (CJEU) overturned them both because in practice they did not live up to the agreed data protection standards.

These CJEU rulings were a slap in the face for the politicians in the European Parliament who had rubber-stamped the agreements despite warnings from data protection advocates.

The CJEU judgements also gave a clear indication that future agreements of this kind must deliver genuine data protection if they are to be upheld.

"On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side."This effectively creates an impasse because US providers are subject to American legislation such as the PATRIOT Act, the USA FREEDOM Act, and the CLOUD Act, which are designed to ensure that US authorities and intelligence agencies have access to personal data of EU citizens.

On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side.

However, in July 2000, in the context of an examination of the adequacy of the protection of personal data transferred to other countries, the European Commission took the position that the "Safe Harbour" principles developed by the US were in compliance with Article 25 of the EU Data Protection Directive 95/56/EC and would provide "adequate protection" for the transfer of personal information from the EU to the US.

The European Commission thus gave approval for transfers of personal data to the US by means of executive decision no. 2000/520/EC, the so-called "Safe Harbour decision".

However, in 2013 this decision was called into question by the Snowden revelations.

The game was over on 6 October 2015 when the CJEU delivered its judgment in the case of Maximillian Schrems v Data Protection Commissioner.

"...in 2013 this decision was called into question by the Snowden revelations."In this judgment the Court invalidated the European Commission's Safe Harbour Decision, because "legislation permitting the public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life".

Maximillian Schrems
Max Schrems in front of the office of the Irish Data Protection Commissioner in Dublin



This landmark judgment of the CJEU in data protection matters which is colloquially known as "Schrems I" was largely due to the efforts of one individual, the Austrian activist and author Maximilian "Max" Schrems who had initiated a legal action in his capacity as a Facebook user claiming that his Facebook data were insufficiently protected.

In essence Schrems argued that the Safe Harbor system would violate his fundamental right to privacy, data protection and the right to a fair trial under the Charter of Fundamental Rights of the European Union.

The striking down of the Safe Harbour Decision by the CJEU resulted in further talks between the EU Commission and the Obama Administration aimed at establishing "a renewed and sound framework for transatlantic data flows".

The outcome of these talks was a revised framework for regulating transatlantic exchanges of personal data which became known as the EU-US Privacy Shield.

"...the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems."The European Commission approved the Privacy Shield on 12 July 2016 and it entered into effect the same day.

However as we shall see in the next part, the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems.

Recent Techrights' Posts

The "D" in Debian Stands for Dictatorship That Extends to Censorship at DNS Level
Of course the registrar, which charged for domains until 2025, just went along with it
 
Links 25/05/2024: Section 230 and Right of Publicity Violations by Microsoft (Which Attacks Performance Artists)
Links for the day
[Meme] No Microsoft
For fun!
Microsoft Windows Falls to New Lows in Poland
It may mean people delete Windows from relatively new PC
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: An Introduction
The campaign of coercion (or worse) started in 2021
Cybersecurity and Infrastructure Security Agency (CISA) Getting Stacked by Microsoft
it lets Microsoft write policies
The Parasitic Nature of Microsoft Contracts
Stop feeding the beast
Gemini Links 25/05/2024: Emacs Windows 2000 Screenshots and Little Languages
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 24, 2024
IRC logs for Friday, May 24, 2024
Ireland Exits Microsoft's Vista 11
Microsoft can't be doing too well in Ireland because Microsoft had tons of layoffs in that country last year
A Recognition for Hard Work
Running this site is a lot of work
The Web We Lost...
Vintage War Censorship Poster...
Daniel Pocock (IND) in European Election Debate
In this segment he speaks of the effects of social control media and phones on children
[Meme] Next Target: Sub Domains
Deb.Ian.Community
In Republic of (South) Korea, as of This Month, Android Climbs to Record High of 48%
Judging by statCounter anyway
"Linux" is Second-Class Citizen at IBM
sends the wrong message to Red Hat staff and Red Hat clients
Links 24/05/2024: More Software Patents Invalidated (US), New Fights to Protect Free Speech
Links for the day
"You Touched the Wrong Lady"
What Rianne wrote more than 8 months ago
Links 24/05/2024: Layoffs at LinkedIn and Election Interference Via Social Control Media
Links for the day
Getting a 'Thank You' From Software Freedom Conservancy (SFC) Will Cost You $5,000 to $30,000 (Same as Last Year)
Right now one of their associates (SFC) tries to spend money to censor us
KDE Neon Weirdness
Reprinted with permission from Ryan Farmer
Congratulations to Sirius Open Source, Still Claiming to Employ People Who Left Half a Decade Ago (or More!)
What signal does that send to con men?
[Meme] Bluewashing
Cent OS? No more.
IRC Proceedings: Thursday, May 23, 2024
IRC logs for Thursday, May 23, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Tenfold Increase for ChromeOS+GNU/Linux in Brunei
Brunei Darussalam is a country most people don't know about and never even heard about
Coming Soon: Another Round of 'Cancel Stallman' Chorus
The series required a great deal of patience
Links 23/05/2024: SeekOut Collapsing and Why Microsoft Probably Isn’t Going to Buy Valve
Links for the day
Gemini Links 23/05/2024: The Allure of Vinyl
Links for the day
linuxsecurity.com Still At It! 98% Probability Chatbot Generated, According to GPTZero!
"The Internet is mostly made by AI... but that's ok, it's all being deleted anyway."
Links 23/05/2024: Apple Responds to Streaming Music Fine, DOJ to Sue Live Nation
Links for the day
Links 23/05/2024: UK General Election and Archival
Links for the day
[Video] 3 Major Issues in Nationwide, Including (Potentially) a Major Data Breach
'electronic-bank' security has become the joke of the town
[Meme] Pointing Out Corruption Isn't a "Hate Crime"
The European Commission's reflexive (re)action to any sort of doubt or criticism
More Evidence in "iLearn AI Day" (a Buzzwords Festival) That EPO Intends to Eliminate Staff and Deviate Further Away from Fairness, Law, and Constitutions (Including Its Own!)
The EPO is a very potent danger to Europe's unity and the very concept of lawfulness. It exists to serve international monopolists and patent lawyers.
Microsoft's Windows Has Fallen Below 3% in Democratic Republic of the Congo (100+ Million Citizens)
Microsoft's sharp fall in Congo
The Real Reason Censorship is Attempted Against Us (and Against Others Too)
Microsoft's Windows market monopoly was in trouble
You Are Not The Only One
Reprinted with permission from Cyber Show (C|S)
GNU/Linux in Monaco: From 0.3% to Almost 6%
Monaco is a small country
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 22, 2024
IRC logs for Wednesday, May 22, 2024
Microsoft Has Lost Cote D'ivoire (Ivory Coast), Where Android Now Exceeds 60% of the Operating Systems' 'Market Share'
According to statCounter anyway
The Rumour Said Later Today Red Hat (IBM) Might Announce Layoffs
Let's see what happens later today (or next week)
Governments That Fail Journalism
Australia is known for giving us pure garbage like Rupert Murdoch
Windows Has Fallen From 'Grace'
When you tell people that Microsoft watches their every move in Windows many of them will freak out and ask for alternatives