EU Court Advocate General Deals Severe Blow to NSA Surveillance
A legal case, virtually unreported in the U.S., could very well unhinge a major component of this country's surveillance system. In any case, it certainly challenges it.
Yves Bot, he Advocate General of the European Court of Justice (the European Union's litigation arena) just published an "opinion" that the privacy and data sharing arrangements between the EU's 28 countries and the United States are "invalid", must be revised and cannot now be used to regulate data transfer.
This is to surveillance what an earthquake would be to a city: it wouldn't halt surveillance but it would destroy one of its major components. While the EU court's 15 justices have yet to issue their ruling on the opinion, they seldom deviate very much from their AG's advice and, given that they published his opinion and circulated it to the media, it's a good bet they are going to approve something close to it. They'll make that ruling later this year.
But the opinion alone is undoubtedly sending shudders through the halls of the NSA which gets all kinds of data from cooperating big-data companies (like Facebook and Google) and steals data from the ones that don't cooperate through a program called PRISM.
That's where one must start in understanding this: PRISM, a highly sophisticated data capture program used by the NSA to steal data from servers in this country and overseas. It's the most comprehensive spy program in U.S. history and much of its activity involves servers in other countries because that's where much of the data the NSA wants is stored.
With the advent of the cloud storage programs, your data is "distributed. For instance, an email you send is cut up into little pieces stored in various servers throughout the world. This makes for a more efficient use of storage space. When you ask for your data, the servers cooperate in putting it together and sending it to you. PRISM takes the data as soon as its together, often from a European server right before it is sent out or brought in.
For many years, PRISM was clandestine until whistle-blower Edward Snowden told the world about it.
Enter Maximillian Schrems. An Austrian activist, Schrems has been a Facebook user for many years and, like most activists, he was deeply concerned about Facebook's policy of transferring his data to the U.S. whenever U.S. Facebook wanted. His logic: Facebook is subject to PRISM data capture and his data would end up with the NSA.
So he sued, targeting Facebook whose European headquarters are in Ireland.
Ireland wouldn't hear the case; they sent it to the EU's court where U.S. litigators sniffed at Schrems' case. If all the data belongs to Facebook, they argued, certainly Facebook can move data wherever if wants. But, argued Schrems' lawyers, there are actually data laws in various countries preventing that action because several of the EU's member have strict privacy-protecting and data-collection restriction laws. The U.S. doesn't.