Bonum Certa Men Certa

EPO and Microsoft Collude to Break the Law -- Part VIII Addendum

Video download link



Summary: The letter or the press release issued half a year ago explains the severity of the scandal we've been dealing with in recent days and will likely deal with well into April

APPENDICES or addenda typically come at the end of a series, but this time we'd like to interject for a bit, especially when covering pertinent documents alluded to previously albeit not discussed in an in-depth fashion.



"The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world."This one merits further emphasis and an explanation of context/s.

The video above is an informal discussion about this press release [PDF] which is only half a year old. It was mentioned in Part VIII and its text is as follows (we also have an HTML version here):



711.424.1

Press Release

17 July 2020

After “Schrems II”: Europe needs digital independence



After the adequacy of the “EU-US Privacy Shield” was invalidated by a recent decision issued by the Court of Justice of the European Union (CJEU), the Berlin Commissioner for Data Protection and the Freedom of Information, Maja Smoltczyk, is now calling on data processors in Berlin to move any personal data stored in the USA to Europe.

In its decision of 16 July 2020 (“Schrems II”, C-311/18), the CJEU stated that the US authorities’ access to data belonging to European citizens is too extensive. As a result, personal data may generally no longer be transferred to the USA until the legal situation changes. There are some exceptions, especially in special cases stipulated by law, such as when booking a hotel room in the USA.

One of the findings noted in the CJEU decision concerns the government surveillance measures in the USA, which involve the mass collection of personal data with no clear limitations. This contradicts the Charter of Fundamental Rights of the European Union (Paragraph 180 et seq. of the Decision). The CJEU also indicates that European citizens are unable to request a judicial review of the surveillance measures carried out by the US authorities. This violates the European fundamental right to effective legal protection.

Personal data may only be transferred to third countries that ensure a level of data protection that is equivalent to the essence of the European fundamental rights. As the findings of the highest European court suggest that is not the case in the USA, the decision issued by the CJEU has invalidated the adequacy of the “EU-US Privacy Shield”, which was previously the basis for many personal data transfers to the USA. By contrast, the CJEU has ruled that “standard contractual clauses” are admissible under certain conditions; standard contractual clauses can be established between European companies and providers in third countries to ensure the European level of data protection abroad. Before the first data transfer, however, the CJEU emphasises that both European data exporters and third-country data importers are obliged to check whether the data could potentially be accessed by government authorities in the third country in a manner that goes beyond the access rights granted under European law (Paragraphs 134 et seq. & 142 of the Decision). If such rights of access are enjoyed by the government authorities, data may not even be exported on the basis of standard contractual clauses. Any data that has already been transferred to any such third countries must be retrieved. Contrary to the prevalent practice to date, data cannot be exported merely on the basis of standard contractual clauses (Paragraph 126 et seq. of the Decision).

Press Officer: Dalia Kues

Office: Cristina Vecchi

Email: presse@datenschutz-berlin.de

Friedrichstr. 219 D-10969 Berlin

Tel.: +49 301 388 9900 Fax: +49 302 155 050




The CJEU emphasises that the data protection supervisory authorities must prohibit unlawful data exports according to these new standards (Paragraphs 135 & 146 of the Decision), and that data subjects may claim damages for the unlawful exportation of personal data (Paragraph 143 of the Decision). This may especially include non-material damage (solatia); the amount of compensation must act as a deterrent in accordance with European law.

The Berlin Commissioner for Data Protection and the Freedom of Information calls on all controllers under her supervision to observe the CJEU’s decision. Controllers who transfer personal data to the USA, especially when using cloud-based services, are now required to switch immediately to service providers based in the European Union or a country that can ensure an adequate level of data protection.

Maja Smoltczyk: “The CJEU has made it refreshingly clear that data exports are not just financial decisions, as people’s fundamental rights must also be considered as a matter of priority. This ruling will put an end to the transfer of personal data to the USA for the sake of convenience or to cut costs. Now is the time for Europe to become digitally independent.

The CJEU has explicitly obliged the supervisory authorities to prohibit all unlawful data transfers, and we gladly accept the challenge. Of course, that not only applies to data transfers to the USA, which have already been outlawed by the CJEU; we must also check whether similar or perhaps even greater problems are involved in data transfers to other countries, such as China, Russia or India”.



The above text says nothing about security incidents, which may compromise data and render it accessible to virtually everybody in the world. It happened many times in the past. The very practice of outsourcing data -- no matter if within one's national jurisdiction or outside it -- is a bad idea. They just need to hire competent security professionals, employed in-house and regulated by rules and regulations of the employer, not only national laws.

In light of new revelations we expect this scandal and its coverage to last well into springtime. This is a very big deal, not just to the EPO and to Microsoft. More people are becoming involved now.

Recent Techrights' Posts

Gemini at 3,800+
total number of known capsules at above 3.8k
Be a Navalny
We salute Mr. Navalny
 
GNU/Linux Peaking in Europe, Android Measured as Higher or More Prevalent Than Windows
Android topping Windows
For Every Action There's a Reaction
Gates lobbying Modi
Like in Africa, Android Takes Control, Raking in Almost All the 'Chips' in Asia
So Microsoft has no OS majority except in Japan and Russia (and tiny Armenia).
Links 03/03/2024: Goodbye, Navalny (Funeral Reports)
Links for the day
Gemini Links 03/03/2024: A Wild Devlog Appeared and GrapheneOS Ramble
Links for the day
Mozilla Firefox is Back in ~2% Territories, Jeopardising Its Status as Web Browser to Test/Target/Validate With
Some new stats
Now Only Has Adoption of Windows Vista 11 Flatlined/Plateaued, Now It is Going Down!
Did many people delete Vista 11 and install GNU/Linux instead?
[Meme] Russian Standards of Law: The Executive Branch Decides Everything
the president's kangaroo court
Up Next: The Tricky Relationship Between the Administrative Tribunal of the ILO and the European Patent Organisation (EPO)
We've moved from presidents who run a republic by consent to corrupt, unqualified, dictatorial officials who bribe for the seat (buying the votes)
IRC Proceedings: Saturday, March 02, 2024
IRC logs for Saturday, March 02, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Beware Imposter Sites of Techrights (Not Techrights.com or Techrights.org)
Only trust pages accessed through the domains controlled by us
Italy visa & residence permit: Albanian Outreachy, Wikimedia & Debian tighten control over woman
Reprinted with permission from Daniel Pocock
Links 02/03/2024: Actual Journalists Under Attack, More Software Patents Being Challenged
Links for the day
Gemini Links 02/03/2024: NixOS on GPD, Meson Woes
Links for the day
statCounter March 2024 Statistics (Preliminary)
Notice Asia
Links 02/03/2024: More Lawsuits Against Microsoft, Facebook Killing Hard-To-Find News
Links for the day
ZDNet (Red Ventures) Works for Microsoft (Redmond), Many Of Its Pages Are Spam/Advertisements Paid for by Microsoft
Here is the "smoking gun"
Wikipedia Demotes CNET Due to Chatbot-Generated Spew as 'Articles'; It Should Do the Same to ZDNet (Also Red Ventures, Also Microsoft Propaganda)
Redmond Ventures?
IBM Sends Money to Microsoft
Red Hat basically helps sponsor the company that's a attacking our community
The Direction WordPress (GPL) Has Taken is an Embarrassment
it comes with strings attached
When the Cancer 'Metastasises'
We had a red flag
March in Techrights (EPO Litigation and More)
One theme we'll explore a lot when it comes to GNU/Linux is the extent to which communities truly serve communities
Don't Forget to Also Follow Tux Machines
We've split the material
Yandex Usage Has Surged Since the Invasion of Ukraine, Microsoft Fell to 0.7% (It Was 1.7% Before the 'Bing Chat' Hype Campaign)
In Soviet Russia, Bing searches user
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 01, 2024
IRC logs for Friday, March 01, 2024
Sellout Completed: Linux Foundation Converging With the Gates Foundation
not a joke
Hitler Rants Parodies on Steve Ballmer
Parody created using clips from Downfall (Der Untergang)
With Windows This Low (27% of the "OS" Market), Steve Ballmer Would Have Thrown Another Chair
The media produced many puff pieces about Nadella at 10 (as CEO), but what has he done for Windows? Nothing.
[Meme] The Naked President
EPO Suffers From Shrinkage
Attacks on the EPC: Reality and Fiction
EPO leaks
Understanding Cardinal George Pell prosecution, Institutional abuse & Debian cybertorture
Reprinted with permission from Daniel Pocock
Links 01/03/2024: Many More Layoffs, "Funerals" for Software Patents in the US
Links for the day
Gemini Links 01/03/2024: OFFLFIRSOCH 2024 and Dark Streets Tech Demo
Links for the day
Links 01/03/2024: Navalny Funeral and Media Under Attack
Links for the day
Gemini Links 01/03/2024: Making Art and the Concept of Work Management
Links for the day
Schriftleitergesetz: Hiding the Holocaust with censorship
Reprinted with permission from Daniel Pocock
[Meme] His Lips Moved
Here is your national "news" for today
statCounter: GNU/Linux Exceeded 6% in Asia Last Month (Compared to 4% Just 12 Months Earlier)
numbers may be biased
What the End of Journalism Looks Like
All on the same day
Links 01/03/2024: Microsoft 'Retiring' More Services and Raspberry Pi Celebrates 3rd Birthday (Launched on February 29th, 2012)
Links for the day
Women's Empowerment
Sponsored by Bill Gates
Gemini Links 01/03/2024: Speed Bumps and Analog Stuff
Links for the day
[Meme] Those Greedy EPO Examiners
Says the litigation industry, charging 300 euros an hour per attorney
EPO Discriminates Against Families of Its Own Workers, the Union Explains Legal Basis Upon Which It's Likely Illegal and Must be Challenged
To the Council, the EPO boasts about its wealth (seeking to impress by how much breaking the law "pays off")
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, February 29, 2024
IRC logs for Thursday, February 29, 2024
Links 01/03/2024: Misuse of Surveillance Against UK-Based Journalism, EPO Conflict Now in the Media
Links for the day
Taking a Break From Paid Promotion of the Illegal, Unconstitutional Kangaroo Court for Patents (UPC)
JUVE returns to its 'roots'?