Bonum Certa Men Certa
Links 14/3/2021: KDE Gear 21.04 Branches, Anger Over EPO Statement on EQE | The (e-)EQE Statement From the EPO Makes Things Even Worse as Victims of the Catastrophic Exam Feel Offended and Angry

EPO and Microsoft Collude to Break the Law -- Part VI: A Not-so-safe Harbour

Previous parts:



Safe Harbour
Thanks to the efforts of Max Schrems, the Safe Harbour Agreement was invalidated in October 2015



Summary: Examining the so-called 'Safe Harbour' Agreement, which was neither safe nor a harbour

To ensure that the personal data of European citizens was protected in a manner complaint with EU data protection regulations after it had been transferred to the USA, deals such as the Safe Harbour Agreement and the EU-US Privacy Shield were drafted and implemented to address the shortcomings of nationwide data protection in the USA.



As it turned out, these agreements did not last very long. The Court of Justice of the EU (CJEU) overturned them both because in practice they did not live up to the agreed data protection standards.

These CJEU rulings were a slap in the face for the politicians in the European Parliament who had rubber-stamped the agreements despite warnings from data protection advocates.

The CJEU judgements also gave a clear indication that future agreements of this kind must deliver genuine data protection if they are to be upheld.

"On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side."This effectively creates an impasse because US providers are subject to American legislation such as the PATRIOT Act, the USA FREEDOM Act, and the CLOUD Act, which are designed to ensure that US authorities and intelligence agencies have access to personal data of EU citizens.

On top of this, there is also the concern and suspicion that commercially lucrative data from the EU can (and will) be tapped on the American side.

However, in July 2000, in the context of an examination of the adequacy of the protection of personal data transferred to other countries, the European Commission took the position that the "Safe Harbour" principles developed by the US were in compliance with Article 25 of the EU Data Protection Directive 95/56/EC and would provide "adequate protection" for the transfer of personal information from the EU to the US.

The European Commission thus gave approval for transfers of personal data to the US by means of executive decision no. 2000/520/EC, the so-called "Safe Harbour decision".

However, in 2013 this decision was called into question by the Snowden revelations.

The game was over on 6 October 2015 when the CJEU delivered its judgment in the case of Maximillian Schrems v Data Protection Commissioner.

"...in 2013 this decision was called into question by the Snowden revelations."In this judgment the Court invalidated the European Commission's Safe Harbour Decision, because "legislation permitting the public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life".

Maximillian Schrems
Max Schrems in front of the office of the Irish Data Protection Commissioner in Dublin



This landmark judgment of the CJEU in data protection matters which is colloquially known as "Schrems I" was largely due to the efforts of one individual, the Austrian activist and author Maximilian "Max" Schrems who had initiated a legal action in his capacity as a Facebook user claiming that his Facebook data were insufficiently protected.

In essence Schrems argued that the Safe Harbor system would violate his fundamental right to privacy, data protection and the right to a fair trial under the Charter of Fundamental Rights of the European Union.

The striking down of the Safe Harbour Decision by the CJEU resulted in further talks between the EU Commission and the Obama Administration aimed at establishing "a renewed and sound framework for transatlantic data flows".

The outcome of these talks was a revised framework for regulating transatlantic exchanges of personal data which became known as the EU-US Privacy Shield.

"...the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems."The European Commission approved the Privacy Shield on 12 July 2016 and it entered into effect the same day.

However as we shall see in the next part, the Privacy Shield turned out to be rather porous and it was also struck down by the CJEU in July 2020 in the context of a further legal challenge mounted by Max Schrems.

Links 14/3/2021: KDE Gear 21.04 Branches, Anger Over EPO Statement on EQE | The (e-)EQE Statement From the EPO Makes Things Even Worse as Victims of the Catastrophic Exam Feel Offended and Angry

Recent Techrights' Posts

The Importance of a Resilient Partner
Rianne's mental strength is something I both admire and sometimes envy
Dakota Chambers says “the year of Linux on the desktop” is next year (6 weeks from now)
Six weeks from now it is 2026 already
 
Links 20/11/2025: Esperanto Music History and "Hacking the URL Schema"
Links for the day
Links 20/11/2025: Phone Distraction Causes Ferry's Crash, Lots of Negative Press for Slop (Consensus Shifting)
Links for the day
Links 20/11/2025: Python Risk From Rust Activists, "Climate Change is Biggest Security Threat"
Links for the day
Links 20/11/2025: Cloudflare Outage Post Mortem and Tesla Robotaxi "Safety"
Links for the day
More Layoffs, Shutdowns Connected to Microsoft's XBox and Gaming Failure
sales flounder
Geminispace/Gopher Links 20/11/2025: Nagless, VPS, and Java
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 19, 2025
IRC logs for Wednesday, November 19, 2025
Some People Still Being RAd at IBM This Week, According to Unverified Claims Online
IBM is misleading shareholders
Gemini Links 19/11/2025: FlatCube, uBlock Origin, and More
Links for the day
Luis Berenguer Giménez Claims to Still be at the EPO (European Patent Office), Even After His Replacement Following Cocaine Bust
Look what sort of culture Campinos imported from the EU (EUIPO) to Bavaria
Censorship Doesn't Always Work
Somehow we've managed to attract the wrath of some large corporations and organisations
The Media Explains to Us Why It's Dangerous to Cover EPO's "Cocainegate"
Does the EPO command the European media?
Fake News Sites Made by LLMs Are Lying With Confidence (IBM and Red Hat Layoffs)
Slop just doesn't work
Microsoft Lunduke Publicly Attacking Linus Torvalds Says a Lot About 4Chan Cult(ure)
find some issues that sites like ours habitually explore/investigate/revisit, then add some lunatic spin on top of them
Europe Talks About "Digital Sovereignty" and Free Software in Europe is Where Things Should Start
Time will tell if anything concrete can emerge from the above, as media reports certainly have not, at least not in English
Links 19/11/2025: Lawfare Against Greenpeace, Major British Newspaper Caught Using LLM Slop
Links for the day
Links 19/11/2025: "Corporate-Government Censorship" by App Stores (Says ACLU) and Invalidation of Patent Trolls' Patents Sought
Links for the day
Links 19/11/2025: Several Sites Admit Slop Bubble "About to Burst", US Government Tacitly Endorses Assassination of Journalists
Links for the day
GNU/Linux Up to 5% in analytics.usa.gov, Apple and Microsoft Only Sell Fantasies
As for Microsoft, it tries to rebrand Windows as "AI" something or "agentic" (AI) something because it's not selling well and Microsoft needs to engage in "creative" storytelling with shareholders
They Want to Take Humour Away
If society starts gravitating towards jokes being taboo and abuse/violence/online trolling being "jokes" (they're not), we're worse off and more like North Korea
The New Stack, Sponsored by Microsoft: Pay Us Money to Read Promotion of Slop Composed by Microsofters to Sell Their Proprietary Slopware
it's a self-promotional plug for someone who came from Microsoft
Claims That IBM Research Brazil is Shutting Down, Japan Impacted Also
As usual, the corporate media won't mention this
Links 19/11/2025: Google Nest Surveillance and Daily Telegraph Still Up for Sale
Links for the day
Gemini Links 19/11/2025: "Slack is a Sauna" and ClaudeBot Nuisance
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 18, 2025
IRC logs for Tuesday, November 18, 2025
"GNU/Linux" No Longer a Pandora's Box
Cannot even make or crack a joke... when you have a target painted on your back
We Don't Keep Logs
Not for any considerable length of time
Wall Street Journal is Publishing Puff Pieces About Quantum
For IBM [...] a lot of articles about "AI" are basically a form of spam
Is the Lid Being Shut on Top of LLM Slop?
It sort of "feels" like slop is becoming passé
Celebrating Digital Sovereignty
Digital Sovereignty is connected very closely to the concept of Software Freedom
Your Web Site is Connected to the Net and the Server is Powered On, But Cloudflare Takes It All Down
Anything outsourced means that yet another party can get things wrong, resulting in problems for everyone else "in the chain"
The Register's Latest Slop Spam, Another Paid-for Article to Inflate the Bubble
Remember when celebrities advertised FTX?
Quite a Few Red Hat Layoffs These Days (or Departures)
Remember that if there are Red Hat Layoffs, they won't be called "Red Hat Layoffs" but instead be "IBM RAs" or some thing to that effect
Today is an Excellent Day To Remind People to Dump Clownflare (Cloudflare)
If people think that Clownflare (Cloudflare) will improve uptime and make access better (it sure makes accessibility far worse), remind them of all the times this clown show goes wrong, taking down with it a lot of the Web
Links 18/11/2025: Asbestos Fears, Delays for GAFAM Undersea Cable
Links for the day
Links 18/11/2025: "Bitcoin Showing Signs of Severe Collapse" and CEOs of GAFAM Finally Speak About a Slop Bubble
Links for the day
The "Nazi Bars"
We don't condone or condemn the label "Nazi Bar"
Apparent Red Hat Layoffs in "AI" (Supposedly a Strategic Area for IBM)
What is going on there?
TV Programmes in Geminispace
Sort of like teletext except more cross-platform
Gemini Protocol as a Growing Source of Audience (Mostly Technical People)
Clients for Gemini Protocol are available for almost every platform imaginable
Techrights' Assessment of Red Hat Layoffs in 2025 (Yes, They Happened!)
In short, Red Hat layoffs did occur this year, but even when they did the media did not mention these (and those would count as "IBM" regardless)
The GPU Bubble (GPUs Marketed by Useless Slop)
"they're selling GPUs for the sake of selling GPUs"
EPO Change May be Afoot, Keep Pushing and Hold Those Feet to the Fire
Backlash is brewing and societal trends reinforce backlash right now
Links 18/11/2025: CISA Advisories, Climate, "U.S. Layoffs Surge and Blaming AI is Part of the Smokescreen"
Links for the day
Gemini Links 18/11/2025: "Block Them All", Annex, Signed Commits, and "Cryptography of the Internet"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 17, 2025
IRC logs for Monday, November 17, 2025
Right Under the Nose of Mainstream Media
That the media fails to cover the matter mostly speaks volumes about the media
Formalities Officers at the EPO Face Uncertain Future, Administration Gets Asked About That
They're being too polite (perhaps) to people whose agenda is detrimental not just to the EPO but also the EPC