A new ruling could make it harder for American organizations to harvest data from European citizens.
In a landmark decision Tuesday, the Court of Justice of the European Union struck down the so-called “Safe Harbor” agreement, which for nearly 20 years has allowed firms to easily transfer information across the Atlantic. While that information runs the gamut from payroll data to Google search information, the decision is largely meant to stifle the United States National Security Agency’s unfettered access to data.
The crux of the ruling rests on a complaint from Maximillian Schrems, an Austrian citizen and privacy advocate who took Facebook to court in 2008. In a press release Tuesday, the Court of Justice of the European Union specifically detailed what that has to do with the NSA: Schrems’ data flowed through Facebook’s Irish subsidiary to the United States, where it could be accessed by American public authorities.
That’s a no-go for some privacy advocates.
“There should be proper limits and safeguards in place to govern national intelligence, national security access to personal data,” Jens-Henrik Jeppesen, director of European Affairs at theCenter for Democracy and Technology, told The Huffington Post.
“The best thing that can happen from the Safe Harbor decision is if it motivates surveillance reform in the U.S.,” he added.
Put a different way, the EU’s decision puts a major roadblock in place for American agencies that wish to collect information about European citizens. Jeppesen’s hope is that limiting this power in Europe could help spark change in the U.S.
Everyone’s favorite whistle blower was quick to weigh in on that point via Twitter:
Theresa Pardo, director of the Center for Technology in Government at the University at Albany, told HuffPost that the EU’s ruling is likely to result in a new framework for how organizations manage and use data.
“This is a critical question that cannot only be reviewed every 16 to 18 years,” Pardo told HuffPost, referencing Safe Harbor’s origins in the late 1990s. “I know that there’s been a lot of attention to these questions in lots of backrooms — how to create a new framework or revise the existing framework, including enforcement. These are critical policy questions and policy executions.”
That said, neither Pardo nor Jeppesen could anticipate what that new framework would look like.