iTnews

User privacy rights must move with their data: Microsoft

By Juha Saarinen on Oct 21, 2015 11:03AM
User privacy rights must move with their data: Microsoft

Seeks stronger privacy protection to revive 'Safe Harbour' deal.

Microsoft has proposed a solution to data transfers between the European Union and United States after an EU court recently ruled the long-standing "Safe Harbour" regime invalid.

The company's top legal officer, Brad Smith, said the only way a new "Safe Harbour" regime could be devised was if governments on both sides of the Atlantic respected the privacy rights and protections enjoyed by EU and US citizens, even if their data left the countries they live in.

Like the EU court, Smith pointed to revelations by Edward Snowden as the reason the existing data transfer system was struck down, and referred to an earlier case in an Irish high court that found US mass surveillance ran counter to Irish citizens' right to privacy.

"As the European court reasoned, the case [in Ireland] had raised real concerns that once personal data was moved to the United States, it might be accessed through governmental bulk collection and without any right by Europeans to defend themselves before a US court," Smith wrote.

"Legal rules that were written at the dawn of the personal computer are no longer adequate for an era with ubiquitous mobile devices connected to the cloud."

The "Safe Harbour" deal had been in place for around 15 years, and a new approach is needed to tailor today's technological advances to demands for privacy, he said.

Privacy is a fundamental human right, a principle that has been enshrined in constitutional law on both sides of the Atlantic and must be protected, Smith wrote.

Microsoft has lobbied hard for data not to be forcibly localised through data sovereignty and similar provisions, and the recently agreed Trans Pacific Partnership trade agreement bars the 12 participating countries from preventing information moving across borders.

Smith said a global internet where cross-country data flows are permitted was needed lest commerce grind to a halt and the world "return to the digital dark ages."

"Imagine trying to complete a purchase online and being told that your purchase has been blocked because your credit card information needs to be processed somewhere else," he wrote.

"Imagine having your airline reservation rejected because your passport information cannot be transmitted by the airline to the country where you want to fly."

He proposed a "Rubik's Cube" solution with four steps that would revive the defunct "Safe Harbour" system, starting with people's legal rights moving with their data across the Atlantic.

If the US government wanted access to information belonging to EU nationals, stored in America, it would have do so in a manner that conforms to EU law, Smith said.

EU governments and agencies would likewise have to follow US legal procedures to access data belonging to Americans stored in Europe.

There needs to be a better, expedited process between US and EU government entities seeking access to personal data and authorities who review and authorise this, Smith said.

People who move between the EU and the US need to be taken into account as well, he said. If an EU citizen moves to the US, the American government could only ask US courts to authorise data disclosure for that person.

Governments should also seek access to data of legitimate businesses only by serving an order on those organisations, even when the information is stored in the cloud, Smith said.

Such an agreement would address "one of the principal areas of current legal concern for businesses that are relying on cloud services," he argued.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
brad smitheuropean unionmass surveillancemicrosoftnsaprivacysecuritysoftwarestrategyusa

Partner Content

DoT Victoria turns to Oracle to implement unified cloud-based platform
Promoted Content DoT Victoria turns to Oracle to implement unified cloud-based platform
Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
Security through visibility: supporting Essential Eight cyber mitigation strategies
Promoted Content Security through visibility: supporting Essential Eight cyber mitigation strategies

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • 11th Annual Fraud Prevention Summit 2022
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Juha Saarinen
Oct 21 2015
11:03AM
0 Comments

Related Articles

  • EU rules take aim at illegal data transfer to non-EU governments
  • Aussies less trusting with data in wake of Covid-19
  • WA Health criticised over Covid-19 data management
  • 5 essential digital transformation ideas
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform

NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'

Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS

Westpac promotes its head of technology to mortgage role

Westpac promotes its head of technology to mortgage role

Digital Nation

The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.