This article is from Issue 28 of Modern Law Magazine, to read the full issue click here or visit modernlawmagazine.com
If you’ve read the news at all recently, it is likely you will have heard about President Trump’s executive orders because in his first week and a half he has signed thirteen. In the hubbub surrounding order number thirteen, the ‘Muslim ban’, another order has slipped past the scrutiny of the mainstream press – and it is an order that could rob EU citizens of their online privacy.
The focus is on Section 14 of the ‘Enhancing Public Safety in the Interior of the United States’ order, which states: “Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”The EU-US “privacy shield” provides EU citizens with the promise that their data, should it ever be processed in the U.S, is protected with ‘essentially equivalent’ privacy protection once it gets there. The deal is only six months old but with one stroke of his pen, Trump may have wiped it out.
The European Commission has already responded to the order, stating that the privacy shield “does not rely on the protections under the U.S. Privacy Act” but also that they will “continue to monitor” the situation. Given that Mr. Trump has previously voiced opposition to cyber privacy – most notably when he called on his supporters to boycott Apple after their much publicised case with the FBI – all of us should be concerned that our freedoms could be eroded under the Trump administration.
U.S. based companies dominate our working lives. Microsoft’s Office 365 is expected to surpass 100 million users worldwide in 2017 and Apple’s iCloud has over 782 million users. If President Trump encourages U.S. tech companies to share customer data with law enforcement, the privacy of EU citizens is in real jeopardy.
It’s time to act. Technology, particularly cloud technology, is not going away and it is impractical to suggest we revert to storing data in ring binders and filing cabinets. It is practical, however, to suggest we store our files & data in the UK or EU countries. EU privacy law is far stronger than its U.S. counterpart and will afford the citizen far more protection. Invest some time in studying your technology partners, do they store data overseas? Is your data subject to EU data protection laws?
Are you a legal firm relying on Office 365 email to handle your sensitive communications…?
President Trump has already shown how tough he is prepared to be when cracking down on security and has hinted he has little regard for cyber privacy. It is the responsibility of those who are privy to sensitive information to ensure it is protected. Are you doing all you can to protect your client data?