The recently concluded agreement between the USA and the EU is the third attempt to ensure the secure transfer of personal data from Europe to America. There are many indications that a new lawsuit before the European Court of Justice could also overturn trial three. A comment by Holger Dyroff, co-founder and COO of ownCloud.
All good things come in threes, one would think. In the case of the intended data protection agreement between the European Union and the USA, the first two attempts were already a failure. The European Court of Justice already overturned the two previous regulations, Privacy Shield and Safe Harbor, on the grounds that the level of data protection in the USA was not compatible with European standards. The European Commission would have done well to learn from the mistakes of the past, to strive for real change and to end legal uncertainty for companies.
EU-US Privacy: Two Attempts, Two Lawsuits, Overturned Twice
Holger Dyroff, co-founder and COO of ownCloud thinks that the new agreement could be overturned in a lawsuit at the ECJ (Image: ownCloud).
Apparently that didn't happen and so the new agreement, much like the first two attempts, doesn't go beyond lip service either and sells old wine in new bottles. Another large gray area has arisen, especially when it comes to the crux of the matter: data queries by secret services. Access should only be made if it is necessary and proportionate - from the American point of view.
In addition to the obvious legal loopholes, these formulations reveal one thing above all: Up to now, the USA has accessed the personal data of European citizens to an unknown extent. The views of European and American data protection experts are also likely to differ significantly when it comes to defining what is appropriate access and what is not.
So nothing new in the west
Although the decision of the ECJ is still pending, there are many indications that the new agreement will not stand up in court either - the corresponding lawsuits are certainly already waiting in the drawers of European data protection officers. For the next attempt, the European Commission should consistently concentrate on the actual problem: a missing "No Spy" agreement with the American partners, which fundamentally puts a stop to unauthorized access to sensitive data of Europeans.
Until then, the bitter reality remains that clouds from US providers for personal data do not represent a legally secure area. Fortunately, there are alternatives, such as sovereign software and technologies aimed at avoiding dependencies on external providers or countries. It is to be hoped that the market will recognize the need and produce more such solutions in the future - after all, it is about nothing less than the control and autonomy of our data.
More at ownCloud.com
About ownCloud ownCloud develops and integrates open-source digital collaboration software that enables teams to easily share and share files from anywhere, on any device. More than 200 million people worldwide already use ownCloud as an alternative to public clouds - and thus opt for more digital sovereignty, security and data protection.