In the world of data transfers and privacy protection, Max Schrems – lawyer, author and privacy activist – explained that it is now more important than ever that our data is well protected.
In collaboration with Holm Security, Internet Vikings has released its new webinar entitled ‘The new era or transferring data’ which focuses on ‘the latest developments within the data protection space, the impact of privacy shield invalidation on data protection, the future of standard contractual clauses and practical steps for businesses’.
Ahead of introducing Schrems to the webinar, webinar host Chris Munz gave some context behind the reasons why data transfers and privacy are important topics for businesses.
He said: “Since June 16 2020 when the European Court of Justice declared Privacy Shield invalid in a ruling called Schrems II, data transfers and privacy have become particularly hot topics. The implications for businesses are huge. It’s not that easy to figure it out.”
Following a keynote presentation, the webinar moved to a discussion between Schrems (the lawyer responsible for the Privacy Shield invalidation), Peter Ekmark (CEO of Internet Vikings) and Stefan Thelberg (Founder of Holm Security).
Touching upon the argument that FISA is mass surveillance, Schrems explained that there ‘may be even less protection’ with Privacy Shield due to data protection falling under Executive Order 12333 which he says is ‘fair game’ – meaning the President can ‘just sign something without any legal basis’.
He explained: “There is an argument that once it reaches the US shores, there is at least some data protection because it falls under that law. But once it is one centimeter into international waters, there really is no regulation and they can do anything. This is more or less what the US argued in front of the European Court of Justice – there is no protection in the Privacy Shield outside of their territory.”
Arguing that some forms of data surveillance may be justified – in the cases of terrorism etc – Ekmark raised questions over the terms ‘strictly necessary’ when it comes to data protection.
Offering his views on what is ‘strictly necessary’, Schrems added: “I think one big difference is that the US law assumes a foreigner is a terrorist and a national is not. If we’ve learnt anything over the last 10 or 20 years, citizenship doesn’t determine how your brain works.
“That is the fundamental problem in this legislation in that it is based on citizenship and not on any form of risk assessment or objective criteria. From both a legal and practical perspective, this is a problem.
“Also on this narrative, I think it’s important to look at the scope of the definition of foreign intelligence information. It is, for example, an example of a threat of international crime. You don’t need the crime, you just need a threat that a crime could be committed. The definition is so broad that we’re moving far away from issues such as terrorism – it’s now more of a geopolitical issue.”
To watch the webinar, click HERE.