The European Union no longer considers the United States a “safe harbor” for data because the National Security Agency surveillance exposed by whistleblower Edward Snowden “enables interference, by United States public authorities, with the fundamental rights of persons.”
The EU’s highest court, the Court of Justice, declared on Tuesday that an international commercial data-sharing agreement allowing U.S. companies free-flowing access to large amounts of European citizens’ data was no longer valid.
As Snowden revealed in 2013, the NSA has been interpreting section 702 of the Foreign Intelligence Surveillance Act as giving it license to intercept Internet and telephone communications in and out of the U.S. on a massive scale. That is known as “Upstream” collection. The NSA is not required to demonstrate probable cause of a crime before a court or judge before examining the data. Another 702 program, called PRISM, explicitly collects communications of “targeted individuals” from providers such as Facebook, Yahoo and Skype.
When Max Schrems, an Austrian law student, learned about Snowden’s revelations, he argued that Facebook was ignoring stronger European privacy laws when it sent his data from its European headquarters in Ireland back to the United States, where it was being intercepted by the NSA. Schrems wrote that the lawsuit he launched against Facebook was about “transparency” and “user control” because he could not determine what was being done with his data—which goes against the European Union Charter of Fundamental Rights.
The ruling was seen as posing a major obstacle for U.S.-based technology companies like Facebook, Google and Yahoo, whose business models require moving massive amounts of data back and forth between the U.S. and Europe.
What’s not yet clear is what they can do about it.
Full article: Top European Court Rules That NSA Spying Makes U.S. Unsafe For Data (The Intercept)