New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Europe’s Top Court Strikes Down ‘Safe Harbor’ Data-Transfer Agreement With U.S.
This may be relevant to hosts here...
The European Court of Justice has today declared invalid the Safe Harbor data-transfer agreement that has governed EU data flows across the Atlantic for some fifteen years.
[...]
Some 4,700 companies rely on Safe Harbor to operate businesses in the region. It affects those companies that outsource data processing of E.U. users’ data to the U.S.
The Safe Harbor executive decision dates back to 2000, and allows companies to self certify to provide “adequate protection” for the data of European users to comply with the European data protection directive, and with fundamental European rights such as the right to privacy (under Article 8 of the European Convention for the Protection of Human Rights).
(source)
Comments
I received an e-mail about this from a company (that I never heard...). Can someone can make me a tl;dr as I didn't understand much? What will be the consequences? US companies can no longer have EU clients?
In a overly simplified nutshell, EU companies can't export personal data to the US under the self-certification rules.
It's not going to stop companies moving data though, just that they need to take additional steps in the process and provide more assurances.
i.e. it is now not allowed anymore (without registering the export; i'm not 100% sure if that is enough - might need apporval) to provide customer data of clients of an EU host with US location as justification to ARIN.
I think that is the least of their worries.
In short, NSA will have to ask their european counterparts for that data if they did not manage to enlist the european big DCs, ISPs and hosts directly. That is the aim, in fact, what will happen, is that other means of transferring the data will be used.
TL;DR, EU people will still have to encrypt their data to keep off the EU agencies as well as the US ones.
There there now.. we all know that victim blaming is bad so we need a law that forbids mass surveillance that then everyone will magically respect!
The definition of national security is that it does not have to depend on law, national or international, warcrimes are done in the name of it, so, mass surveillance is the least of our worries, some say, yet the current state of affairs is due to mass surveillance and blackmailed judges, military, lawmakers, etc.
And more: EU agencies will be in a better position to obtain direct access to some of the data they want, since there will be more chances of it being hosted within the EU.
Maybe this will give HavenCo a shot at getting back in business.