30 US Companies Said To Be Violating EU Data Transfer Deal
techcrunch.com> Our investigation found that many of the companies are involved with a web of powerful multiple data broker partners who, unknown to the EU public, pool their data on individuals so they can be profiled and targeted online.
I would like to see the consumers' faces the day they understand that companies like Google have been tracking their every step on the Web via background requests to Google's properties such as Google Analytics - for ages.
What are the implications of actually breaking this agreement? Does the FTC actually have the authority to fine these companies? If so, how much can they be fined?
Well, for one thing, it would mean these US organisations could fall foul of European law directly themselves, putting them at risk of sanctions if they have any people or assets within European jurisdiction.
For another thing, it would mean European companies using these services could get in trouble for failing to honour their own data protection obligations to their own customers. Those companies are definitely within European jurisdictions, and they are therefore subject to European data protection regulators, and in some cases those regulators have significant teeth. So potentially this could see European businesses switching away from non-compliant US businesses to protect their own legal position.
Finally, this is not good news for the US government. Safe Harbor is already under scrutiny because the European authorities can't just turn a blind eye to US government snooping in the post-Snowden world, which means in reality no US business can truly claim to meet the Safe Harbor requirements, which means every European company that works with those US businesses has an element of risk now. Given that privacy vs. free speech is one of the widest cultural gaps between the US and Europe, and that if activist lawsuits start flying and European companies start to pull out then the US has much more to lose, this is really not a subject where the US government wants to rock the boat right now.
Bottom line: If these big US companies really are flagrantly violating the Safe Harbor deal, you can probably expect some significant pressure to be put on them by the US government to clean up their acts in the near future, and if they don't comply, you can probably expect that it won't stop there either.
I'm curious to see which companies were examined - if any were investigated and were found to be meeting regulations, or could be held up as exemplary.
The paper details 30 companies investigated and found lacking, but no mention of how extensive the survey was. Was every single company they looked at in violation? Did they check out 100 companies and find 30 that didn't comply?