The many Snowden revelations, which have detailed the advanced spying and mass data collection operations conducted by some of the world’s most important agencies including the NSA and the GCHQ, have revealed that various U.S. tech companies might also be involved, whether willingly or unwillingly, in some NSA programs. The implications of the leaks detailing the Prism data collection program – that says the NSA has access to personal customer data from various U.S. companies including Apple, Facebook, Skype, Microsoft and Yahoo – might be far greater than initially believed, as they could affect the U.S.-EU Safe Harbor Framework for transatlantic data transfer and connected trade deals.
In a case before the Court of Justice of the European Union (CJEU), the European Commission admitted that the Safe Harbor Framework doesn’t adequately protect EU citizens’ data from potential U.S. spying. And a fix isn’t really coming anytime soon, Ars Technica reveals, quoting a report from euobserver.
The best way for preventing such spying operations, for anyone worried about NSA snooping, would be to stop using certain U.S.-based online services, including Facebook, at least until they open data centers in Europe.
“You might consider closing your Facebook account, if you have one,” European Commission attorney Bernhard Schima told attorney-general Yves Bot at the CJEU on Tuesday, suggesting that personal data transferred from Europe to the U.S. isn’t necessarily protected under the U.S.-EU pact, even though the Framework should ensure data privacy and security.
The case was brought before the CJEU after Austrian privacy activist Max Schrems filed complaints with the Irish High Court following the Prism revelations against the five U.S. companies mentioned above. The Irish court then referred it to the higher European body.
Schrems basically says that data passed to the U.S. can’t be considered as adequately protected, as it’s not clear what happens with it in light of the Prism program leaks.
The European Commission is still in talks about improving data protection for EU citizens, even though the Safe Harbour Framework can’t yet guarantee that protection.
More details about Schrems’ case, as well as the recent findings on the matter – the CJEU should issue an opinion on the matter on June 24th – are available at the source links below.