In the middle of a US Presidential election that will certainly become more contrast-focused (as politically correct Americans like to call mud-slinging), the Clinton data leaks are interesting and also worth investigation for their longer-term impact on the US economy,
Shaky ethics versus data protection
A friend who is a political science professor told me that Hilary was no different than other US politicians who walk the wrong side of the line of data protection.
But the Hilary Clinton private mail server, her flagrant disregard for protecting sensitive government communications and her dubious personal ethics on US State Department data security policies is much much more than a peculiarly American political issue that is news today and gone tomorrow.
Back in October 2015, the EU High Court struck down a the Safe Harbor agreement – a trans-Atlantic pact used by thousands of companies to transfer Europeans’ personal information to the U.S., throwing into jeopardy data traffic that underpins the world’s largest trading relationship.
The Safe Harbor executive decision allows companies to self certify to provide “adequate protection” for the data of European users to comply with the European data protection directive, and with fundamental European rights such as the right to privacy (under Article 8 of the European Convention for the Protection of Human Rights).
The Americans are just slow or maybe they don’t care about privacy
The Commission issued 13 recommendations for improving Safe Harbor in November 2013 (that is 2 years before the EUJ ruling ) but negotiations to rework the framework are still ongoing.
The ECJ’s judgement is the culmination of a 2013 legal challenge by European privacy campaigner Max Schrems who filed complaints against several U.S. Internet giants — including Facebook — in the Irish courts for alleged collaboration with the NSA’s Prism program. The Irish courts dismissed the complaint.
Why it matters to the rest of the world
A large number widely quoted (4,700) of US companies rely on Safe Harbor to operate businesses in the region. It also affects those companies that outsource data processing of E.U. users’ data to the U.S.
However – many more than 4700 US companies are affected by Safe Harbor dismissal. Any company with a US corporate presence will also be impacted. We saw this recently with an Israeli biotech company with offices in Boston who was requested by a Danish hospital to provide alternate assurances for data protection. This is a curious case where it is actually better to be Israeli rather than American.
The EU has recognized that the State of Israel provides an adequate level of protection for personal data as referred to in Directive 95/46/EC with regard to automated international transfers of personal data from the European Union to the State of Israel or, where those transfers are not automated, they are subject to further automated processing in the State of Israel. See this EU ruling on Israeli data protection
You can see the full list of countries (not the US) that provide adequate data protection here.
Long term impact to US economy?
With Snowden, Prism, the contrasted US Presidential elections, the Hilary Clinton data leaks and the attempts by the FBI to establish a dangerous anti-privacy precedent under the guise that they cannot hack an Apple iPhone – I would not expect resolution of Safe Harbor anytime soon.
The long term impact will be innovative technology / cloud / SaaS companies like our Biotech customer with Boston offices, taking their business out of the US to safer harbor places like Tel Aviv.
Which has better weather than Boston anyhow.