The European Court of Justice has ruled that servers in the US are insufficiently secure to comply with EU privacy regulations.
This is no surprise. The deal with the US has largely been a fig-leaf created as a result of brow-beating of European regulators by the US State Security Apparatus:
The European Union’s top court on Thursday threw a large portion of transatlantic digital commerce into disarray, ruling that data of E.U. residents is not sufficiently protected from government surveillance when it is transferred to the United States.
The ruling was likely to increase transatlantic tensions at a moment when President Trump has already been threatening tariffs and retaliation against the E.U. for what he says are unfair business practices. It was a victory for privacy advocates, who said that E.U. citizens are not as protected when their information is transferred to U.S. servers as when that information stays inside Europe.
The European Court of Justice ruled that a commonly used data protection agreement known as Privacy Shield did not adequately uphold E.U. privacy law.
The court said that it was unacceptable for E.U. citizens not to have “actionable rights” to question U.S. surveillance practices.
European data privacy advocates celebrated the decision.
It’s a good thing that the US State Security apparatus is finally getting some push-back internationally.