Sophos Cloud Optix
Citizens within the European Union (EU) have been advised to close their Facebook accounts if they wish to keep their private information away from the prying eyes of the US security services.
In a hearing that could have significant bearing on the future of the EU-US Safe Harbor agreement, European Commission attorney Bernhard Schima as good as admitted that the current agreement was not fit for purpose, telling attorney-general Yves Bot:
You might consider closing your Facebook account, if you have one.
Schima’s remark came during a case brought by Austrian law student Max Schrems following complaints filed against Facebook and four other US companies – Apple, Microsoft, Skype, and Yahoo – with the relevant data protection authorities in Ireland, Luxembourg and Germany.
After Irish Data Protection Commissioner Billy Hawkes refused to investigate Schrems’ claims surrounding the mass transfer of Facebook users’ data to the US’s National Security Agency (NSA), citing Safe Harbor rules, the case was elevated firstly to the Irish High Court and now to the European Court of Justice (ECJ).
Schrems, and his crowd-funded ‘Europe v Facebook‘ group, began campaigning after Edward Snowden revealed how the Prism data-gathering program gave US intelligence services access to data held by nine US firms, including the five named above.
That, the case argues, breaches the EU’s Data Protection Directive, which outlaws the transfer of citizens’ personal data to countries outside of the EU unless they meet an “adequacy” standard for privacy protection.
On that point Schrems, who was live tweeting the proceedings from Luxembourg, seized on the fact that the European Commission said:
The Commission cannot confirm an adequate protection right now.
The International Association of Privacy Professionals reports, however, that the Commission maintained that Safe Harbor remains a necessity, arguing that:
Safe Harbor is a politically and economically necessary framework that is still under negotiation and is best left in the hands of the commission to work toward a better protection of EU citizen rights.
The negotiations over Safe Harbor – which allows US tech firms such as Facebook and Google to deliver targeted adverts to EU citizens – have been underway since November 2013 with no end to the discussions in sight.
In the meantime, the ECJ was asked to consider whether individual national data protection authorities (DPAs) have the authority to block data transfers where deemed necessary. The Commission’s stance is that it is simply not possible because the DPAs “are in principle not empowered” to suspend data transfers to the United States.
Schrems, however, found backing not only from advocacy group Digital Rights Ireland, which argued that the existing Safe Harbor agreement couldn’t protect citizens’ data, but also from national representatives from countries including Austria and Poland. Representatives from Ireland said they would welcome further guidance on the matter.
If the outcome of the case is the nullification of the Safe Harbor agreement, US companies would still be able to apply to transfer data out of the EU but, Schrems explains via Europe-v-Facebook, doing so may prove more challenging than at present:
A number of companies (e.g. Twitter in its recent Annual Report) expect that it may become harder for US companies to retrieve data from the European Union and it may be necessary to invest in secure European data centers.
The Advocate General of the ECJ will give his opinion on the Safe Harbor framework on 24 June 2015.
Image of Facebook courtesy of Gil C / Shutterstock.
If your Attorney General is named Bot, it may be too late, already. 😉
I most definitely value my privacy and agree it is necessary to have some regulation but I would fear that EU regulation may become so heavy-handed that we in Europe could find ourselves locked out of any non-EU based providers. Would this really be a win for openness ?
I think the hope is that Europe is a large, wealthy market and the Facebooks of the world will want access to it enough to change. And that maybe those changes would end up being implemented globally because it’s easier, thereby protecting many more than EU citizens. But that is messy to even try to pull off and does quite often end up in the bog instead. Who else is going to try, though? It’s worth a shot. At least the EU has leverage and precedent.
Why do you want to share your browsing and data with US marketing companies?
You volunteer the data you share on the Internet. There is no expectation of privacy. Of course, your data is for sale to commercial and governmental entities. Who is so naive as to believe otherwise? Read the TOS. Ignore any superficial ‘promises’ to the contrary. What business do you think Google, Facebook. etc. are in?
People consult with me over IT issues, of course including security and privacy. From day one I told people to reject the temptation and avoid facebook altogether.
As far as I know there is one person who closed their account not long after signing up, against my advice.
The rest gleefully spew dangerous private information without a thought. Then they complain to me when their computer starts to get eerily ‘too personal’ with ads and suggestions.
One person related an incident while on vacation; her iphone (using facebook) “told me” about a nearby restaurant that one of her friends had liked and posted about it on facebook. She hadn’t asked to find a restaurant. And her friend who’d previously dined there was mentioned by name.
That is creepy. Think about it, the phone (facebook) knew where she was and who her friends are… and what one of those friends did when they were in this same location, which facebook also knows is not anywhere near her home, ergo she is more likely to dine at a restaurant.
And people don’t think anything of all this. It’s just “convenient.”
I have never used ‘social media’ with the exception of following a few people on twitter who provide useful information occasionally. I block ads and scripts, yet creepy ads that seem as if someone has been inside my head still sneak in anyway.
There’s no putting this genie back in the bottle. And any regulations are bound to do little more than gum up the works and make things harder for the user.
Please give me a step by step instructions to close my facebook account
just want off for now