In a landmark ruling today the Court of Justice of the European Union found that the current 'Safe Harbor' agreement (which underpins the vast majority of the transfer of data from the EU to the US) is invalid. This ruling strikes an important blow for data protection for EU citizens.
Safe Harbor has long been used by large corporations to justify transferring data out of UK and EU datacentres, into US based locations. By using "Safe Harbor", companies agree to be bound by the same restrictions as they have in the US, despite not being explicitly required to do so by US law.
However, because of this US agencies have been able to circumvent these EU data protection laws. By hosting data under US jurisdictions, companies are required to meet EU requirements, yet the US government is not bound in the same way. US agencies like the NSA have therefore been able to use this loophole to snoop on UK and EU citizens' data.
Pirate Party Spokesman Mark Chapman said:
"As we have been consistently saying since the first Snowden revelations about the PRISM system used by the NSA and others, it is clear that the Safe Harbor agreement does not provide for adequate protection of EU citizens' data. As the court ruled - whilst the companies transferring data may seek to recognise and protect data, law authorities are not themselves subject to it."
"As with many of the Snowden revelations about the amount of data that the NSA and other authorities are able to snoop on, we are only now starting to get to grips with the full extent and consequence of this mass surveillance. This ruling clarifies that indiscriminate Mass Surveillance violates the fundamental human right to privacy."
"As a result of this ruling there will be increased calls from both sides of the privacy vs security debate for a more public discussion of the rules and guidelines underpinning Mass Surveillance. Pirate Party UK think that can only be a good thing - and we will look to be at the forefront of those discussions."