AfterDawn: Tech news

EU-US Privacy Shield agreement terminated, now American companies must process EU user data outside U.S.

Written by Petteri Pyyny @ 03 Aug 2020 4:45 User comments (1)

Thousands of American companies have broken EU law for the past two weeks One of the most important privacy court rulings in recent history was delivered two weeks ago when EU Court stroke down the EU-US Privacy Shield agreement. Privacy Shield agreement between EU and the United States allowed American companies to store and process EU user data within the United States.
But EU Court ruled that because United States allowed its intelligence agencies to access such data, the agreement between EU and US had to be terminated immediately. Since then, basically all American companies that maintained the user databases in U.S. soil and had EU users, were breaking EU legislation.

Problem is massive: Companies wishing to maintain unified user database must basically move it out of the United States - or United States as a country to change its national laws that permit its intelligence agencies to do surveillance on its own soil. Obviously the latter option is highly unlikely to happen.



Technically splitting user database into two separate sets, with separate rules, processes and data location would be a massive technical challenge to the Internet gients like Google, Facebook and Microsoft.

EU privacy legislation is much stricter than that of United States' similar laws are. EU citizens have, for example, "right to be forgotten", which means that upon a personal request, company has to remove all identifiable data of the user from its records, logs and so on. EU's privacy legislation, dubbed as GDPR, applies to all EU citizens and it doesn't matter if the company handling the data is not EU company - in order to collect EU citizens' data, all companies must obey the legislation.

The EU-US Privacy Shield agreement covered more than 5'000 companies, which included startups, but also the largest Internet companies of the world.

Currently all those companies are basically in legal limbo - they have to figure out a way to avoid U.S. intelligence agencies snooping EU users' data, but also to find a way to keep their services running similarly to all their global users. Companies can, to certain extend, still transfer data between U.S. and European Union, under so-called Standard Contractual Clauses, but all such data is within EU's GDPR's reach, too.

Typically a massive court rulings like this comes with a grace period, but in this particular case, the ruling Privacy Shield agreement was terminated immediately.

Previous Next  

1 user comment

115.8.2020 18:20

Wish that existed here in the U.S.!

Comments have been disabled for this article.

Latest news

Guide: How to Kick Unwanted Guests from Your Netflix Account Guide: How to Kick Unwanted Guests from Your Netflix Account (26 Jan 2023 2:14)
Sharing a Netflix account with a person in a different location is possible and indeed very common, although the company doesn't necessarily enjoy this behavior from their customers. However, ....
Guide: Turn an Old Computer Into a Chromebook Easily and for Free Guide: Turn an Old Computer Into a Chromebook Easily and for Free (07 Jan 2023 2:11)
Do you know someone whose computer is way beyond its best-before date, and they, unfortunately, do know have the skills or the expertise to do much about it? Or do you own a pile of old laptop ....
2 user comments
How to Choose a Robot Vacuum? How to Choose a Robot Vacuum? (07 Jan 2023 9:12)
Robot vacuums are meant to make day-to-day life easier in several ways. When they are used efficiently, they can keep the house clean continuously - at least when it comes to floors. In addition, ....
2 user comments
Tech year 2022 wrapped up: The rise of the AI, EU to become the much-needed counterweight to tech giants, ... Tech year 2022 wrapped up: The rise of the AI, EU to become the much-needed counterweight to tech giants, ... (01 Jan 2023 2:11)
AfterDawn's wrap-up for the tech year 2022. The rise of the artificial intelligence was probably the most significant change that occurred during the year 2022, but there were many other interesting developments, too.
2 user comments
OPPO to follow Samsung, OnePlus: Promises 4 Android updates, 5 years of patches for upcoming flagships OPPO to follow Samsung, OnePlus: Promises 4 Android updates, 5 years of patches for upcoming flagships (21 Dec 2022 3:45)
OPPO has updated its official Android update policy. Phone manufacturer now promises four major Android operating system updates for its new flagship phones.
4 user comments

News archive