While online privacy is our fundamental right, not all countries respect it. An EU court just struck down the EU-US Privacy Shield agreement, claiming that EU citizens’ sensitive data will be subject to the heavy surveillance conducted in the States. Are privacy agreements worth anything at all if somebody can still snoop on your data without your consent?
The beginning of this story dates back to 2013, when ex-National Security Agency (NSA) contractor Edward Snowden leaked information about the NSA mass surveillance program that harvested private information from companies like Facebook.
While Facebook denied leaving a back door for US authorities, this didn’t convince Max Schrems, an Austrian lawyer and privacy rights activist. He filed 22 complaints against Facebook in Ireland, where the company has European headquarters, demanding to stop transferring data of EU citizens.
Schrems’ complaints made it to the Court of Justice, which invalidated the Safe Harbor agreement, stating that it doesn’t protect consumers in the wake of the Snowden revelations. Officials had to come up with a new agreement, which became operational in 2016.
The new agreement, Privacy Shield, was not passed unanimously. Some member states expressed their concerns that much more could be done to protect EU citizens’ privacy.
Privacy Shield was adopted by over 5000 companies such as Facebook, Amazon, Microsoft, and Twitter. However, Schrems was never convinced that Privacy Shield was enough to protect the rights of EU individuals and continued his legal battle.
Schrems: “We need US surveillance reform. The Court has clarified that there cannot be any transfer of data in violation of EU law.”
The collapse of Privacy Shield only proves that the US is not a safe haven for data. Once your private information leaves the EU, it becomes vulnerable and open to surveillance. This will cause a headache for international companies such as Zoom or Google as they’ll have to implement new privacy policies.
While businesses can still operate and transfer data under Standard Contractual Clauses, this comes with its own costs. Companies will have to sign thousands of new agreements aimed at protecting data leaving the EU in compliance with GDPR (General Data Protection Regulation) requirements.
However, not everyone trusts Standard Contractual Clauses. Rumors say they might be suspended, creating disruptions in data transfer between the two continents.
While the EU might come up with a new agreement, it may be hard to negotiate if the US remains unwilling to change its national security and privacy policies. EU citizens are left with many questions unanswered: how secure is their data, who can access it, and how can they protect their fundamental rights from constant encroachment?
When laws can’t protect you, it’s time to take cybersecurity in your own hands. We recommend using a VPN (Virtual Private Network) as it masks your IP address and encrypts data, thus keeping away any prying eyes.
NordVPN is an easy-to-use app that provides top-notch security and doesn’t require much technical knowledge. With one account you can protect up to six devices. NordVPN keeps no logs of your data, therefore you can be sure that everything that leaves your device reaches the other end without inspection.
Take control of your online privacy with the click of a button.