We noted recently, Homeland Security has a rather expansive view over why the US has jurisdiction over any website using a .com or .net domain name. And, recent admissions from Microsoft that EU data protection rules are effectively meaningless when faced with a US PATRIOT Act request for data. Basically, the US appears to claim that even if the data is stored in Europe, with strict data protection rules, if it’s a US company, the US believes it has jurisdiction and can demand access to it. The EU was publicly ‘not amused’.
While you can understand why US officials and law enforcement want to view the world this way, what stuns me is that they appear to be totally tone deaf to oblivious unintended consequences and likely counter moves to such a views. (Expect) A moral cover of other countries doing the same thing, harming US interests significantly, an inevitable backlash and widespread harm to US companies and internet users. (techdirt)
We know it is a mess, but here you go for another: For years now, reports have shown that US firms claim to follow privacy rules in order to obtain EU citizen information. However, no control, no checks, no nothing. Just take it. Several critial reports the last 10 years..nothing is done.
If there is no reward and only problems for safeguarding privacy, why should you?
Update: Public rewards EU parlementarians standing up though.
While I don’t understand how handing over your complete financial information to the US without anything in return hasn’t pushed anger within the EU to the limit, off course the US will continue demanding unsoveign, highly sensitive information. The EU has shown very little on the privacy level and is now just selling-out further apparently. After the finance, comes vingerprints, dna, next up your medical documents, tax return and anything else they can digitally receive. But ow wait, “we are angry of course“! Sure.
Not that the EU would ever get the US data….feeling used yet?
The ridiculous claim that a country as Swiss gives in for pressure of visa requirements is laughable. Not in the last place because countries could simply demand the same in return. It is just another sign that no serious press critics on this part seem to walk around.
The European Parliament has adopted the so-called SWIFT agreement on 8 July 2010 allowing sharing EU citizens’ bank data with the US authorities, but failing to stick to its initial position on privacy safeguards from February 2010. (..) However, even the data protection European bodies – EDPS and the Article 29 Working Party – have underlined that the current agreement does not meet the European privacy standards. (..) There have been reports that the US Treasury has received up to 25% of all SWIFT transactions, which number in the billions each year. (via)
Seems that the EP still cannot guard basic privacy rights for EU citizens.
5 Years more of lack of civil rights as financial privacy. This adds to the believe that the EU is still toothless and doesn’t fend with the power, it really should have!
Regarding ‘EU, US re-assess SWIFT data-sharing deal‘:
The statements made by the spokespersons of SWIFT are very worrying. They originally said that servers have been moved to Switzerland and the Netherlands, but now admit that there are still servers in the US which hold EU banking data. Could it be that SWIFT has simply been lying all the time about what is really happening?
It has been again a little while, but the story is the same: this Monday The EU Council is set to give US intelligence services full access to SWIFT banking data, despite an unanimous call by the European Parliament not to do so.
“The move of SWIFT the data server to Switzerland would be an excellent opportunity to stop the nearly unlimited access of US authorities on EU bank transactions. But EU justice and interior ministers are apparently keen [on agreeing to] a deal as soon as possible, on 30 November. Why 30 November? Because one day later, on 1 December 2009, the EU’s Lisbon Treaty will be in force and would allow the European Parliament to play a major role in the negotiations of the deal with the US. A deal one day before will be a slap in the face to democracy in the EU. … [W]hile the US will be able to access EU banking data, no access to US banking data by EU [authorities] is being foreseen.”
Quote of Jacob Kohnstamm in NRC article:
„What would you think if Poetin or the Chinese would request your financial informaion? Your savings, mortgage, bankstatements. Would we accept that?
Like netkwesties pointed out in April 2006, there seems to be little management regarding these issues.
UPDATE: Google is following up on the European privacy directives, by finally becoming a bit more transparant regarding its database usage. BoingBoing has more too.
It has taken a while but after a few lawsuits, and changing legistlation on both sides, now finally some control mechanisms are put back into place.
While most large companies are always taking actions to prevent corporate spying and like-wise citizens for their privacy rights, Swifts obligation under current US law which forced it to allow US government access to its US support datacenter seem to overrule those actions. Swift therefore has decided to close down this facility.
One MEP, Dutch Liberal Sophie in’t Veld, said it was not a question of being anti-American – American privacy laws were in fact tougher than those in the EU. quote from BBC
It makes sense, if you hold an international datacenter wouldn’t you logically apply the toughest privacy restrictions of your members? Odd it took so long.
Dutch cowboys refers to an interesting article on data keeping. The article highlights that besides the privacy concerns and cultural effects there actually should be enough commercial motivation for the development of an ICT equivalent of the swiss banking secret. John Battelle coins it Data Switzerland. Sort of suggesting the advantages where multi-nationals are known for:
” The concept is simple: why can’t companies that hold massive amounts of our personally identifying information – companies like Yahoo, AOL, Google, Verizon, etc – simply warehouse that information in a country that has consumer-friendly data privacy laws?
The multi-national Yahoo did hand over privacy information even when it was in a consumer privacy friendly area with its data. That didn’t make a difference, so how is this different? Other ideas mentioned are Havenco or some P2P equivalent. Developing story I guess.