The EU & US “Privacy Shield” agreement has been declared invalid – is it time to emancipate yourself from the US? A comment from Uniscon.
On July 12, 2016, the transatlantic data protection agreement between the USA and the EU came into force and was intended to ensure that personal data of European citizens are adequately protected, even if they are transmitted to the USA or stored on cloud storage there. As early as January 25, 2017, Donald Trump curtailed the rights of all non-US citizens again by decree and thus secured the US secret services unrestricted access to all data traffic from abroad.
ECJ overturns “Privacy Shield”
On July 16, 2020, the ECJ finally declared the "Privacy Shield" agreement to be invalid. According to the judges, the agreement does not provide sufficient protection for the personal data of EU citizens. With the end of the Privacy Shield, EU citizens and EU companies alike were drawn to the last nail in terms of legal certainty. All data that is stored, processed or even communicated via US servers is now exposed to arbitrary inspection by US authorities.
The European community has nestled itself in the IT bed made from overseas for far too long, neglecting the development and maintenance of its own, competitive IT industry. This unconditional dependence is now our undoing. Every company that stores or processes sensitive customer data at US IT service providers now runs the risk of giving up control of its data - and thus not only exposes itself to the risk of GDPR fines that threaten its existence, but also plays out sooner or later with the trust of its own customers.
Wanted: a sustainable new regulation
In view of the hair-raising insights that we were able to gain in the course of Edward Snowden's educational work, it is surprising how tenaciously the responsible EU politicians have so far resisted a concerted reaction. Instead of lamenting the end of a mediocre emergency solution, it would be advisable to replace the legal vacuum as quickly as possible with a workable new regulation that guarantees verifiable data protection for all EU citizens - even if their data migrates across the Atlantic.
"It would be even better if we could finally shed our children's shoes and put all our energy into building and promoting a competitive IT economy within the EU," says Ulrich Ganz, Director Software Engineering at TÜV SÜD in Munich -Daughter uniscon.
In addition to political will, this also requires an enlightened user base that no longer wants to be treated like second-class customers. “It will not fail because of the innovative strength of European companies. We just can't allow it to suffer from the - all too human - fear of change. "
More on this in the uniscon privacyblog.de
About uniscon Uniscon GmbH is a member of the TÜV SÜD Group. As part of TÜV SÜD's digitization strategy, uniscon offers highly secure cloud applications and solutions for secure and legally compliant data traffic. TÜV SÜD is a leading global technical service company with over 150 years of industry-specific experience and today more than 24.000 employees at around 1000 locations in 54 countries. In this strong network, uniscon is able to reliably implement major international projects in the areas of IoT and Industry 4.0 with the Sealed Cloud and its products. Further information on the company and the solutions: www.uniscon.com