The long arm of Edward Snowden just got a little longer today:
Europe’s highest court on Tuesday struck down an international agreement that had made it easy for companies to move people’s digital data between the European Union and the United States. The ruling, by the European Court of Justice, could make it more difficult for global technology giants — including the likes of Amazon and Apple, Google and Facebook — to collect and mine online information from their millions of users in the 28-member European Union.
So what does this have to do with Snowden? Since 2000, a “Safe Harbor” agreement has allowed US companies to store personal data on European nationals as long as the companies comply with a specific set of rules to minimize abuse. At the time, it was commercial abuse that everyone had in mind. Today it’s government abuse:
Tuesday’s decision stems from a complaint lodged in 2013 by Austrian privacy activist Max Schrems over Facebook’s compliance with EU data-privacy rules. In his charge filed to the Irish data-protection authority, the U.S. social-media company’s lead regulator in Europe, Mr. Schrems claimed that allegations by former U.S. National Security Agency contractor Edward Snowden showed Facebook wasn’t sufficiently protecting users’ data because it is subject to mass surveillance in the U.S.
There are workarounds for this, but they’re complicated and burdensome. What’s more, efforts to reach an updated agreement will be difficult since the court ruling allows privacy regulators in every country to set up their own rules. This means that negotiations with the EU almost certainly have to include every national regulator who wants a voice, since each one can essentially veto an agreement in their own country.
Alternatively, the US could announce major reforms to its NSA spying programs. Just kidding, of course. We all know that’s unpossible.