The European Court of Justice today canceled the blank cheque that allowed the transfer of personal data to US companies. This is an overdue step towards better data protection: Whether sensitive data is adequately protected and its transfer thus permissible must now be determined on a case-by-case basis. The court empowered the Irish Data Protection Commissioner to make that call as it pertains to Facebook. According to current law, such evaluations might in many cases reach a negative conclusion.

Data protection and mass surveillance are irreconcilable. Tweet this!

The fact of the matter is: Data protection and mass surveillance are irreconcilable. By failing to resolve this contradiction, politicians have now passed the buck to providers of internet services. The dilemma they are facing can only be solved by freeing service providers from the obligation to groundlessly store and disclose personal data.

The revelations by Edward Snowden served as final proof that the much-criticised “Safe Harbor” system fails to adequately protect users’ personal data. It is a shameful indictment of the European Commission that it took a court judgement to finally suspend this system. The European Pirates had been calling on the Commission to do so since June 2013, as had the European Parliament since March 2014.

Of special significance is the court’s determination that the system violated human rights in very fundamental ways:

  1. Legislation permitting public authorities general access to the content of electronic communications compromises the fundamental right to respect for private life
  2. Procedures providing no possibility for individuals to pursue legal remedies, e.g. to obtain the erasure of their data, violate the fundamental right to effective judicial protection

Today’s judgement once again finds suspicionless surveillance to be in profound conflict with fundamental rights. Last year, the Court declared the data retention directive invalid for similar reasons. And yet, groundless storage of personal data is still widespread within the EU. Clearly it’s not enough to apply higher standards to the international exchange of data. What we need are international agreements that ensure the protection of fundamental rights everywhere and disarm mass surveillance. The EU can only be credible in these efforts if it sets a good example for others to follow, reigns in intelligence services within its member states and ensures the effective protection of its people from government surveillance.

To the extent possible under law, the creator has waived all copyright and related or neighboring rights to this work.

One comment

  1. 1

    Well done you! It’s good that at least one person in the EU Parliament is looking after peoples welfare, Kudos! (correction)