According to the EUCJ , EU Commission’s Safe Harbour is invalid because of the possibility for the US intelligence/law enforcement agencies to access EU citizens’ personal data with a less degree of legal protection. The Court’s official press-release reads:
The United States safe harbour scheme thus enables interference, by United States public authorities, with the fundamental rights of persons, and the Commission decision does not refer either to the existence, in the United States, of rules intended to limit any such interference or to the existence of effective legal protection against the interference.
This is a nonsense because – like it or not – “national security” and “public order” are the buzzwords that all over the Western world allow the withdraw of civil rights and clearly prevent the application of the privacy/data protection regulation.
EU personal data stored in US facilities are EU (i.e. foreign) first and only after personal data: this means that, for instance, under the US regulations the CIA can legally process it because these data don’t belong to American citizens. As per the FBI, since the Bureau is part of the Department of Justice, its activity is court-issued-warrant regulated. So, again, why the FBI should be denied the access to EU (i.e. foreign) data relevant for an investigation?
To put it short, then, why from an US perspective, the EU personal data should be prevented from being wiretapped, accessed or somehow accessed by US security community?
And why for instance – enforcing in reverse the EUCJ logic – the British GHCQ should be prevented to intercept US personal data in Europe for the sake of “fighting the terrorism”?
Haven’t a dozen or so CIA operatives been wiretapped (and lately, indicted) in Milan during the investigation ran in 2003 for the extraordinary rendition of an imam?
Is it a proper personal data protection for the US Department of Homeland Security to state in the I-94 form given the passengers on every flight directed to the USA that
WAIVER OF RIGHTS:
I hereby waive any rights to review or appeal of a U.S. Customs and Border Protection officer’s determination as to my admissibility, or to contest, other than on the basis of an application for asylum, any action in deportation
There are several critical issues that hamper the Safe Harbour, like the actual Data Protection Authorities check on the actual enforcement of the binding corporate rules or the standard clauses, or the confuse notion of “personal data” that in the opinion of some local Data Protection Authorities still includes the data related to legal person and to single professionals. And, therefore, there is surely ground to revise the (killed) Safe Harbour legal architecture. But using civil rights as an excuse to bash an EU Commission act, looks more like a stunt in an covert political battle instead of a purely legal dispute.