EU-US Privacy Shield Still Not Protecting Your Privacy

Full text of the new draft EU-US Privacy Shield was released February 29^th but has not been signed yet. They have made some changes from the previous Safe Harbor Agreement. While some are good improvements, some seem to have not changed how our data is handled at all. A conclusion on if the draft agreement will be acceptable should be made by mid-April to the end of April.

History: Safe Harbor Agreement

Before going in to the Privacy Shield here is the history of why we needed a new agreement between the European Union and United States. In an earlier blog, Safe Harbor Ruled Invalid, How it Affects You, we talked about the invalid ruling of the Safe Harbor Agreement and how it affected businesses and consumers. So here’s a little history on the old Safe Harbor Agreement:

The European Union (EU) and the United States (US) established the Safe Harbor Pact in 2000. This allowed businesses to legally funnel info across the Atlantic. Common data storage and transfers might include global commerce, sending and receiving emails, and even posting on social media. US companies can “self-certify” that they meet the stricter European privacy standards.

In early October of 2015, the European Court of Justice found the US approach to domestic surveillance and absence of legislation governing certain privacy rights was not up to European standards following a case brought by an Austrian student Max Schrems. The EU then made the Safe Harbor pact invalid. They believe the US has compromised their data and would like for some changes to happen to ensure the US is not spying on their citizens.

What’s New

While there are some improvements to the Trans-Atlantic data transfer deal many say it does not differ much from the original Safe Harbor and does not address the “core concerns and fundamental flaws of US surveillance law and the lack of privacy protections under US law.”

Key Positive Takeaways:

Citizen and Company Complaints

complaint form The new agreement gives companies and citizens the chance to complain and dispute any mishandling of records and personal information. Governments must resolve such complaints within 45 days or use a free “alternative Dispute Resolution”.

Ombudsman

An ombudsman is a public advocate representing the interests of the public by investigating and addressing complaints. An ombudsman within the US State Department will handle any allegations of privacy violations.

Key Negative Takeaways:

Collecting Data in “Bulk”

In a Press Release from February 29^th the European Commission states there will be “no indiscriminate or mass surveillance by national security authorities.” But then is contradicted by this:

6 exceptions where US can collect data “in bulk”:

Detecting and countering certain activities of foreign powers
Counterterrorism
Counter-Proliferation
Cybersecurity
Detecting and countering threats to US or allied armed forces
Combating transnational criminal threats, including sanctions evasion

US Judicial Redress Act

In addition to the Privacy shield, President Obama signed the U.S. Judicial Redress Act on February 24th that will “give EU citizens access to US courts to enforce privacy rights in relation to personal data transferred to the U.S. for law enforcement purposes. ” […] The Judicial Redress Act will extend the rights U.S. citizens, and residents enjoy under the 1974 Privacy Act also to EU citizens.”

At first that sounds good. After further research on the Privacy Act of 1974, many believe that the Privacy Act is “worthless”, with similar views from the Electronic Frontier Foundation (EFF),. There are many exceptions including 32 CFR 322.7 which exempts the NSA from rules of privacy on records maintained on individuals, according to 5 U.S. Code § 552a.

“Essential Equivalence” Non-Existent

uneqal tug a war One of the most important parts of changing this agreement was to have “essential equivalence” of European data protection in the US. Max Schrems points out that this deal falls short:

“The new deal does not even address the matter of private sector data misuse, despite the fact that there would have been much more leeway than in the government sector. There are tiny improvements, but the core rules on private data usage are miles away for EU law.”(TechCrunch)

Privacy Shield Certified

Under the Privacy Shield a business can become ‘certified’ to establish “adequate” protections for Trans-Atlantic data transfers. While this helps to protect your business from data transfer problems, it does not protect you completely.

The new agreement allows Data Protection Authorities (DPAs) to suspend data flow regardless of a business being Privacy Shield Certified. This would mean you cannot secure continuous data flow for your company.

The Outlook

X decline The EU-US Privacy Shield still needs to be approved by the EU’s WP29, also known as the Article 29 Working Party, and from the privacy issues others have already found in the draft it does not seem likely it will be approved.

“They tried to put 10 layers of lipstick on a pig, but I doubt the court and the DPA’s now suddenly want to cuddle with it”

-Max Schrems

Like this post? Share it!

Everything You Need to Know About Your Google Business Listi

Google My Business is the tool that allows you to directly edit your busine…
Why You Need an SSL Certificate on Your Website

Have you ever visited a website and been greeted by a warning stating that…
Social Media After Death

As of this year, at least 2.34 billion people worldwide are social media us…

Timeline Photos ‼#Netflix email #scam‼
Scams like this can be confusing. You may think it's obviously #fake, but then you notice the Netflix email address. Don't be #fooled!
Some giveaways that this is spam:
1. Netflix emails will contain the company's up ...

Posted: 14 hours ago
We're thankful for all the technological advances that allow us to interact with wonderful clients like you. #HappyThanksgiving! https://t.co/X8DuHRaydz

Posted: Last week
Timeline Photos We're thankful for all the technological advances that allow us to interact with wonderful clients like you. #HappyThanksgiving!

Posted: Last week
As we're approaching the #holidays❄🎄, keep in mind that you should update your #Windows7 machines to continue receiving updates.
https://t.co/soguio7x7l

Posted: 2 weeks ago
Windows 7 End of Life Approaches As we're approaching the #holidays❄🎄, keep in mind that you should update your #Windows7 machines to continue receiving updates.
https://appletreemediaworks.com/windows-7-end-of-life-approaches/

Posted: 2 weeks ago
‼ #Google and #Samsung phone users ‼
There is a confirmed #vulnerability in your camera app. #Hackers can gain access to your camera through a malicious app, then take pictures, videos, record phone calls, and more. Be sure to keep...

Posted: 2 weeks ago
Google Confirms Android Camera Security Threat: ‘Hundreds Of Millions’ Of Users Affected ‼ #Google and #Samsung phone users ‼
There is a confirmed #vulnerability in your camera app. #Hackers can gain access to your camera through a malicious app, then take pictures, videos, record phone calls, and more. Be sure to keep ...

Posted: 2 weeks ago
❗IMPORTANT #TechTips and #security information!
We have a new E-Newsletter going out tomorrow morning. Be sure to sign up to get it! Get up to date on scams going around, security, helpful products, and more from Appletree!
Click the link...

Posted: 2 weeks ago
Appletree E-Newsletter ❗IMPORTANT #TechTips and #security information!
We have a new E-Newsletter going out tomorrow morning. Be sure to sign up to get it! Get up to date on scams going around, security, helpful products, and more from Appletree!
Click the link ...

Posted: 2 weeks ago
Timeline Photos We are beyond grateful to all of the Armed Forces members that have and are serving our country. Thank you. #VeteransDay2019

Posted: 3 weeks ago
We are beyond grateful to all of the Armed Forces members that have and are serving our country. Thank you. #VeteransDay2019 https://t.co/awu7kQ3dcu

Posted: 3 weeks ago
This would be REAL progress for #Facebook. 🤣 https://t.co/KPwrQHcYM8

Posted: Last month
Timeline Photos This would be REAL progress for #Facebook. 🤣

Posted: Last month
This would be REAL progress for #Facebook. 🤣

Posted: Last month
🍎If you're experiencing issues with location and time on your #Apple device, you may have missed an #important update. Don't worry, it is still possible to update, but you'll need to use iTunes.
How to update: http://ow.ly/zj1750x2GmE
More info: http://ow.ly/N8GX50x2GmD
Update your iPhone or iPad software if you're experiencing issues with location, date, and time

As of November 3, 2019, some iPhone and iPad models introduced in 2012 and earlier require an iOS update to resume accurate GPS location. This is due to the GPS time rollover issue that began affecting GPS-enabled products from other ...

Posted: Last month
🍎If you're experiencing issues with location and time on your #Apple device, you may have missed an #important update. Don't worry, it is still possible to update, but you'll need to use iTunes.
How to update: https://t.co/VxG4jFYNNa
More info: https://t.co/Rghvh9Ov32

Posted: Last month
Don’t forget - today’s the big day to get your opinion out to the public - BY VOTING! #votingmatters #keepvoting

Posted: Last month
Have a safe and happy #Halloween from us at Appletree! 🍂🎃 https://t.co/NAYQosM5Is

Posted: Last month
Timeline Photos Have a safe and happy #Halloween from us at Appletree! 🍂🎃

Posted: Last month
❗IMPORTANT❗
📱 If your older Apple device is not updated to version 10.3.4 or above, make sure you do so before 8:00 PM (EST) this Saturday or you'll lose the ability to access the internet and online features.
More info ...
Update your iPhone 5 to continue using App Store, iCloud, email, web, and other services

Starting just before 12:00 a.m. UTC on November 3, 2019,* iPhone 5 will require an iOS update to maintain accurate GPS location and to continue to use functions that rely on correct date and time including App Store, iCloud, email, ...

Posted: Last month
❗IMPORTANT❗
📱 If your older Apple device is not updated to version 10.3.4 or above, make sure you do so before 8:00 PM (EST) this Saturday or you'll lose the ability to access the internet and online features.
More info...

Posted: Last month
How to Stop Unwanted Calls 🤳We know what an #inconvenience unwanted calls can be. There are ways to help prevent yourself from receiving #spam and #robo calls.
Find out here: https://www.consumer.ftc.gov/features/how-stop-unwanted-calls

Posted: Last month
Happy #LaborDay from us at Appletree! We will be closed to observe the holiday. #UnionStrong

Posted: 3 months ago
You may have seen this photo circulating social media (specifically Instagram) for a while now. Head of @instagram, @mosseri, has came out and said that there is no truth to it.
.
.
.
.
#hoax #instagram #privacypolicy

Posted: 3 months ago
Have YOU signed up for our bi-weekly #eNewsletter yet? Don't miss important #security and #TechTips, helpful products, and #scams going around.
Press the link in our bio to see what you're missing and subscribe for #FREE!

Posted: 3 months ago
Self control is hard sometimes, I get it.
.
.
.
.
#amazon #primeday #shopping #selfcontrol #onlineshopping #amazonprime

Posted: 4 months ago
The great grandkids are bezel-less! 📱
.
.
.
.
#bezelless #bezellessdisplay #iphone #smartphone #technology #newtech #meme #techmeme #techjoke #funnytech

Posted: 4 months ago
Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websites, searches, and software based on their content.

Posted: A long while ago
EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses

Posted: A long while ago
Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not yours to share. But what is fair to ...

Posted: A long while ago