Patriot Act vs. European law: What are the likely outcomes?
Summary: The European Parliament is considering their own laws in light of the Patriot Act admission by Microsoft. What could the next move be?
Between the transposing of the EU Data Protection Directive in 1998 and the terrorist attacks in New York in September 2001, trade relations between the United States and the European Union were mutual, bilateral and safe.
The arrangement between the U.S. and the EU -- for which both continents vary a great deal on data protection and citizen privacy -- were shot down when the Patriot Act was rushed through Congress in October 2001.
The European Parliament is debating its own laws, to determine whether the Patriot Act is a threat to European data.
A senior Microsoft executive has already stated that in, short, the Patriot Act does not allow them to guarantee the safety or privacy of European data.
A clear disparity between the laws is ever present and becoming clearer each and every day.
The question now to ask is: how could the data protection war between the two continents be solved?
The EU could ban cloud companies to force the U.S. into changing their laws.
This would be, if not the most significant measure the European Parliament could take.Banning any connection to the U.S. cloud would have massive impact on trade and diplomatic relations, and would leave many customers and clients in service hiatus.
Customers could lose access to data already held in an insecure cloud, and have their services cut off entirely, with businesses losing their outsourced communications services.
Or, Europe could ban new cloud contracts being signed by European clients with U.S.-based or wholly owned companies. This would limit the problem from spreading, but not solve the issue in its entirety.
U.S. companies could 'set free' their EU-subsidiaries so they can operate as self-operated.
Though it is not ideal, and might cause serious legal headaches for wholly owned EU subsidiaries of larger U.S. owned companies, subsidiaries could be allowed to operate independently from their parent organisations.At the moment, EU companies are controlled by their U.S. parent company and cannot refuse to hand over data. This has been likened to 'having an argument with yourself'.
The European Parliament could implement some methods to ensure that EU companies are protected under EU law, and therefore could operate independently from their head offices.
But this solution would not go without problems; with EU companies being able to -- in theory -- detach themselves from their parent company.
The EU could suspend Safe Harbor to prevent EU data leaving Europe.
Safe Harbor allows data to be sent from Europe to the United States, under the premise that organisations receiving the data from their European counterparts agree to the European data protection principles.If Safe Harbor were to be suspended, this could severely impact cloud service providers, as well as governmental intelligence sharing capabilities.
While the very point of the Patriot Act series when I highlighted that U.S. intelligence agencies could access EU-based data, this would on the flip side have ramifications for intelligence sharing governments across the world; potentially hampering serious investigations into online child abuse and terrorism.
The EU could draft emergency legislation to temporarily block U.S. law, giving time to work on it further.
The most likely option, and far beyond the least damaging. In what form this will take, it is not clear.The European Parliament could unequivocally state that EU data "must not leave the European Economic Area under any circumstances". This would solve the problem, as EU subsidiaries would have to abide by local EU law -- and could face severe penalties for not doing so.
But this would have implications for the Safe Harbor agreement.
Whether any solution is the "best" solution -- or even a solution at all -- there will no doubt be a backlash of further problems to consider.
This issue cannot be solved overnight, and will no doubt require fresh EU legislation to be put forward to the European Parliament.
Related content:
- Microsoft admits Patriot Act can access EU-based cloud data
- EU demands answers over Microsoft's Patriot Act admission
Also read ZDNet’s Patriot Act series:
- Summary: ZDNet’s USA PATRIOT Act series
- Part 1: USA PATRIOT Act and the controversy of Canada
- Part 2: Safe Harbor: Why EU data needs 'protecting' from U.S. law
- Part 3: How the USA PATRIOT Act can be used to access EU data
- Part 4: USA PATRIOT Act: The myth of a secure European cloud
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
What do you think?
As long as there is ownership or operative control, USA's government would
RE: Patriot Act vs. European law: What are the likely outcomes?
First of all if you seriously think any ISP puts up a fight when to protect your information you're kidding yourself. I've seen several come in and the most action taken was to call a local branch and confirm the validity of the warrant after that full compliance. No provider is going to take a financial hit for a residential/small business customer. You may say Twitter 'fought' recently to maintain 'privacy' of it's customers - keep in mind the global visability and threat of retaliation.
Secondly, there's more chance of a script kiddie sitting next to you at Starbucks sifting through your information than either the US or EU gov'ts caring about what porn you surf or the witicisms in your last email.
In close there are many points I could bring up that atleast for me invalidate your concerns - whether it be that London is the most heavily monitored city in the world (even we don't tape record our citizens every public moment), the issues with Virgin Media, French moves towards censorship, and various other EU members that continue to whittle away at your privacy overseas. In short, you may not like the Patriot Act but it is enacted in the interests of our security - and if it was allowed to lapse it would simply require a warrant for the exact same investigations to take place (something that takes under 24hrs to obtain FYI) also with the many issues in Europe it would behoove you to worry about the log in your own eye before concerning yourself with the splinter in ours.
"...but it is enacted in the interests of our security..."
Enjoy your "security."
"Those who would sacrifice freedom for security deserve neither..." - Ben Franklin.
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
1) The U.S., as is often the case, is attempting to impose its will, its laws, and its culture on others. This doesn't make the U.S. or Europe better than the other, the Europeans just don't like having someone outside Europe tell them what to do. Normal. Proper negotiation rather than force would probably solve the problem. Since we are allies and have similar security interests, and information is already shared via the Echelon system, it shouldn't be difficult.
2) The Patriot Act is an assault on the civil and individual rights of Americans, and represents a project that ultraconservatives had sitting on the shelf. 911 simply provided them with an opportunity to pass it in force without question, and so they dusted it off and put it out there. Time, now, to reconsider. That said, here in Europe, governments are also assaulting personal freedom, and the latest scandal involving Rupert Murdoch and the British police in illegal wiretaps doesn't look great for the individual rights and freedoms of Europeans, either. All of which is to say, "the price of freedom is eternal vigilance." But "eternal vigilance" does not mean security cameras in the streets, but rather, attention to responsible, and community oriented, liberty.
3) The U.S. constitution does not guaranty privacy, and the supreme court has consistently refused to recognize a right to privacy. This is true for a long time, predating 911 and modern terrorism. European law, in general, does recognize such a right, and provides protections that don't exist in the U.S. - you cannot, under any circumstances, publish the photo of a private individual without his or her consent, for example. Without making a value judgement one way or the other, it is important for sovereign nations to respect such differences, and neither should be imposing their value systems on the others.
Someone here made the point that our privacy is probably more in jeopardy from some geeky kid in Starbuck's than from these high-level snoops, and this is probably true - until the day you get caught up by an erroneous trigger in the spy machine. In any case, Twitter, Facebook, Google and other social networks already know more about us than any government - except they share this info with governments, too - and don't kid yourself, they do it with Europe and with the U.S. and no European law prevents it.
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
Then one would only have to worry about the NSA accessing the data illegally and hiding that in the interest of "national security," as they did for a long time before the NY Times spilled the beans.
simple solution
What's new?
When in doubt, ignore the EU law!
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
EU should respect the Patriot act if they want to continue using the internet.
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
FYI, EU Data Protection law predates widespread use of the Internet. It also applies to data held in corporate databases etc.
RE: Patriot Act vs. European law: What are the likely outcomes?
but the US constitution predates the 'EU Data Protection' law.
they should have made the law compatible with our constitution.
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
ever heard of ICAN or DARPA? Internet can not exist without USA.
RE: Patriot Act vs. European law: What are the likely outcomes?
I asume that was intended to be witty? Sadly, it too terrifyingly close to the truth. Don't ordinary American citizens care how deeply mistrusted their country now is throughout the rest of the world now ? You may all think you are God's gift to the world - quite simply, you are not !
RE: Patriot Act vs. European law: What are the likely outcomes?
RE: Patriot Act vs. European law: What are the likely outcomes?
Since when does the internet belong to the US, that is about one of the most stupid and arrogant statements I have ever seen on these boards, Every country is tasked with ensuring the free flow of data and the US most certainly does not 'own' the internet, in fact it was the Europeans who developed HTML, (Swiss, French, German, and U.K) at the University of Cern in Bern, and yes go right ahead ignore EU Law for we can also do the same for you, America is in a decline and pretty soon will be a second rate country, especially as you sold most of your manufacturing base to China et al.