Facebook Loses Challenge To Irish Watchdog's Data Curbs (bloomberg.com) 16
Facebook lost a court fight over an initial order from a European Union privacy watchdog threatening its transfers of users' data across the Atlantic. From a report: An Irish court on Friday rejected the social network's challenge, saying it didn't establish "any basis" for calling into question the Irish Data Protection Commission's decision. The dispute is part of the fallout from July's shock decision at the EU's Court of Justice, which toppled the so-called Privacy Shield, an EU-approved trans-Atlantic transfer tool, over fears citizens' data isn't safe once shipped to the U.S. That EU court ruling was quickly followed by a preliminary order from the Irish authority telling Facebook it could no longer use an alternative tool, known as standard contractual clauses, to satisfy privacy rules when shipping data to the U.S.
standard contractual clauses (Score:1)
Does anyone know what this means?
Sounds like the legal equivalent of "because we said so."
Re: (Score:3)
It means Facebook must stop the pretense (Score:3)
What it means is that the Irish DPC (data protection commission) will have to prohibit Facebook's EU-US transfers, an action that it has avoided doing since the Court of Justice of the European Union rulings.
In a nutshell: FB claim that they protect the data from US Government, where in fact the US law says that they have to provide it. In fact the Snowden revelation was that FB is part of the PRISM mass surveillance program (with MS, Google, Yahoo...) that makes access to the data very easy.
https://noyb.e [noyb.eu]
Re: (Score:2)
"standard contractual clauses" just means that "Facebook would protect the user data as outlined in its privacy policy".
Basically the whole terms of service, privacy policy, and other legal crap you wade through - Facebook felt that it was "strong enough" protection.
The Irish courts and data protection agency thought otherwise.
I really wonder why... I mean... it's Facebook! </sarcasm>
Re: (Score:1)
So yeah, basically, we reject your laws and substitute our own.
Re: (Score:2)
SCCs don't work because the US has laws explicitly saying that that NSA gets access to all traffic entering the US. It's called FISA section 702 authority.
So Facebook (Google, Apple...) have to not send European personal data to US until US changes its surveillance laws.
Silly solution approach (Score:3)
I think the Slashdot crowd basically hates solution ideas, but here's my latest and craziest: A law requiring Facebook let me pack up my personal data and move it elsewhere.
Let me try to guess what straw men might be thrown at the idea...
(1) No, I am not suggesting that Facebook has to create competitors. It would just require packaging the data in such a way that a competitor could use it as input for an alternative website. Much or even most of the personal data might not even fit into the new system, but that would not be Facebook's concern.
(2) No, I am not worried about Facebook keeping illegal copies of the personal information if the law is clear enough. Yes, Facebook is too big, but fortunately it is not too big in a way that it can count on getting away with breaking laws the way banks and Amazon and the google do.
(3) Yes, I understand how network effects work, but there is no natrral law that the entire network has to be controlled by a single company. So yes, I am advocating some form of standards-based interface that could be used by many social networks.
Okay, enough time has passed that I should be safe from the FP fever... Yes, I am interested in contructive criticisms that lead to improvements, but I'd be even more interested in your better solution approach to the Facebook catastrophe. (So described in a recent book.)
Re: (Score:2)
You have this with the DGPR. (Well, if you are an EU citizen.) First, if you request all information stored about you, they must give you a complete list. If you do a request for deletion, they _must_ delete all your stuff unless you have a business relationship with them. There are pretty harsh penalties in place if they mess this up or refuse.
Re: (Score:2)
Thanks, I should study the DGPR. I would like to see how it fits into an approach towards increasing real competition with more choice (and freedom) for all.
Re: (Score:2)
Re: (Score:2)
I don't see any problem with your first concern. Why not have a copy of the data? It would even be dated, making it easy to figure out what parts are obsolete when compared with later versions. Only practical objection I see is if they (Facebook in this case) have so much data that you can't afford enough storage to hold it. But I think I have about 1 TB of disk space still available on this machine. (However I also see it as a market opportunity for (encrypted) backup services.)
Your second concern is much
Re: (Score:2)
Personally I am already very sceptical about what companies like FB do with the data of their users but we surely don't need foreign governments subvert the privacy of EU citizens.
Subvert because EU law expressly forbids such access while US law specifically allows or even mandates it (FISA section 702).
Sure, this doesn't help those who've already submitted their data
Re: (Score:2)
I'm looking at more general solutions, but within each jurisdiction the citizens should have the same rights to control their personal information.
From Facebook's side, they can just shut down in that jurisdiction if they don't think there's enough profit involved. Alternatively, FB might look at it from the perspective of excess local costs. But I think the principle of ownership of personal information should apply to anyone using any social network.
Here's an idea (Score:3)
Let's just get rid of Facebook.