A U.S. magistrate has ruled against Google and ordered it to cooperate with FBI search warrants demanding access to user emails that are stored on servers outside of the United States.
This court order came a week after president Donald Trump issued an Executive Order that weakened protections for data held in the US about foreign citizens.
Here, Nicky Stewart, commercial director at UKCloud, comments on the developments.
“At the time of Trump’s recent executive order, US firms were quick to dismiss privacy concerns and the implied threat to Privacy Shield as a ‘complete over-reaction’, in much the same way that they previously dismissed Max Schrems before he succeeded in making the EUCJ (Court of Justice of the European Union) declare safe harbour invalid.
With the US DoJ (Department of Justice) appealing the Microsoft case, the Rule 41 amendments coming into force, Trump’s initial executive order with who knows how many more to come, and now the ruling against Google, there will be fresh concerns in Brussels, and European privacy campaigners are going to be up in arms.
“The last remaining foundation for Privacy Shield was the 1974 US Privacy Act (written well before email existed, in which time Europe has rewritten its privacy rules three times). Not only is this act out of date, but it is patchy and deficient at best. It now appears under assault.
Even if we could be confident that the new administration and US courts were committed to upholding European privacy rights, and could be certain that there would be no further orders or rulings like these, what we have seen so far suggests that the US is deeply divided and there can be no certainty.”
“Public sector bodies with contracts with US cloud firms need to make an immediate Privacy Impact Assessment, and if necessary, seek expert legal advice. They may need to scope out migration options to move workloads so data privacy and sovereignty can be assured.
As they prepare for Brexit and GDPR as well as the British Prime Minister’s new industrial strategy which actively favours UK firms for government contracts and procurement for growth in the post-Brexit world, departments are going to need to weigh up the risks (in terms of data privacy and sovereignty and currency fluctuations) of doing business with non-UK providers.”
The author of this blog is Nicky Stewart, commercial director at UKCloud
Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus
