U.S. law gives the National Security Agency a green light to collect a staggering amount of personal data from phone and Internet users around the world, most of whom aren’t remotely connected to terrorists. ADVERTISING U.S. law gives the National
U.S. law gives the National Security Agency a green light to collect a staggering amount of personal data from phone and Internet users around the world, most of whom aren’t remotely connected to terrorists.
This week, however, a European court said the NSA’s shotgun approach to surveillance violated Europeans’ privacy rights. And because the European Court of Justice has no jurisdiction over the NSA, it took out its displeasure on the Internet.
Specifically, the European Court of Justice struck down the “safe harbor” arrangement that allowed Internet companies based in America to store European users’ data on servers in the U.S. …
The court ruled the arrangement, which the European Commission negotiated with the U.S. government in 2000, wasn’t compatible with the European Union’s Charter of Fundamental Rights because U.S. companies are required to comply with the NSA’s large-scale efforts to collect data in ways that violate EU privacy rules. U.S. companies can satisfy the EU rules in other ways, but they are so costly smaller ones might be driven out of the continent.
It’s tempting to say to the NSA, “This is another fine mess you’ve gotten us into.” But the EU’s right to privacy includes an exemption for national security surveillance; the problem here is the European Court of Justice didn’t think what the NSA was doing qualified for the exemption, and it didn’t want the European Commission stopping privacy regulators in the 28 European countries from imposing their own terms on U.S. companies.
One irony is that safe harbor gives European users’ data more protection than they would get from U.S. law alone. That was the point of the agreement: to set a higher privacy standard the Federal Trade Commission would enforce. This week’s ruling could create what amounts to 28 different privacy regimes for firms seeking to transmit customer data from Europe to the U.S., a morass that only would discourage U.S. Internet companies from serving the region.
That’s why European and U.S. officials should come up with a new safe harbor as soon as possible.
Congress can help that effort by tightening the limits on the data the NSA can collect and by giving Europeans the same rights as U.S. citizens to redress privacy wrongs in court.
And the European Commission can help by making sure that the agreement sets a standard all countries in the region will live by. Although talks between the two sides have been underway for some time, the European Court of Justice’s ruling should spur them to a swift conclusion.
— Los Angeles Times
