Trade deal coupled with EU court decision could spell trouble for our laws.
Amazon’s announcement last week that it plans to establish Canadian-based data centres to address mounting fears over the privacy and surveillance implications of information stored in the United States highlights how businesses and consumers have become increasingly concerned with where their data is transferred and stored. Yet two unconnected developments — a recent European privacy decision and the Trans Pacific Partnership — could create a Canadian privacy problem that even local data centres will not solve.
The European case starts with Max Schrems, an Austrian law student, who became interested in privacy issues several years ago as a visitor at Santa Clara University in California. Concerned with the privacy implications of personal information collected by companies such as Facebook, he filed numerous complaints against the social media giant. While most were dismissed, one ended up before the European Court of Justice, which considered whether transferring data to the U.S. violated European privacy laws in light of the widespread use of government surveillance.
Last fall, the court shocked observers by siding with Schrems, effectively declaring the agreement that governs data transfers between the U.S. and European Union invalid. The decision sparked immediate concern among the thousands of companies that rely on the decade-old “safe harbour” agreement.
European law sets strict restrictions on data transfers to countries without “adequate” privacy protections (as determined by European officials). The U.S. and European Union avoided an earlier data battle by compromising on the safe harbour approach in which the U.S. agreed to enforce privacy violations and the EU agreed to overlook the absence of a national privacy law.
…click on the above link to read the rest of the article…