What a fucking shit show. It is astounding how impotent our legislature has been for so long. This whole thing could easily be avoided with actual fucking laws, but instead they’ve continued to hand more and more power over go the executive/presidency for years and years.
Congress has the power, they just refuse to use it. The legislative branch was given the most power in the constitution, which they’ve ceded by being unwilling to actually do their jobs. They could take all that power back whenever they wanted of they had spines and morals
Oh, 100%. That’s what I mean, our Congress has become completely useless due to the “all or nothing” stance the GOP and to some extent the DNC have taken over the last couple of decades.
Congress has no issue providing endless corporate welfare or aid to Israel…
They are only in grid lock when it comes to issues the pedons need fixed.
US-Cloud was always illegal for EU-citizens since GDPR. Privacy shield was just the next try to label it as legal without changing the cause (US having no privacy protection) until it gets disabled again by EU court in 5 to 10 years.
It’s never been illegal at all, you’re oversimplifying the issue. Plenty of use cases that can use US clouds. Not all data is PII and plenty of use cases perform fine by anonymising their data. Also EU countries aren’t that better than US when it comes to state issued privacy violations; we just don’t do dragnet bullshit (yet) but plenty of requests are served as requested…
and plenty of use cases perform fine by anonymising their data
Short of aggregating it to get rid of the individual records completely, “anonymizing data” isn’t actually a thing.
That’s not the only way to do it. In quite a lot of situations you can, instead, generate artificial data that is statistically similar to the original data set and use that instead. That works well for things like system testing, performance tuning and integration testing. Done right, you can even still pull out useful corelations without risking deanonymising the data.
There’s plenty of techniques to avoid re-identification… aggregation isn’t the only way. Especially considering that aggregation if using a stupid dimension isn’t helping at all…
An alarming amount of data that should be classed as PII isnt. information in aggregate changes classification, PII should be treated the same.
Depends on the dimension used. « Shoulds » are meaningless. Let’s not assume everyone is doing shit work, awareness is getting there and people are getting more capable to correctly classify data. Anyway assuming correct classification there are techniques that changes classification enough to allow exportation of data to shit countries.
Correct. GDPR doesn’t prevent US services from serving users in Europe. It does enforce some user rights though.
You are also correct about EU countries violating privacy rights, this is a global fight, not limited to the US or US companies.
Good thing I’m correct as it’s my job to ensure compliance with it for my employer and related companies.
And we call those rights « data subject rights » as it’s not about users but specifically the physical person concerned about the data. But close enough I guess.
Will Trump be the EU’s wakeup call?
It should have been the first time, and we saw what happened then.
The wakeup call should have been Snowden.
illegal in the EU*
When I first read the title I thought it was some clickbait claiming that US cloud providers themselves would all be found to be illegal and cease to exist at all, which is of course, preposterous. Some clarification in the title would have helped.
Indeed; the title confused me too. I guess they assumed the connection with Europe to be implicit, given they are the European Center for Digital Rights and use a .eu domain.
I live in Canada and have stopped storing any data in the US. Give me EU data hosting ALL DAY.
