the most ironic part is that it's the US itself which is going to monitor compliance.
The entire problem for me is basically what Snowden revealed. In most democratic western countries a certain level of privacy is actually enshrined into law due to it's propensity for abuse. -- the US spying on Swedens behalf means that technically Sweden is not spying on Swedes.
The US having data on me by itself isn't a huge deal; there's no fucking way I will ever want to live there and factually: nobody is going to go sniffing into my life like in the movie "Enemy of the State" (though I suppose they could). However, the US sharing that information with Sweden can affect my life, because it's intentionally bypassing a protection that I am supposed to have in order to live in a free democratic system.
Failure to respect privacy lends itself to authoritarianism as people will self-censor if they feel they are not able to express themselves. Maybe I'm overstating this but it's a real concern of mine.
>Failure to respect privacy lends itself to authoritarianism as people will self-censor if they feel they are not able to express themselves. Maybe I'm overstating this but it's a real concern of mine.
Likely not overstating it because this is exactly what has happened both historically and currently in some countries.
The need for privacy is proven, not because people need to hide criminal behaviour or menial things, but because we can't rely on people with power to always do the right thing.
But it is also to hide criminal behaviour and that is actually good for a democracy because many things that were illegal previously are now legal because people broke bad laws, got away with it and nothing bad actually happened to the point that it changed all of society's mind on the issue enough to vote in favor of changing the law.
To have a functional democracy we actually need enough friction in the enforcement system that people have a reasonable chance of getting away with breaking laws so enforcement becomes a conscious decision to expend resources for obvious societal gain rather than a dragnet on behaviour we may not like but questionably harms anyway beyond the individual engaging in said behaviour.
Is it actually proven or does it just sound nice when stated that way? Perhaps it is, but my counter proof would be taking no measures to protect privacy, very likely being fully tracked by government, and not having any negative consequence. Privacy doesn't seem like a "need" in practice, especially when many vulnerable people will just continue to be bothered by police on public streets, forever.
Then the must face whatever punishment that society deems suitable for them if they are a part of it. It may seem unfair to that person, but it is considered to be for the greater good of people.
Okay, so our society here has decided that people who espouse your view need to immediately commit suicide or be killed by torturous methods that take days. It's the law.
"Don't be Black or Asian or a woman because in some countries that's not acceptable." Do you see how silly you sound? (I leave open the possibility that you are not silly and instead just an asshole or a bigot.)
>Don't be Black or Asian or a woman because in some countries that's not acceptable.
You don't need to follow the laws of every country at all times. I am sure I have broken plenty of Chineese laws, but that's okay because I don't live in China.
Then acknowledge that you want the ability to be a criminal by doing things based off your own beliefs rather than pretending you aren't trying to hide that behaviour.
Screw it, I'll bite. Got a weird feeling you just didn't phrase what you were trying to say as well as you could, and would appreciate clarification.
Is your assertion accurately represented by the following prepositions:
A) The poster you're replying to, is desirous of the purported safety of guaranteed informational asymmetry from those in power
B) the poster in being so desirous, in all likelihood, is mistaken in the perception that codified informational asymmetry is a protection to them, because the same protection covers the person in power, except arguably moreso
Or...
C) the only reason to be desirous of such asymmetry in the first place is that one harbors the possibility of criminal intent.
Which from your phrasing of your original comment, came off with an unsaid part of "which I (referring to yourself) don't have or care about).
I'd like to think C doesn't enter the equation; and I'm fairly sure others have probably reacted thinking that was where you were going with it. If that was the case, fine...
However, even C) is rebuffed by "the definition of criminal is fluid and changes over time; and there is little guarantee in the stickyness or aggreeableness of said change". Material examples resonant with said rebuff can be found in the Roe v. Wade overturn, among other things.
But if B) is more in line with your thinking, I'd be quite interested in further expanding on it. I'd also be interested in where you fall eith regards to the statement "everyone is criminal at some point, no exceptions".
I've always entertained the hunch that one of the best disinfectants for a serving public official would be the complete dissolution of any right to privacy for the term of service. Coincidentally, there'd be problems in that most potential candidates for such work would be few and far between, and there could be pathological effects/selection pressures on the candidate pool, but I've never really had anyone to rubber duck the theory off of before.
I would say that my view is closer to C, but instead of having criminal intent someone would have intent to do something regardless of the legality.
>However, even C) is rebuffed by "the definition of criminal is fluid and changes over time; and there is little guarantee in the stickyness or aggreeableness of said change"
Which is why I believe it to be important for laws to not be retroactive. If someone is living somewhere which allows retroactive laws and wanted to do something then trying to find ways to hide your potentially criminal behavior could be desirable. I believe people should just be honest that they want to have their crimes be hidden to reduce their legal liability than to pretend that they just really like privacy as a concept or because they think privacy in a human right.
Interesting thoughts; I think on a fundamental level there is something you misunderstand about privacy though.
I genuinely do not engage in any criminal activities (that I am aware are criminal at least) - so I dont fully understand where the criminality angle comes from.
However, consider the toilet: everyone basically knows whats going on in the toilet, some people do criminal things in the toilet, yet we give toilets doors & special stalls. This is what privacy is, a little comfort that you are not being watched while doing intimate or personal things. With the understanding that, yes, sometimes this comfort can lead to some people abusing it.
Heres the blatant problem with the law changing without true justification: people plan around the laws and if a right is lost suddenly it would have life altering ramifications for more than a negligible volume of people.
If society has proven anything, it is that criminal justice systems are imperfect and laws are arbitrarily defined by the most powerful individuals in a country.
The suggestion you're making is that rather than recognise abuse of power, that instead this is an excuse for individuals to commit unnamed crimes.
So I thought I'd start at the most basic example: Police that have used government databases to spy, stalk and harrass: ex's and attractive women they saw in public. This is barely scratching the surface in the many ways that information of totally innocent people has been misused.
This list is of course not exhaustive. There are simply too many examples to cite here.
There are no "good guys and bad guys", that is an infant's-level understanding of crime. Rather all systems need to be designed assuming that bad actors may access them. This means that "red tape" and oversight is needed, as well as ensuring that not too much information is pooled into a single system.
The information that Facebook/Google learns about their users far exceeds what governments have allowed in their own systems. Privacy advocates are right to be concerned about access to these systems.
This is true of most democratic countries especially the "Five Eyes" and "Fourteen Eyes" countries.
That I currently have a protection in law does not mean that the sitting government enjoys that I have it, however it is politically toxic to remove such laws directly so they erode them over time; in the mean time they enter these arrangements with third-party countries. (thus, terms like FIVEYES and FOURTEENEYES exist)
I believe though that intentionally loopholing the law to avoid this political problem is much worse than repealing the laws that protect me. It shows a fragrant disregard for the rule of law.
a Rundown of the western alliances:
* Five Eyes countries: United States, United Kingdom, Canada, Australia, and New Zealand
* Nine Eyes countries: The Five Eyes plus Netherlands, Norway, Denmark, and France
* Fourteen Eyes countries: The Nine Eyes plus Italy, Germany, Belgium, Sweden, and Spain
* Partners of the 14 Eyes: Israel, Japan, South Korea, Singapore, British Overseas Territories
There's precedent for the EU and other western European nations pressuring the US to do the right thing. It would behoove European leaders to put some pressure on the US to pass their own domestic privacy laws in line with their own. Diplomatic pressures could be useful here, in conjunction with domestic lobbying.
As a US citizen, I'd love European style data protections enshrined as law.
there are actually some data protection laws enshrined in US law, the US enters these agreements because they are doing the same thing as I described but in the inverse.
> As a US citizen, I'd love European style data protections enshrined as law.
As a US citizen, I'm desperate for this. Or even better laws. The GDPR, for instance, is a great thing and better than anything we have going here -- but it's still insufficient.
> The US having data on me by itself isn't a huge deal; there's no fucking way I will ever want to live there and factually:
I don't know how anyone can say this with certainty about any country these days unless you have a terminal disease or are up there in laps around the sun.
You have Western leaders literally toying with the idea of starting WW3 this week by inviting Ukraine into NATO - and sure it's not a certaintly, but so-called world leaders with bunkers are surprisingly laissez-aller about this.
And sure, the US is part of that block of countries, but there's a ton more distance between Russia and the US, than between Russia and Sweden.
<< Maybe I'm overstating this but it's a real concern of mine.
I don't think you are. I live in US and its version of 'privacy' has been normalized to a horrifying degree ( click this button so that we can do whatever we want ). We are basically at a point where 'enemy of the state' movie comparison is not even apt, because in that movie the audience would be petrified by it. Most are comfortably post-privacy.
Just about every survey on this topic clarifies people are nowhere remotely near 'post-privacy.' [1] That's a random one, but they all say the exact same thing. Basically everybody, by an absolutely overwhelming margin, feels that the risks of mass surveillance (including from the government) outweigh the benefits, with a similarly overwhelming majority also concerned about how the data is being [mis]used.
The problem is our democracy is completely broken, and the fact that 80%+ of people agree on something that would even be socially beneficial, means absolutely nothing in terms of getting it done. Politicians and corporations love hoovering data for the exact same reason - perceived power. So nothing changes. And no politicians run on topics that people care about because you don't get to the point of being able to run for the presidency unless they're a billionaire, or have become really good at greasing the bellies of those that matter. And those that matter, only want even more surveillance.
It's topics like this, and others, that lead individuals like me to think our system is due to collapse. Not the issue in and of itself, but the fact we have a democracy that seems to have little to nothing to do with the interests of the people. Instead it's just propagandized crap after propagandized crap made into the issue of the day (that incidentally tends to have absolutely 0 benefit to the lives of the average American), while what people actually care about is completely ignored.
Anyhow, rant over. Point being, no nobody is "post-privacy", let alone comfortably. It's more like we're a democracy that's become "post-democracy", and seemingly comfortably so. Plato is more a prophet than a philosopher at this point.
> Basically everybody, by an absolutely overwhelming margin, feels that the risks of mass surveillance (including from the government) outweigh the benefits, with a similarly overwhelming majority also concerned about how the data is being [mis]used.
And this has always been true. People blame the victims of surveillance for not being concerned enough to stop the perpetrators, who somehow come off as innocent by comparison; i.e. if you let them get away with it, of course they'll do it - who wouldn't! You might as well say it of a murder victim (if you empathize with murderers like coders empathize with tech giants.) As Stallman says, you're compelled to sign away your rights, because they'll make you do it to send your kids to school, to have a phone, to pay your taxes, to go to court, to interview for a job, to pay your rent, etc. For the average person this entails signing dozens of EULAs with dozens of different companies.
We can pretend that we're living in a democracy, but if the current actual material reality of citizenship necessarily requires signing all of your rights away (most often your right to privacy, your right to trial, or your right to speak), you know where you're living. You don't need to be a techie to know what that is; everybody knows what that is.
I respectfully disagree. While I agree with the inclusion of corps and governments as interested parties bent on getting as much information as possible, I am unwilling to exclude just average people living in America. Last time I suggested a more private forum for something the response was an overwhelming, 'but X is free'. People are may be choosing between partial privacy and subsidized non-private services, but they are actually overwhelmingly voting with their money for post-privacy stuff.
I am saying this as the odd sheep in the family. Everyone else has kids running with Chromebooks, Ipads, every app imaginable, self imposed house wiretap and TV that carefully tracks their choices. And I have a wife too, which does put up with some of my craziness, but is unwilling to give up facebook so I need to carve out an exception for her on my network.
You are not wrong about our democracy, but have you considered that it is partially by design?
This sentiment lacks perspective. You know yourself how much of a hassle it is to preserve your privacy or rights, and how ineffective it can still be with lots of effort and a lot of technical knowledge. Tech is not other people's hobby and job, they've got other things to worry about. If you ask them, they'll tell you how they feel about their privacy, but they can't invest the time you have into understanding how to preserve it.
They give up their privacy and go to work. They give up their privacy and go to school. They give up their privacy to have a laugh. It's a horrible investment of time and effort for them to live in hyperawareness of actual threats that are also almost impossible to avoid. That doesn't make them responsible for their plight any more than a antebellum slave that fails to escape the plantation.
It is a valid argument. I actually agree with you ( and OP ). The point I am making is that we simply cannot take the blame off the victims either. Unlike plantation slaves they actually do have a choice ( an annoying choice, but a choice nonetheless ). It is hard, if not plain impossible, to move the needle if the general population response is a generalized shrug. They need to get angry. They are not there.
So yeah, I am accepting my share of the blame. People in general need to accept theirs. Once that happens, we can go after the actual culprits. Things don't change until we recognize reality for what it is.
I don’t think it is correct to reason from generic survey question to specific policy proposal. There is a revealed preference that privacy is not a major factor to many Americans when competing interests are thrown into the mix.
Most people living in the US believe that they can go on Facebook, post a copypasta "notice" that they got from a "lawyer friend" on Facebook that removes the right of Facebook to use or share any of their data, and that's enough to keep their data safe.
as if the spying is even necessary, sweden is more than willing to make up fake charges on behalf of the US wanting someone arrested, this is how they got assange
Snowden, if any, shown that the USA gov can and already do regularly monitor communications.
We have CTF, KYC and AML regulations, as well as any related laws, for a reason.
Europe has now to deal with Russian invasion of Ukraine, because of this anti American sentiment.
If you don't see how the two things are related, and blame the USA who's the largest security supporter of Ukraine and Europe via NATO, then this whole privacy debate is useless.
Edit: 100 years ago, Germany was in a similar position like Russia today. Large powerhouse who thought they could get their way by military force. Sure, let Germany take some poland. Because of Germany we got WW1 and WW2, and 100 years later many haven't really learned their lessons.
Eu can do wtf it wants...In the EU. I can have an impact on that (however minimal, for now). But sending my info to the states - fuck that.
Also...which state? Each one has different rules.
I do hope the agreement is reciprocated: US people can have their data sent to "Europe". There's a gig difference between The Netherlands and Romania.
Actually, no there's not.
The problem with the data transfer was never the (lack of) regulation of big tech. If a company doesn't have sufficient privacy safeguards and controls for the data, it'd be a problem no matter where the data is stored. And the EU is perfectly capable and willing to fine them for billions or more for it.
The problem was with insufficient safeguards for data requests by the US government -- law enforcement and spy agencies. That's supposedly been addressed by the Biden executive order, but we'll see if the CJEU actually buys that argument.
I'm surprised the EU was comfortable with an executive EO instead of, say, a treaty.
They do know that (excepting special circumstances like insufficient justification) an EO can usually be overturned with minimal oversight by the next administration, right?
There were multiple attempts to make it legal for US companies to transfer and process EU data. They were all overturned in court after a few years because US surveillance law is incompatible with basic rights EU citizens have.
So my layman believe is that they don't need a treaty, since it will probably be overturned anyway.
> I'm surprised the EU was comfortable with an executive EO instead of, say, a treaty.
Especially because it's going to be absolutely meaningless. Administration opinion since Bush, Jr. has been that no foreigner has any rights an American is bound to respect, unless they're on American soil, which requires a handful of courtesies. They can announce this policy with all pomp and circumstance and on the same day have the Attorney General write a secret brief explaining his theory that it doesn't bind the government in any way, which becomes secret law.
Royal pronouncements and secret laws. What a democracy.
-----
edit: they literally dragged out Eric Holder the other day to complain that a court order barring intelligence agencies from backchannel communications with social networks was going to cause terrorist attacks and child molestation. The guy who coined "too big to fail" but wasn't saying it sarcastically, and who admitted that his legal opinion on due process in the case of the assassination without trial of American citizens was that whatever process they used to decide what they would do was "due process."
Statutes can be overturned too. It seems reasonable to bet that a future administration won’t want to invite the drama; if they do, the EU has revoked the agreement once so they’d presumably be willing to do it again.
No not really, if you look at the history of GDPR and EU it's very very clear that it was never intended to prevent data-transfer to the US, as long as the US companies comply with GDPR.
And that's what the outcome here is: data can be transferred to US companies which legally binding commit to comply with GDPR.
What was all the back and force about was that due to various US laws suing parties argued that US companies can not comply with GDPR even if they legaly binding commit to do so. Various courts ruled that that is indeed true.
Now again regulator have found another way to argue "it's legal like intended" which required some concessions from the US.
We will see if that way, like some previously ways, will be shut down by courts.
> the EU must decide what sort of society and economy it really is
It already made that decision in the first half of the 20th century. If you haven't heard, it decided to be a capitalist society. Nothing surprising here.
There are many different kinds of capitalism, some mostly good and some mostly bad, so just saying "it decided to be a capitalist society" lacks sufficient specificity. Also, capitalism is an economic system, so it's leaving out the "sort of society" part.
No, there isn't. There are merely different stages and the order they come in may vary ever so slightly as they affect one another. Over time, capital always accumulates, exploitation of the working class always tends to increase, and the rate of profit always tends to decrease.
funny, i see it as the opposite. why are we helping the europeans enforce european stuff? their rules ought to carry no force whatsoever here. we should be pushing back against foreigners legislating over American companies especially when some nation's laws attempt to govern our companies' behavior outside that nation.
Because without these repeated fig leaves, trans-Atlantic data transfers will be totally prohibited.
This carries the risk of losing the entire EU market, and further, the rise of actual competitors in the EU.
Can't have that. Gotta keep the EU dependent on US tech. Better make sure America retains tech dominance over Europe, and can keep raiding their tech talent with the lure of high compensation and global impact unavailable in the EU.
In all seriousness, the trans-Atlantic tech trade seems like a vaguely mercantilist colonialist system: Raw materials (skilled labor) flow in, finished goods (tech services) flow out.
Its touching that you are concerned about the fair treatment of a handful of overbearing oligopolies that like to "move fast and break things".
You obviously have no clue what surveilance means and where it can lead. People like you explain the shambles that is the US political and regulatory system. Allow others to be concerned about having any dependency on it and not making naive assumptions about how it might evolve.
The ECJ has thrown out two schemes like this already; the new scheme is barely changed from the previous two. NOYB is likely to challenge this one too.
The EU Commission is a lobbyist's playground, and the least-democratic of the EU institutions. I'm shocked that the Commission can do something like this by decree, without any review by other institutions.
> I'm shocked that the Commission can do something like this by decree, without any review by other institutions.
I don’t actually understand what the legal status of the “adequacy decision” is—it seems that once it’s thrown out by CJEU anyone who’d trusted it is still considered to have been doing illegal things? What does the decision make possible that wasn’t before?
That said, diplomacy has always been a part of the executive, which combined with the spread of democracy has led to weird hacks such as signatures on treaties not actually meaning anything until a parliament approves of (“ratifies”) them.
I think the idea is that the Commission maintains a list of countries to which it is OK to transfer data. The list is referenced from the regulation, but maintained by the Commission. Effectively, the Commission can adjust the legislation by buereaucratic pen-stroke, by altering the list.
I don't know whether it can operate retrospectively; for example, if you were off the list for a few years, but are now OK again, does that mean that your tech companies can't be chased for what they were doing when it wasn't OK?
I'd also like to know how this affects the UK. I don't know whether the UK implements the Commission's list in our legislation.
In parallel, there is a quite different point of view and after the last two dramas (Safe Harbor, Privacy Shield), the outcome is quite predictable in my opinion.
i recently spent year+ on managing gdpr compliance implementation in company where I work (multinational *aaS). Our current stance that we will continue as usual, where usual been that there is no new agreement. Because breaking down all gdpr compliance is easy but to restore it to compliant state is hard.
Depends what you mean by bad news really. If it turns out that transferring personal data between the EU and US is fundamentally impossible due to irreconcilable differences in data protection legislation then it'd have huge consequences for businesses and consumers world wide. Short term it'd almost certainly be a net loss for consumers.
Personally (and probably naively), I do hope the EU and US can find enough common ground. It'll make everyone's lives a lot easier [1].
[1] ...if the US can get out of the habit of rifling through the data of EU citizens at the drop of a hat.
> it'd have huge consequences for businesses and consumers world wide. Short term it'd almost certainly be a net loss for consumers.
I think this would pretty much only be a net loss for EU consumers and businesses. Maybe no longer having access to American tech companies' services would be beneficial long-term but only if EU entrepreneurs build domestic alternatives, which we know is pretty unlikely. I think the reality is that they'll just loosen their laws so they don't get shut out. As we're seeing them do here.
The EU has had a spotty history competing with SV. A large part of that is the different investment and regulatory environment for better or worse makes it much harder for tech startups to get going, especially after the fact when there are established players.
It would have been difficult to get funding to build the first Google or Facebook. Given how much money they make, it would be relatively easy to get funding for a privacy respecting copycat.
There's been dozens of "Google, but French" started by smart business people, they're very efficient at collecting millions in EU funding and producing almost nothing of worth.
Just an example: The EU wanted to have a domestic cloud, which would solve the privacy issues with US companies processing EU data.
Then there was the decision which companies should get contracts to build the infrastructure. And obviously they chose Microsoft, among others. If an US company is involved, the data is again subject to unreasonable laws like US cloud act.
Modern distributed systems span sites. The same artifacts run in all the zones and regions. You may have partitioning schemes for certain datasets, but that’s generally abstracted from the people and systems accessing them (aside from latency). Any extra access controls or restrictions on certain kinds of processing are going to be implemented in software at the record level, not by where the code is physically running.
If we were talking about doing a fully isolated instance of Facebook for the EU that would be one thing, but messing with where records physically live is dumb showboating. As long as US users connected to US backends can interact with EU friends’ content, it’s clear that the geographical separation is providing no meaningful secrecy of EU data.
The EU issued fines to Google and Meta for billions of dollars a few weeks before they decided this data transfer would be allowed. Wonder if they'll actually be required to pay the full fines now.
No one's fault but their own. Europe wants to form businesses created in other countries to their laws. Instead, they should focus on building infrastructure themselves and not always just getting 2nd hand US products. They sit idly by while these companies get made when they could be building their own alternatives.
Wel, its not easy to ban some big tech services from your life, but IMO, now is a good time to evaluate what can go. I have been toying with killing FaceBook for at least two years, this is likely a good moment to actually make it happen. THe USA is not trustworthy when it comes to datd privacy. Nor is any government. But opening the doors to send everything oversees to the "big brother" is simply not acceptable. I am not an US citizen. Since the EU obviously doesn't care for my citizen rights, I think it is time to vote for leaving the EU as well.
FWIW, replacing big tech with small tech doesn't really solve the problem unless you're willing to go all the way and sysadmin your own physical on-prem hardware.
In my experience, small tech is even riskier because they have similar technological capabilities as big tech to aggregate data and less oversight. Google, for all its ills, has an incentive to protect user privacy: people stop sending them money if they think Google is letting rando criminals harvest userdata, and governments get really antsy if they can't provide audit records for where the data goes and how it's secured. User trust is a lot more valuable to Google than risking that data, and (while the way Google uses the data can be cringe from time to time) the data itself is extremely secure, relatively speaking. Smaller firms can be bribed by those criminals, or bought by another firm with a different idea of privacy, or they simply go under and it turns out the data was unencrypted this whole time and, oops, the physical hardware storing the data just got auctioned off without a proper scrubbing, or some mid-level engineer had a copy of the whole user database on their laptop, or etc. And governments are worse at chasing the long tail of small firms; the legal process is better tuned to plop Meta and Google's lawyers' asses in the chair of an inquiry board than the lawyers / CEOs / garage-bound owners of a thousand small firms.
Well, I wasn't trying to say that small tech is better in any way then big tech. It is just that most for most standard users, most valuable data is likely going to big tech companies. Also, I disagree with your analysis, I wouldn't trust big companies more then small ones, for whatever reasons. US based is US based, and that is that. If the EU obviously fails to protect my data as a citizen by forcing these global players to keep the data roughly local, I am out.
What a joke... No big or small company is ever going to separate EU and non EU customers in different databases. Intelligence will just get whatever their filter matches.
Data sovereignty is indeed a thing, where companies separate customer data based on where they are located. A very expensive, pain-in-the-ass to deal with thing.
Yes! Maybe we can start caring about stuff that actually matters now instead of obsessing over IP-addresses maybe touching US soil when loading a font from a CDN.
Oh, interesting. So it looks like Meta made a bet and won: they didn't change their infrastructure over because they figured this is how the decision would go?
This actually makes their strategy make more sense. They kept claiming they'd need to leave the EU (which they would not have done), but it appears that the audience was the Commission rather than the regulators.
Those who think "europe is good on privacy" and want others to "shut up about it" ignore the deep corruption that exists (with regional flavours) which is usually shielded in bureocracy and process to pretend it's doing things on behalf of people and not simply their corporate quid-pro-quo friends and their self preservation interests.
But hey, it's easier to pretend "things are fine and that the problem is 'the right'" or some other boogeyman that dares criticize things outside the overton window.
Is it even corruption, or is it more a lack of philosophical cohesion?
I know that the US and most of Europe differ wildly on their understanding of monopoly protection. Extrapolating, I wonder if different EU members differ broadly on what constitutes "privacy" and therefore one might expect somewhat inconsistent results on privacy decisions based on who's hand holds the tiller that day.
I don't think it's different views on privacy between countries, since there's ambition to limit privacy of citizens in most countries.
My understanding is that there's always pressure from the executive to get more rights (surveillance, weapons, confinement). Depending on the administration and responsible minister, this results in slower or faster decrease in privacy.
E.g. here in Germany the current administration stance is against mass surveillance. But the responsible minister of inner affairs calls for less limits on surveillance. Luckily the entire rest of the administration is against it...
> Is it even corruption, or is it more a lack of philosophical cohesion?
It's corruption. People just don't want to see it. The same way people compare health systems to the US to pretend they're not royally screwed and corrupt.
> I know that the US and most of Europe differ wildly on their understanding of monopoly protection. Extrapolating, I wonder if different EU members differ broadly on what constitutes "privacy" and therefore one might expect somewhat inconsistent results on privacy decisions based on who's hand holds the tiller that day.
Not really. Every other country is trying to ban encryption, further ban speech, ban criticism of politicians to "protect children", I'm sorry, to protect "minorites" this time around.
And this is not just EU, UK and other non-EU members have the same issues. The point is, for whatever reason, these countries which are absolutely corrupt but have very status quo parliamentary systems with little political involvement, get treated as if they didn't have entrenched corrupt politicians who couldn't give less of a fuck, about privacy or the citizen in general.
You just have to be involved a little in the country's politics and you see it.
I really don't mind much about private companies spying on citizens: it's surveillance capitalism after all and you certainly, for example, decide to give FB/WhatsApp/Threads/Instagram the big giant middle finger.
What I do mind though is, once again, the EU Commission showing what they are: leeches fed on lobbyists money to pass laws favoring big corporations. It's insane but the EU Commission is, since it exists and relentlessly and endlessly, the bad guy. The EU Parliament, where there's at least a few hundreds elected people, tries to tone down the EU Commission but the Commission has been given so much power it pretty much writes the rules (which all the EU countries are forced to transpose into national laws).
AFAIK more money is spend in lobbying in the EU than in the US.
Everyone is focussing on the negatives but I think this is a big win for US based startup companies.
This is through a program called Privacy Shield. For years Privacy Shield was allowed in the EU. It requires registering with theUS Gov't and having certain standards in place. It's not as strict as GDPR but it is still something.
This does have implications for big tech as well but big tech could have always afforded to jump through hoops for Europe using loop holes and subsidiaries. This levels the fiend a bit.
Indeed. Not even gratis, certainly not libre, unless you consider your personal information to be worthless (and “big adtech” has shown this not to be true).
Which doesn't cost me a dime. Anybody with half a brain knows that TANSTAAFL, you have to pay somehow, but this way doesn't reduce the magic number in my bank.
My information belongs to ME and I should be able to give it in exchange for anything I want. That is my right that was taken away by the EU and now I have it back.
You personally always had the right to give your data to US companies. As a company processing my EU citizen data, you couldn't since that would infringe on my right for privacy.
I'm actually kind of surprised that this rhetoric hasn't been picked up by the Fox News crowd yet. "A group of Belgian communists holds the key to all international banking transactions made by Americans! Where is my liberty"
As part of the war on terror, American intelligence services have been monitoring European bank transactions since 2001. When the EU found out about it in 2006, they were outraged. But now it looks like the bloc will agree to a controversial deal that will allow the covert data transfer to continue.
Fucking finally! This isn't a "win for Facebook and Google", this is a win for every single small European business which can finally use industry standard services again without worrying about being fined.
It is barely different from the first Privacy Shield, so the chance of it being shot down again by the European Court of Justice seems quite high to me. Therefore as a small European business I'd avoid using "industry standard services" from the US anyways.
The entire problem for me is basically what Snowden revealed. In most democratic western countries a certain level of privacy is actually enshrined into law due to it's propensity for abuse. -- the US spying on Swedens behalf means that technically Sweden is not spying on Swedes.
The US having data on me by itself isn't a huge deal; there's no fucking way I will ever want to live there and factually: nobody is going to go sniffing into my life like in the movie "Enemy of the State" (though I suppose they could). However, the US sharing that information with Sweden can affect my life, because it's intentionally bypassing a protection that I am supposed to have in order to live in a free democratic system.
Failure to respect privacy lends itself to authoritarianism as people will self-censor if they feel they are not able to express themselves. Maybe I'm overstating this but it's a real concern of mine.