EU-US Data Privacy Framework to face serious legal challenges, experts say:
Nine months after US President Joe Biden signed an executive order that updated rules for the transfer of data between the US and the EU, the European Commission this week ratified the EU-US Data Privacy Framework. Industry experts, however, say it will be challenged at the European Court of Justice (CJEU), and stands a good chance of being struck down.
The move comes three years after the CJEU shut down the previous EU-US data sharing agreement, known as Privacy Shield, on grounds that the US doesn't provide adequate protection for personal data, particularly in relation to state surveillance. In 2015, a previous attempt to forge a data sharing pact, dubbed Safe Harbor, was also struck down by the CJEU.
The President of the European Commission, Ursula von der Leyen, said the new framework should provide "legal certainty" to transatlantic businesses, calling the commitments "unprecedented."
[...] However, industry experts expect the accord to face a plethora of legal challenges from privacy advocates before ultimately being struck down like its predecessors.
"We have various options for a challenge already in the drawer, although we are sick and tired of this legal ping-pong," said Max Schrems, an Austrian lawyer and privacy activist who founded NOYB (None of Your Business) – European Center for Digital Rights. In 2016 and 2020, Schrems initiated legal proceedings against Safe Harbor and Privacy Shield, respectively, which led to the CJEU invalidating both agreements.
"We currently expect this to be back at the Court of Justice by the beginning of next year," Schrems said in a statement published on NOYB's website.
Related Stories
Spying has always been limited by the need for human labor. A.I. is going to change that:
Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.
Before the internet, putting someone under surveillance was expensive and time-consuming. You had to manually follow someone around, noting where they went, whom they talked to, what they purchased, what they did, and what they read. That world is forever gone. Our phones track our locations. Credit cards track our purchases. Apps track whom we talk to, and e-readers know what we read. Computers collect data about what we're doing on them, and as both storage and processing have become cheaper, that data is increasingly saved and used. What was manual and individual has become bulk and mass. Surveillance has become the business model of the internet, and there's no reasonable way for us to opt out of it.
Spying is another matter. It has long been possible to tap someone's phone or put a bug in their home and/or car, but those things still require someone to listen to and make sense of the conversations. Yes, spyware companies like NSO Group help the government hack into people's phones, but someone still has to sort through all the conversations. And governments like China could censor social media posts based on particular words or phrases, but that was coarse and easy to bypass. Spying is limited by the need for human labor.
A.I. is about to change that.
[...] We could limit this capability. We could prohibit mass spying. We could pass strong data-privacy rules. But we haven't done anything to limit mass surveillance. Why would spying be any different?
Related:
- A Controversial US Surveillance Program is up tor Renewal. Critics are Speaking Out.
- Debunking the Myth of "Anonymous" Data
- EU-US Data Privacy Framework to Face Serious Legal Challenges, Experts Say
(Score: 2) by driverless on Wednesday July 19 2023, @11:47AM (2 children)
Why does the US government feel the need to vaccuum up Europeans' PII? There doesn't seem to be any need to do this except for state surveillance. I like India's approach, "if you want to do business here you need to keep the data in India", doesn't seem to have been too hard to do.
(Score: 3, Insightful) by requerdanos on Wednesday July 19 2023, @02:06PM (1 child)
As I understood the article, it's not that the US wants the data so much as that US law does not guarantee privacy at all, and particularly not in the way that European regulations do. Apparently in the US, privacy is derived from the fourth amendment to the constitution, which is merely a prohibition on search and seizure without a warrant.
(Score: 2) by Freeman on Wednesday July 19 2023, @02:59PM
This seems to be a nice quick general overview of the basis of privacy in the US Constitution. https://constitutionus.com/constitution/rights/the-right-to-privacy-in-the-constitution/ [constitutionus.com]
When all is said and done, unless the power was specifically given to the Federal Government, or the State Government. Then, the power should be with the people. Thus, there are no constitutional rights for the government to hoover up all of my data. Unfortunately, with a computer is a thing and Judges/laws are slow to process. So, when we have something like Google that's barely existed for a couple of decades and the likes of AI, which has only taken off in the last year or two. There's plenty of room for screw-ups.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2, Insightful) by Anonymous Coward on Wednesday July 19 2023, @11:48AM (1 child)
They really want to wear us out. It’s probably pocket money for the Industry to lobby the European Commission, who forwards bills to the European Parliament or (unclear to me in this case?) simply adopts treaties.
And every time it takes an unreasonable effort for the people, through non-profits most of the time, to get something reverted in the people’s favour.
The EU is possibly the best in history for Europe, but it’s still a long way from being ideal.
(Score: 2) by quietus on Wednesday July 19 2023, @07:49PM
(Score: 5, Insightful) by inertnet on Wednesday July 19 2023, @12:59PM (2 children)
When I grew up in the 60's and 70's, "never again" meant that governments should never be allowed to store data on citizens that they don't need. European privacy laws are based on this, you can only store data that you need for providing your service, and you should delete any details whenever they're not required anymore.
This goes back to WWII, when the German occupiers could simply go to municipalities and get a list of all addresses where Jews lived. That's the meaning of "never again", a term I heard a lot growing up, we cannot let this happen again.
This line of thinking simply can't be in accordance with broad data sharing between governments.
(Score: 4, Touché) by Freeman on Wednesday July 19 2023, @03:01PM
Unfortunately, those that had direct involvement in the World Wars are pretty much all dead. Newer generations are extremely happy to let TikTok, Facebook, Meta, Microsoft, et al, have direct access to their bank account. Let alone, not letting them keep dossiers on themselves.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: -1, Troll) by Anonymous Coward on Wednesday July 19 2023, @10:11PM
You'd think it wasn't possible to revise the meaning of a two word reminder like "NEVER AGAIN", but fuck you're a hard working protofascist*. It's not what it meant in 1979, 1960, or even in 1948. Descendants of the survivors of Dachau will rightly punch you if you say that shit near them without a team of MAGAhat buddies around you.
Auschwitz got all the fame, but the memorial at Dachau is much more suited to task.
*dead giveaway: you take Jordan Peterson seriously