Following a statement made by Yves Bot, European Court Advocate General, European companies storing data with US cloud service providers may have to consider moving to European alternative services.
In the wake of the Edward Snowden revelations in 2013 about widespread surveillance by the NSA (National Security Agency) in America, the EU court of justice advocate general, Yves Bot, has accused US intelligence services of ‘mass, indiscriminate surveillance’.
Yves Bot’s strong opinion contains recommendations that could radically change common data practices in the EU. He states “…. mass indiscriminate surveillance is …. disproportionate” and is “…. an unwarranted interference with the rights (of EU subjects).”
Previously the European Court of Justice (ECJ) had stated that Internet users in Europe had no judicial protection over the widespread trawling through their data. The EU-US Safe Harbour agreement allowed data to be transferred to the US and then the security agencies were able to interrogate this data even if the persons concerned represented no threat to national security.
Yves Bot now says that this previous stance is invalid as reported by the Guardian.
The European Court normally follows the advocate general’s opinion, and as the European Court of Justice’s decisions are legally binding in EU countries, this may well result in European companies needing to review their IT environments and the storing of data with US companies.
It’s estimated that over 4,000 companies currently rely on the Safe Harbour agreement for transferring data to the US.
Agustin Reyna, senior legal officer at the European Consumer Organisation, said: “The advocate general’s opinion puts the nail in the coffin of Safe Harbour. This agreement fails to protect European’s personal data. We hope the European court of justice will follow this line and stop the mass circumvention of EU data protection rules. The European commission, which is currently renegotiating Safe Harbour, received today a clear message that the transfer of European citizens’ data cannot be based on self-assessment by US companies.”
Redstor’s cloud backup services guarantees data sovereignty and data privacy as they utilise advanced security and encryption techniques. Encryption keys are managed by the end-user and Redstor (and other agencies) have no ability to access the contents of these files. The level of security, resilience and protection offered by Redstor’s cloud backup service is indeed far higher than many organisations can offer, even with their own in-house solutions.