Glyn Moody, in Ars Technica, on the proposed replacement for the recently
struck-down Safe Harbor framework:
However, with what seems like extraordinarily bad timing, President Obama
has just made winning the trust of EU citizens even harder. As
Ars reported last week, the Obama administration is close to allowing the
NSA to share more of the private communications it intercepts with other
federal agencies, including the FBI and the CIA, without removing
identifying information first.
In other words, not only will the new Privacy Shield allow the NSA to
continue to scoop up huge quantities of personal data from EU citizens, it
may soon be allowed to share them widely. That’s unlikely to go down well
with Europeans, the Article 29 Working Party, or the CJEU—all of which
ironically increases the likelihood that the new Privacy Shield will suffer
the same fate as the Safe Harbour scheme it has been designed to replace.
So let me get this straight. Under this proposal:
- The NSA can continue to bulk collect EU citizen data.
- That data may be shared with other agencies in the US government.
- Said collection must fall under six allowed case, one of which is
undefined “counter-terrorism” purposes. No one ever abused that kind of
- The US claims there is no more bulk surveillance, except that there is under
those six cases.
- The appointed “independent ombudsman” to address complaints by EU citizens
will be a single US Undersecretary of State.
- Complaints can also be addressed to US companies housing EU citizen data, even
though, in the absence of another Snowden-scale whistle-blowing, they may have
no idea their data is being surveiled.
Color me skeptical that this would work, let alone not be thrown out by another
case similar to the one that killed Safe Harbor.
I have a better idea. How about eliminating mass surveillance?