Privacy Shield hammers another nail in the coffin of data protection

Safe Harbour’s replacement is based entirely on trust - what a big mistake

Safe Harbour is dead, long live the Privacy Shield. Although, to be honest, the all-new US data transfer agreement is already a dead man walking if you ask me. Indeed, a better name for it would be the Privacy Coffin.

Why the hostility? Consider this: the European Court of Justice (ECJ) killed Safe Harbour in October when it ruled that, essentially, the US was more interested in national security and law enforcement matters (also known as snooping the bejesus out of everyone) over and above any guarantees of meaningful privacy.

Since then, absolutely nothing has changed.

The Privacy Shield framework requires the US to give a written promise, on a yearly basis, that hand-on-heart it won't participate in mass surveillance of EU citizens.

This is laudable in principle and laughable in practice.

Any talk of 'clear limitations and safeguards', and most of all 'oversight mechanisms', in the context of the NSA is, frankly, a crock. Not least because the US explicitly allows mass surveillance of the very kind it's promising not to carry out.

The NSA doesn't consider it mass surveillance if they collect the data, only if they analyse it. But calling it something different does not mean it's not happening. 

Seriously, replacing one fundamentally flawed framework with another and giving it a new X-Men movie name does not fix the problem. That problem being that neither the EU, UK nor the US actually gives a flying feck about your privacy.

At best, this optimistically-named Privacy Shield is nothing more than a stop-gap solution. It will enable the transatlantic data flow to, erm, flow once more. But not for long. I imagine the ECJ will take a long, hard look at the agreement and announce it, too, as invalid.

What really worries me, and should worry you as well, if this is a stop-gap, a temporary measure to ensure that data keeps flowing; is what comes next? 

If, as I suspect, it will be more of the same political manoeuvring rather than something that really addresses the matter of data privacy in the post-Snowden era, then we are all screwed. Or, more accurately, we will continue to be screwed.

As long as we continue to take government agencies on both sides of the pond at their word when it comes to what they can and cannot spy upon, then nothing will change.

My advice, therefore, remains the same as it has always been: encrypt your data up the wazoo and manage your own keys to close the snooping opportunity window.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Google removes 17 apps infected with evasive ‘Joker’ malware
malware

Google removes 17 apps infected with evasive ‘Joker’ malware

28 Sep 2020