Data Privacy: The Tide Turns in EU

Europe is  in the midst of a technological step change; a pivot in the world of data privacy.

Many people fall into the trap of seeing privacy in an overly atomistic, individualistic, selfish way; the preserve of the filthy rich. And it is, if we see it as separable from collective freedom, or as absolute over other rights; of freedom of expression, opinion and association; freedom to protest; freedom to resist. But this is not privacy’s ask.

Privacy is about having decisional power, control, over which acts and events of our lives are disclosed and to whom, free from the prying eyes of states, corporations and neighbours. Privacy affords us the freedom to develop ourselves in the world.
The crux of the issue with digital technology is that our ability to make decisions and to control our personal information.

Mostly without our knowledge, and certainly without informed consent, nation states sweep our data alleging ‘national security’ interests, whether legitimate or not. Corporations sweep our data, because they have powerful economic incentives to do so and, with the capitalist lurch, no reason not to.

So what can be done to reclaim this systematic erosion to reinstate rights over the long echo of our digital whispers and wanderings? In Europe, there are some rumblings of resistance. They are the rumblings of citizens, of regulators, of courts. And they are starting to find their voice.

On 24 March in Luxembourg, the Court of Justice of the European Union heard Austrian Max Schrems’ lawsuit against Facebook over the storage, security and treatment of European users’ data. In particular, it explored cooperation between Facebook and US intelligence agencies in sharing private information through Prism and other clandestine surveillance programs. The Schrems case is politically charged, thrust into the tense commercial and intergovernmental relations between the EU and US over data privacy, and particularly the imperiled ‘safe harbor’ regime, which has governed cross-border data transfers for the past 15 years.

This will have been given fuel by the discovery that Facebook spies on virtually all European web users, even those who have opted out of its services, for up to two years.

If ex-NSA contractor Edward Snowden’s disclosures about the vast extent of digital surveillance issued a gunshot, then the European Parliament absorbed it, and the CJEU is now deflecting it. So much so that it has even reached the UK.
The UK is not particularly known as a stronghold of data protection and privacy. But that may have changed with a significant Court of Appeal case on 27 March of Vidal-Hall, which concerned claims by Apple Safari browser users against Google over secret tracking and collation of their browser-generated information and its sale to advertisers.
Vidal-Hall was a procedural decision, but it cleared the way for claims against international tech companies for the tort of misuse of private information, as well as confirming the availability of damages under the UK Data Protection Act for non-financial losses, such as anxiety and distress.

Finally, and moving away from the courts, on 26 March, the UN Human Rights Council issued a resolution establishing a special rapporteur on privacy, the latest step in the Germany and Brazil-led coalition, initiated after the Snowden revelations, to bring privacy in the digital age to the United Nations.
Where do we go from here?

Almost all of our new and much-vaunted technological advances, the app economy, drones, self-driving cars, the Internet of Things, pose unprecedented and, as presently conceived, unjustified trade offs with our autonomy, privacy and data rights.
There are signals and small flames of hope however, that the balance can be readjusted, that corporate and governmental restraint can be introduced to digital platforms, and that citizens can be put back in the driving seat. 

The challenge articulated 15 years ago by scholar Michael Froomkin stands as true as the day he said it:

“There is no magic bullet, no panacea. If the privacy pessimists are to be proved wrong, the great diversity of new privacy-destroying technologies will have to be met with a legal and social response that is at least as subtle and multifaceted as the technological challenge. Given the rapid pace at which privacy-destroying technologies are being invented and deployed, a legal response must come soon, or it will indeed be too late.”

Guardian
 

 

« Human Rights Activists Want to Ban ‘Killer Robots’
Leading Belgian Newspaper Hit by Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions delivers a range of Industrial Automation and Cyber solutions & services to sectors including Oil & Gas, Chemicals & Petrochemicals, Power and others.

ISARA Corp

ISARA Corp

ISARA Corporation is a security solutions company specializing in creating class-defining quantum-safe cryptography for today's computing ecosystems.

Shieldfy

Shieldfy

Shieldfy is a cloud-based security shield for your website to protect it from cyber attacks and malwares.

Industry IoT Consortium (IIC)

Industry IoT Consortium (IIC)

The Industry IoT Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT).

IAR Systems

IAR Systems

IAR Systems are a frontrunner in a changing industry, and a future-proof software supplier enabling the IoT.

Startups.be

Startups.be

Startups.be helps tech entrepreneurs to be successful by providing quality access to service providers, business partners, customers and investors.

Police Digital Security Centre (PDSC)

Police Digital Security Centre (PDSC)

PDSC is a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Liberman Networks

Liberman Networks

Liberman Networks is an IT solutions provider company that provides security, management, monitoring, BDR and cloud solutions.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

SalvageData Recovery Services

SalvageData Recovery Services

Since 2003, SalvageData has been providing high-quality data recovery with the certifications needed to work with any storage media manufacturer.

BlackSwan Technologies

BlackSwan Technologies

BlackSwan Technologies is reinventing enterprise software through Agile Intelligence for the Enterprise – a fusion of data, artificial intelligence, and cloud technologies.

Attura

Attura

Atturra is one of Australia's leading advisory and IT solutions providers, focused on providing end-to-end transformation services to its clients.