back to article Rights warriors slam US-Europe pact on personal info slurp, urge reforms

Civil liberty groups have decried the new Privacy Shield agreement that covers people's personal data flowing between Europe and the United States. The rights warriors argue that there needs to be "substantial reforms" to it in order to protect individuals' fundamental rights. In a letter [PDF] to a number of top-ranking …

  1. Mephistro

    "...there is little to nothing that EC officials can do about US legislation..."

    On the other hand, American IT and services companies will have to do something or they'll go bust in a few years, when the EU courts thrash the Privacy Shield* agreement.

    It would be nice watching the politicos and their entourages using Economy class and YMCA hotels in the next election. ;-)

    * A misnomer, if I've ever heard one.

    1. Doctor Syntax Silver badge

      Re: "...there is little to nothing that EC officials can do about US legislation..."

      " Privacy Shield* agreement.

      * A misnomer, if I've ever heard one."

      Just call it the Privacy Fig Leaf because that's all it is.

    2. Captain DaFt

      Re: "...there is little to nothing that EC officials can do about US legislation..."

      " Privacy Shield* agreement.

      * A misnomer, if I've ever heard one."

      Since it's real purpose is to shield American spooks and corporations from privacy protection laws, I'd say it's apt.

  2. Anonymous Coward
    Anonymous Coward

    Even discounting the mass surveillance bit, it's a waste of time. IF you find out that your data has been slurped and misused and IF you can prove it, that only gives you the right to spend the next decade being outgunned in courts.

  3. Anonymous Coward
    Anonymous Coward

    Change in the US can only come from the inside. If people, companies and organisations over here in the EU refuse to let their data be handled by US companies said US companies will very quickly start putting pressure on the US political toadies to change things. When the bribes political donations dry up for the politicians in the US they will start listening and, hopefully, get things right for their people for once.

    1. Mark 85

      There's only one problem with this.. it's the companies running this show. We know what they want and they will lobby heavily both here in the US and the EU.

      We, the people, have a snowball's chance in hell.. Sure, we can vote in a new guy.. but he/she will be just like or end up just like the old one. With the way Congress is set up, it take a minimum of 12 years to invoke massive change in that body. With the attention span of the average voter, that change will never occur.

  4. Anonymous Coward
    Anonymous Coward

    Meh...

    I know I will get down voted for speaking the truth...

    I have more to fear from some hacker in an Eastern/Slavic country who would steal my identity and commit fraud, than I do from my government spying on me. That's more of a reason to have strong encryption and firewalls, etc ...

    I'm not some paranoid git with a tin foil hat. Assume that you're already on a watch list by some government agency, and that they are already listening in on your conversations. So what? I have a better chance of being struck by lightening, winning the lottery, or getting lucky w Kate Upton than I do of being hauled in by the UK or US government. The same can't be said about identity fraud.

    If the NSA / CIA / FBI were to want to do a warrant-less wiretap, it can be done at the switch, so how would you know? They can mimic cell towers and capture the cell traffic. So just assume that they are doing it. Fight the battles you can win. Here in the US, I fear the Democrats more than I fear the Republicans (except Trump whom I really fear), to be more abusive of government power.

    Now balance that with the fact that in Belgium there was a police raid on a building that had ties to the Paris massacre... Do you want to limit the authorities in stopping bad actors?

    I don't know the answer, but I fear we will lose some of our liberties in the name of safety.

    Just saying...

    1. Adam 52 Silver badge

      Re: Meh...

      You are only less likely to be targeted because of the protection the law offers - citizens in East Germany certainly weren't at low risk from the stasi.

      Our intelligence services have quite a long history of blackmail, it's one of their most useful tools.

      I agree it's impossible to prevent the intelligence agencies, but you can make it harder. If it's illegal then they have to be more careful, perhaps only targetting those where the risk is worth it rather than everyone. What we're arguing here is about requiring companies to obey the law and not weasel around it.

    2. Yet Another Anonymous coward Silver badge

      Re: Meh...

      AC it isn't about protecting you from American 3letter agencies.

      Even without data being offshored your own national spy agency will happily hand over the data to them. It's about the US having no rules about what companies can do with the data.

      NHS medical records and prescription data get sent to a US company that aggregates them and decides that you are a poor health risk, they sell this info to your bank who decide that your life insurance or mortgage rates are going up.

      Your alcohol purchases and vehicle use data from ANPR cameras get sold to your car insurance company. In the Eu they cant use this personal data - but they can ask now for advice on your premium from their US office.

    3. Graham Marsden
      Thumb Down

      @AC - Re: Meh...

      I've downvoted you because you miss the entire point about Human Rights and Civil Liberties and trotting out a variant on the "I have nothing to hide" nonsense we hear so often.

      These protections are there for *everyone's* benefit, including yours (whether you want them or not). More importantly, YOU do not have the right to decide that OUR Rights should be treated with such disdain simply because you don't understand how important they are.

      > I fear we will lose some of our liberties in the name of safety.

      Do I really need to quote Ben Franklin again...?

  5. Doctor Syntax Silver badge

    "Unfortunately it is a wholesale redrawing of US law – something which seems a little beyond the influence of EU policymakers."

    What isn't beyond EU policymakers is to simply say no to data transfers until the US behaves itself. If US corporations wish to do business with EU nationals then they must follow EU standards. Either they buy themselves a better government or follow Microsoft's lead here: http://blogs.technet.com/b/ralfwi/archive/2015/12/08/microsoft-cloud-in-germany.aspx

    1. This post has been deleted by its author

    2. Fred Flintstone Gold badge

      What isn't beyond EU policymakers is to simply say no to data transfers until the US behaves itself.

      Although I'd agree, there are three problems with that.

      1 - MASSIVE amounts of companies and people have fallen for the "your data is safe with us, we're the nice guys" ruse of the bigger data thieves such as Google and Facebook, or do you really think that any mention of the word "security" in any conversation is for YOUR benefit? That's not something that will unwind itself quickly, especially since myth 2 prevents company management from switching: it's "cheaper" (until it fails). If even the UK government uses Google for data internal to the government, what chance does the average citizen have? In that context I would like to visit a pox on companies that use things like Facebook and Twatter for their only customer interface because it forces their customers to agree to their onerous terms just to get support (we've canned 3 companies over the last month alone for trying this one).

      2 - We don't have the same size companies here. The massive benefit of the US market is that it's unified, whereas in the EU we still basically have a lot of legislative islands. This means if you can spin up a company fast enough in the US (read: solve an actual problem and have lost of investor cash to keep pushing), you can become big VERY fast to the point that you can more or less buy the laws you have been ignoring up until that point. You can't do that in Europe, which makes for better and more ethical products but it makes it harder to get something sizeable off the ground. Not impossible, but *a lot* harder.

      3 - the problem in the US is legislation, and that is not exactly a trivial one to fix. You cannot undo a mess that took over 2 decades to grow in a few years, especially not by proxy from the outside.

      In that respect I laugh at the whole Privacy Shield idea: it's yet another ruse with a fancy name, but it is only a ruse, a mirage, a fiction. It is a political fix to for what is in effect a massive legal problem that cannot be fixed overnight.

      Personally I'd prefer a holding pattern: no NEW services should be bought. Let be what is, and make people aware so they can exit the companies that use US resources, but make it impossible to buy NEW services. A slowing down revenue stream is far more effective than quick fixes because it cannot be explained away as a blip, it's a trend. And a trend is scary for people who are 90% emotional. (apologies for referring to this article again, but it's worth reading - not because of Trump, but because of the fairly sensible assertion behind it).

  6. Anonymous Coward
    Anonymous Coward

    The internet, a bright shinning beacon of our future, ever more optimistic than ever- NOT!

    1. Privacy Weld...

    2. Toxic Internet (mal-vertising)...

    3. Today's internet = Idiocracy (2006)....Once the exclusive domain of techies like you and me, the net is now overrun by cat enthusiasts and corporations. The latter are pwning it via TTIP / TPP / TISA..... The former are marks that will never realize their 'Flash' ultrabook is actually pwned by hackers & scammers running bonnets & click-fraud on an industrial scale, along with their Android 'infested' smartphone which routes all their login-info to some MITM!

  7. Anonymous Coward
    Anonymous Coward

    Privacy Wield... This serf doesn't surf much anymore...

    *-- Privacy Wield along with Windows-10 slurping, means I no longer offer tech support to family / friends anymore... I'm sick of helping those who just keep behaving like privacy slaves / windows zombies!

    *-- That’s a big change for me! Its not a welcome move either to those who relied on me before. But if more of us late-night informal tech support guys stopped filing in for Microsoft / Google etc, maybe it would be a catalyst of change....

    *-- After all, its not like M$ has offered after-sales service in two decades, or Google has ever given back to us techies. We grunts have gone unpaid for far too long, saving Microsoft, Google, Adobe, AV-firms and others a future.

    *-- Fuck that for good! Go Linux, Go DuckDuckGo, Go Open Source, or game over! It won't fix EU-US data-sharing, but it might cut-down on some on the overall slurping...

  8. Eclectic Man Silver badge

    Human Rights

    The USA does not acknowledge the concept of "Human Rights", and has not, as far as I am aware, signed up to the UN declaration of Human Rights. They allow for citizens' rights, but only for citizens of the USA. Everyone else is at the hazard of uncle Sam's whim.

    If a company can obtain financial benefit form use of people's personal information acquired by their government, then why not? After all Dick Cheney was head of Haliburton, became USA Vice President under George W Bush, who gave the contracts for 'rebuilding' Iraq after the fall of Saddam Hussein to ... yup, you guessed it, Haliburton. And no-one at all in the USA seems to have complained about this.

    The USA also does not accept the jurisdiction of the International Criminal Court, because they are worried that their citizens would be prosecuted in it. In effect they are behaving like every major power in history. If it cannot be forced upon them they are not going to play by anyone else's rules.

    1. Anonymous Coward
      Anonymous Coward

      Re: Human Rights

      The USA does not acknowledge the concept of "Human Rights", and has not, as far as I am aware, signed up to the UN declaration of Human Rights.

      Not quite: the US was one of the organisations to vote in favour and part of the original group of adopters (granted, not that you'd notice). I suspect you may confuse this with the Convention on the Rights of the Child which the US has refused to ratify, a fact capitalised on by its industry by enabling the use of data of anyone over 13 as if they are at that age competent to make an informed decision, especially about privacy versus publicity.

  9. Graham Marsden
    Holmes

    "the US must formally commit...

    "...to substantial reforms to respect human rights and international law,"

    And on that day, Satan will be seen ice-skating to work.

  10. EnviableOne

    EU Directive 95/46/EC - article 25

    " transfer may take place only if ... the third country in question ensures an adequate level of protection.

    2. The adequacy of the level of protection afforded by a third country shall be assessed in ... particicular consideration to ... the rules of law ... in force in the third country in question and the professional rules and security measures which are complied with in that country."

    so if the LAWS of a third country are inadequate, as the EUCJ - Schrems judgement states the US ones are, then no data transfers can take place untill such time as this is remedied.

    Under GDPR its even stricter, enforcing the same rights available under GDPR must be available in the third country, but it allows for individual regions within the countries, so if state legeslation passes GDPR, then specific states could support transfers but not the US as a whole.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon