Go Back   English Forum Switzerland > Off-Topic > Off-Topic > International affairs/politics
Reply
 
Thread Tools Display Modes
  #1  
Old 07.10.2015, 12:09
lorena1's Avatar
Forum Veteran
 
Join Date: Apr 2011
Location: N/A
Posts: 644
Groaned at 51 Times in 39 Posts
Thanked 563 Times in 313 Posts
lorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond repute
ECJ: Data Transfer Law violates the right to privacy

Yesterday, the ECJ rendered the 15-year-old Safe Harbor agreement invalid. The law has previously enabled collection of digital information from EU users by the US government and US-based companies, such as Google, Facebook and Amazon.

This ruling will further complicate tech companies from operating, as ever since the NSA has prominently been caught spying on at least three French Presidents and Angela Merkel (via her cell phone), harsher privacy protection rules have been put in place.

The court decision takes effect immediately and will make it more difficult for companies to swap digital information. Remains to be seen if this will mean higher costs for consumers in the EU.

http://www.nytimes.com/2015/10/07/te...ollection.html


The ECJ decision follows a legal opinion from Advocate General Yves Bots, an adviser to the court, arguing Safe Harbour should be struck down. "The surveillance carried out by the United States intelligence services is mass, indiscriminate surveillance," Bots said. "In those circumstances, a third country cannot in any event be regarded as ensuring an adequate level of protection."
It's not just tech startups — any company that relies on Safe Harbour for the transfer of user, customer, or employee data is affected.
He argued that agreements such as the 2000 Safe Harbour law could not supersede scrutiny at the national level. Such agreements "cannot eliminate or even reduce the national supervisory authorities' powers ... if the national supervisory authorities receive individual complaints, that does not in my view prevent them, by virtue of their investigative powers and their independence, from forming their own opinion on the general level of protection ensured by a third country and from drawing the appropriate conclusion when they determine individual cases."
There are other methods that companies can use to legitimise the transfer of data from Europe to America. Safe Harbour "is not the only way you can legitimise the transfer of personal information but it is probably the most important method," Dr. Susan Foster, a privacy lawyer at the law firm Mintz Levin, told Business Insider. One option is to directly seek the consent of the data subject, but it could be difficult to do so in cases in which companies have previously relied exclusively on Safe Harbour.

"Consent has to be explicit and freely given" — which causes a headache for another key use of Safe Harbour, the transfer of employee data. "In many countries in Europe you can't rely on consent from employees, because employees are understood not to have free choice." An employee may feel pressured into consenting, so such a consent would not be a valid basis for the transfer. "A lot of multinational companies with employees in Europe rely on Safe Harbour because they don't feel they can rely on consent, quite rightly." Foster says.

Even in instances in which consent can be freely given, there could be future hurdles as legal debate in Europe continues as to whether consent is an adequate mechanism (given how people tend to disregard terms and conditions). "At the moment we have consent as a valid basis of the transfer," Foster says. "I can foresee a world within the next 12 months where it's not."

Another option is "model clauses" — pre-approved clauses that can be slotted into contracts dealing with data protection.


(http://uk.businessinsider.com/europe...ruling-2015-10)
Reply With Quote
This user would like to thank lorena1 for this useful post:
  #2  
Old 07.10.2015, 13:26
marton's Avatar
Forum Legend
 
Join Date: May 2008
Location: Zürich
Posts: 7,523
Groaned at 164 Times in 139 Posts
Thanked 8,549 Times in 4,685 Posts
marton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Wonder if this will have implications for outsourcing where, for example, Swiss data is manipulated in India?
Reply With Quote
  #3  
Old 07.10.2015, 16:59
Corbets's Avatar
Forum Legend
 
Join Date: Mar 2007
Location: Zug, CH
Posts: 2,840
Groaned at 155 Times in 111 Posts
Thanked 5,382 Times in 1,839 Posts
Corbets has a reputation beyond reputeCorbets has a reputation beyond reputeCorbets has a reputation beyond reputeCorbets has a reputation beyond reputeCorbets has a reputation beyond reputeCorbets has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Quote:
View Post
Wonder if this will have implications for outsourcing where, for example, Swiss data is manipulated in India?
Shouldn't directly impact Swiss Safe Harbor agreements at all, as the EU version is a separately, albeit similar, program.

I wouldn't be surprised to see Swiss agreements move in the same direction though.
Reply With Quote
  #4  
Old 07.10.2015, 17:10
Treverus's Avatar
Forum Legend
 
Join Date: Dec 2007
Location: SZ
Posts: 9,275
Groaned at 215 Times in 178 Posts
Thanked 16,494 Times in 6,021 Posts
Treverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Quote:
View Post
Wonder if this will have implications for outsourcing where, for example, Swiss data is manipulated in India?
The Swiss laws that a company has to protect its customers data and is not allowed to store certain information on servers abroad is neither new or has changed... there is a reason why Swisscom is the largest IT solutions company in the country and I am pretty sure it isn't their prices...

I reality do loads of companies ignore a lot of those laws. But the law is quite simple: you are only allowed to give your data to third parties which
- don't give foreign goverment access to them
- do nothing with them but the tasks you'd otherwise done yourself

https://www.admin.ch/opc/de/classifi...index.html#a10

Since the patriot act allows the US agencies access to anything is this rather old news for companies here. In the EU were people especially since Snowden aware about the topic and this is now the formal result.
__________________
There is a special place in Hull reserved for the guy who invented autocorrect.
Reply With Quote
  #5  
Old 08.10.2015, 13:53
lorena1's Avatar
Forum Veteran
 
Join Date: Apr 2011
Location: N/A
Posts: 644
Groaned at 51 Times in 39 Posts
Thanked 563 Times in 313 Posts
lorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Under Swiss Law, it is at a court’s discretion to determine the lawfulness of data transfers abroad.
Keeping in mind that Swiss courts are not bound by ECJ decisions, the Swiss-US Safe Harbor Agreement appears to not be directly affected by the Oct 6th decision, at least with regards to controller/processor agreements.
These agreements could be entered into solely under Swiss law, therefore bypassing the Swiss Safe Harbor Agreement.
Reply With Quote
  #6  
Old 09.10.2015, 17:24
Forum Legend
 
Join Date: Oct 2014
Location: Ostschweiz
Posts: 3,057
Groaned at 99 Times in 79 Posts
Thanked 3,799 Times in 1,962 Posts
Urs Max has a reputation beyond reputeUrs Max has a reputation beyond reputeUrs Max has a reputation beyond reputeUrs Max has a reputation beyond reputeUrs Max has a reputation beyond reputeUrs Max has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

The swiss Commissioner on Data Protecion on the ruling:
" The agreement between Switzerland and the USA is also called into question by this decision. As far as Switzerland is concerned, in the event of renegotiation, only an internationally coordinated approach that includes the EU is appropriate."
Reply With Quote
  #7  
Old 09.10.2015, 18:11
Treverus's Avatar
Forum Legend
 
Join Date: Dec 2007
Location: SZ
Posts: 9,275
Groaned at 215 Times in 178 Posts
Thanked 16,494 Times in 6,021 Posts
Treverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Quote:
View Post
The agreement between Switzerland and the USA is also called into question by this decision.
Sure. The difference is that the EU one is not in question anymore, the court clearly decided that it's out of the window.
Reply With Quote
This user would like to thank Treverus for this useful post:
  #8  
Old 09.10.2015, 23:12
marton's Avatar
Forum Legend
 
Join Date: May 2008
Location: Zürich
Posts: 7,523
Groaned at 164 Times in 139 Posts
Thanked 8,549 Times in 4,685 Posts
marton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond reputemarton has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Quote:
View Post
Wonder if this will have implications for outsourcing where, for example, Swiss data is manipulated in India?
Quote:
View Post
The swiss Commissioner on Data Protecion on the ruling:
" The agreement between Switzerland and the USA is also called into question by this decision. As far as Switzerland is concerned, in the event of renegotiation, only an internationally coordinated approach that includes the EU is appropriate."


Seems my comment was on the right lines
Reply With Quote
  #9  
Old 09.10.2015, 23:35
Sean Connery's Avatar
Forum Legend
 
Join Date: Nov 2011
Location: Zurich
Posts: 4,924
Groaned at 75 Times in 70 Posts
Thanked 6,395 Times in 2,931 Posts
Sean Connery has a reputation beyond reputeSean Connery has a reputation beyond reputeSean Connery has a reputation beyond reputeSean Connery has a reputation beyond reputeSean Connery has a reputation beyond reputeSean Connery has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

I'd like to comment on this but I'm privy to some privileged information.

Let's just say I always thought it was a bit questionable.
Reply With Quote
  #10  
Old 09.10.2015, 23:49
Treverus's Avatar
Forum Legend
 
Join Date: Dec 2007
Location: SZ
Posts: 9,275
Groaned at 215 Times in 178 Posts
Thanked 16,494 Times in 6,021 Posts
Treverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond reputeTreverus has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Quote:
View Post
Let's just say I always thought it was a bit questionable.
It was a bit questionable before Snowden. Afterwards was it absolutely obviously wrong. Snowden showed the world proof that the US authorities do not care about privacy laws and do not need formal and transparent court orders as soon as somebody says "patriot act" or whatever it was called - expect your data in the US to be read (well, machine read and analyzed...). That's not exactly what the safe harbor agreement promised, is it?

Last edited by Treverus; 10.10.2015 at 00:18.
Reply With Quote
  #11  
Old 12.10.2015, 15:52
lorena1's Avatar
Forum Veteran
 
Join Date: Apr 2011
Location: N/A
Posts: 644
Groaned at 51 Times in 39 Posts
Thanked 563 Times in 313 Posts
lorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond reputelorena1 has a reputation beyond repute
Re: ECJ: Data Transfer Law violates the right to privacy

Looks like Switzerland will suspend the us-swiss safe harbor agreement in the near future. (NZZ)
Meanwhile, the US is still operating under Safe Harbor

Quote:In the current rapidly changing environment, the Department of Commerce will continue to administer the Safe Harbor program, including processing submissions for self-certification to the Safe Harbor Framework. If you have questions, please contact the European Commission, the appropriate European national data protection authority, or legal counsel.

Last edited by lorena1; 14.06.2016 at 21:41.
Reply With Quote
Reply

Tags
nsa, safe harbor




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Moneyhouse and personal data privacy Samurai Finance/banking/taxation 29 17.06.2016 18:41
Buyers Remorse / Return Right - What is the Swiss law? PeterDB Other/general 12 05.04.2012 14:00
New EU data privacy laws proposed Corbets International affairs/politics 3 25.01.2012 23:40
Transfer data from HTC Wildfire to iphone 3 NSchulzi General off-topic 6 29.06.2011 00:09


All times are GMT +2. The time now is 14:52.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0