EU Warns Cloud Customers of Data Surveillance by U.S.

The European Parliament published a new study prepared by the Centre D'Etudes Sur Les Conflits and the Centre for European Policy Studies that raises concerns of cloud data surveillance. Titled "Fighting cyber crime and protecting privacy in the cloud", the document pays special attention the current legal framework of the Foreign Intelligence Surveillance Act (FISA), which grants U.S. authorities the right to monitor the data of non-U.S. residents and organizations.

In its recommendation, the document authors write that the European Parliament should consider "amending the [data protection] Regulation to require prominent warnings to individual data subjects" and that "no data subject should be left unaware if sensitive data about them is exposed to a 3rd country's surveillance apparatus."

"The EU should open new negotiations with the US for recognition of a human right to privacy which grants Europeans equal protections in US courts," the document concludes.

Slate recently quoted William Kennard, U.S. ambassador to the European Union, stating that fears of mass surveillance are unwarranted. According to Kennard, all law enforcement and national security investigations require legal and judicial permission, which FISA, however, explicitly circumvents for non-Americans.

As long as FISA remains unchanged, there is little that the U.S. government can do to alleviate any fears that data will be monitored.

Contact Us for News Tips, Corrections and Feedback

  • -Fran-
    Why is this a surprise?

    I mean, really... With a warrant they have access to pretty much everything on a server from a 3rd party company. Thing is, we're supposed to trust that, information in their hands is being used for the 'greater good'.

    Cheers!
    Reply
  • soundping
    Everybody's guilty until proven less guilty.
    Reply
  • fnh
    Weren't the Europeans also worried about the US ECHELON network? Alleging industrial espionage on the part of the Americans through its SIGINT capabilities?

    Meh, it's just another (trans-,multi-)national pissing contest if anything.
    Reply
  • abbadon_34
    well DUH ...
    Reply
  • A Bad Day
    soundpingEverybody's guilty until proven less guilty.
    In the name of security of freedom!

    (sometimes makes sense, if you don't think or ask)
    Reply
  • JAYDEEJOHN
    We must have way too much liberty.
    We need to start giving it away quickly before it grows
    Reply
  • BriboCN
    At this point if you don't encrypt something expect that others can see it. It really does not matter where you are and what you do. Being able to encrypt data is so easy these days why they would not base a cloud infrastructure around it is beyond me.
    Reply
  • thecolorblue
    BriboCNAt this point if you don't encrypt something expect that others can see it. It really does not matter where you are and what you do. Being able to encrypt data is so easy these days why they would not base a cloud infrastructure around it is beyond me.the cloud is about mining your data - that is its corporate purpose
    Reply
  • YukaWhy is this a surprise?I mean, really... With a warrant they have access to pretty much everything on a server from a 3rd party company. Thing is, we're supposed to trust that, information in their hands is being used for the 'greater good'.Cheers!
    I think the point the EU is raising is that they don't need a warrant for non-US citizens which 'FISA.. explicitly circumvents for non-Americans.'
    Reply
  • npcomplete
    I agree about clients using their own encryption, but that is an extra step that has to be done and removes certain features. A few services (very few) do offer end-to-end encryption where they do _not_ maintain your private key. I think Kim Dotcom's upcoming Mega service would be a good choice, since there's now an incentive for him to limit his liability as well
    Reply