The EU Court of Justice ruled Thursday that the bloc will not share data with the USA under the Privacy Shield agreement, citing intrusive surveillance laws in the United States. iStock photo
In rebuke to US mass surveillance, EU court blocks data transfers by web corporations
by Julia Conley – Common Dreams
A major ruling from the European Union’s top court on Thursday curtailed US authorities’ power to surveil the personal data of Europeans and is being called a victory for privacy rights and a call for US lawmakers to roll out sweeping surveillance reforms.
The EU Court of Justice invalidated a transatlantic data protection deal with the US, ruling that European data is not safe when shared with US tech companies via the 2016 Privacy Shield agreement.
Privacy advocates at European Digital Rights (EDRi) called the ruling “a victory for us all.”
“Today’s European Court of Justice ruling is a victory for privacy against mass surveillance,” says Diego Naranjo, head of policy at EDRi. “This is a win both for Europeans, whose personal data will be better protected, and a call for US authorities to reform the way intelligence service operate.”
The decision upheld the use of Standard Contractual Clauses (SCCs), which are instruments used to export data from the , but the court ordered the suspension of all data transfers to countries with privacy standards considered unacceptable in the bloc.
More than 5,000 companies have relied on Privacy Shield for the transatlantic transfer of data, and privacy advocates applauded a ruling which they say will apply pressure to US lawmakers to urgently reform surveillance laws in the United States.
“This ruling makes clear that no international agreement can adequately protect people’s privacy from the United States’ current mass surveillance programs and practices,” said Ashley Gorski, senior staff attorney with the ACLU’s National Security Project. “US surveillance violates fundamental privacy rights and continues to be a massive financial liability for US companies trying to compete in a global market. Unless Congress swiftly acts to enact comprehensive surveillance reforms, US businesses will continue to pay the consequences.”
The EU previously invalidated the Safe Harbor agreement in 2015 after Edward Snowden’s disclosures about NSA surveillance programs raised international alarm over US privacy laws. The Privacy Shield pact was put in place in 2016 to replace Safe Harbor.
Under the ruling, major companies which operate overseas, such as Facebook, will have to find alternate ways to access users’ data that comply with standards.
“In the short term, hundreds of billions of dollars in digital trade” are now in “legal limbo,” consumer advocacy group Public Citizen said.
Public Citizen expressed hope that the ruling will “force big tech companies to accept that privacy is a basic business requirement for transatlantic trade.”
Max Schrems, whose case against Facebook Ireland sparked the ruling by the Court of Justice, said he was “happy about the judgment.”
“It seems the Court has followed us in all aspects,” said Schrems. “This is a total blow to the Irish DPC [Data Protection Commission] and Facebook. It is clear that the United States will have to seriously change their surveillance laws, if US companies want to continue to play a major role on the EU market.”
Contact us by email at firstname.lastname@example.org
To fend off hackers, organized trolls and other online vandalism, our website comments feature is switched off. Instead, come to our Facebook page to join in the discussion.
These links are interactive — click on the boxes