Skip to main content

EU says Pee-Yoo to transatlantic data sharing

Over in Europe, Irish Data Protection Commissioner Helen Dixon has just succeeded in her push to prevent Facebook from transferring data on European users back to the United States.

At issue is a series of data transfer agreements between the EU and the US; it is the (reasonable) contention of Commissioner Dixon that the United State's regime of warrantless spying makes Facebook unable to comply with the data sharing arrangement required by the EU. Ireland may not seem like a major global hub for Big Data and telecom firms, but it very much is. The Emerald Isle's famous "Celtic Tiger" economic push successfully attracted some of the largest technology firms in the world with low taxes and easy regulations.

But the times, they are a-changin'.

honey, when did you buy this data? it smells "off"

This is the latest wrinkle in an ongoing battle over privacy regulations responsible for protecting European user data that traverses the Atlantic, but not the first. In September of last year, Commissioner Dixon had released an initial injunction against Facebook on precisely this issue that was eventually blocked by the Irish High Court.

Facebook is the target of this specific move on the part of the Irish Data Protection Commission, however other firms can expect bad news from Ireland in the coming days and months. The Commission has a total of 27 pending investigations on this issue targeted a swath of firms that range from Twitter to Google to Verizon.

The implications for firms that depend on collecting massive troves of data about an international user basis could be dire - and the companies that serve them - are potentially dire. One of the most obvious consequences of the move is that it presents these firms with an offer they can't refuse: move all of your data to a European hosting facility, or get lost.

Setting aside the many basic problems with warrantless surveillance in the context of human rights, one of the repeated concerns voiced about the over-reliance on NSA global surveillance by members of the IT and telecom industry is the unintended consequence that surveillance has on global confidence in US IT products. For decades, the US has been the undisputed leader in all manner of computer technology. Many professionals - including myself - long avoided IT products from authoritarian countries precisely because their governments could not be trusted. But thanks to the post-9/11 "collect it all" methodology implemented during the Bush administration, continued by the Obama administration & forgotten during the Trump administration, it is becoming more and more difficult to tell exactly why an IT product manufactured or hosted in the US is fundamentally more trust-worthy than a similar product in, say, China.

Whether or not you support global warrantless surveillance, the EU's actions are making it clear that there will be a substantial economic cost to totalitarian surveillance as well as a moral one.