The highest court in Europe has struck down the EU-US Privacy Shield over concerns that the agreement leaves the data of European customers too exposed to US government surveillance.
The agreement, which has been in place since 2016, allows companies operating in the EU to transfer data back to the US and over 5,000 companies currently operate under its terms.
Good news, of course, but while the focus is often on the US and China, we shouldn’t forget that European countries are also quite, quite adept at mass surveillance.
Your headline is false.
The EU was all gung ho for it.
“we shouldn’t forget that European countries are also quite, quite adept at mass surveillance.”
I am dutch and live in Austria.
President of the Austrian National Council mr. Sobotka visited the european police congress in february 2019 and openly spoke for introducing the chinese system of social scoring in the EU.
In every self-respecting democracy such person would have been removed/fired, not in Austria.
The chamber of commerce in Austria collects data from every business, if one protests against the collecting of every email, every click in their website etc. you will experience that this organisation is part of a political system that is practically untouchable.
When I called the Data protection committee they told me that as a private person or small business one has no chance to do something about that, “you should better give it up” was the advise.
The post in Austria sold all addresses and information about what had been delivered, Although it was considered a “scandal” nothing happened.
So, I think the EU is as bad as the USA or Russia or whatever other “western” country.
You’re got to hand it to Max Schrems for his principaled persistence.
But it’s important to understand that this doesn’t mean companies can’t transfer EU citizen’s data and store it in the US. It just means that there’s no longer a default assumption that the privacy level’s the same in the US as it is in the EU for EU citizen’s data. Just like all other countries the US makes a legal distinction between the rights of its own citizens and those of other countries, so this shouldn’t be surprising (and in relation to surveillance, something the Snowden leaks shone a bright light on). If companies want to transfer data now they have to create contractual safeguards, be held responsible for breaches and make it clear to their customers (see GDPR article 49 https://gdpr.eu/article-49-when-can-personal-data-be-transfered/ )