updated 01:32 pm EDT, Fri July 26, 2013
Companies escape scrutiny via 'Safe Harbour' self-certification rules
The Irish Office of the Data Protection Commissioner says it won't investigate Apple and Facebook over their sharing personal data with the US' National Security Agency, according to New Europe. Both Apple and Facebook have their European headquarters in Ireland, and an Austrian student activist group -- europe-v-facebook -- asked the ODPC to look into claims that the NSA collects emails and other private information from the companies through its Prism spying initiative. The ODPC states that the companies are covered under "Safe Harbour," which allows US companies to self-certify themselves as compliant with European Union data laws as long as they agree to a set of principles intended to protect how personal data is used.
Safe Harbour was first adopted in 2000, predating Prism by about seven years. The policy has since been reviewed by the EU several times, and come under increasing skepticism. EU Justice Commissioner Viviane Reding recently said that it may "not be so safe after all;" on Wednesday, the data protection commissioner for the German state of Bremen asked the European Commission to suspend Safe Harbour indefinitely, considering "excessive surveillance by foreign secret services." Reding has promised to review the agreement again and introduce new regulation.
europe-v-facebook founder Max Schrems suggests that the ODPC is "trying to simply ignore the complaints and the whole Prism scandal." Meanwhile, he says he is still waiting for responses to complaints filed against Yahoo in Germany, and Microsoft and Skype in Luxembourg.
Ireland may have strong incentive to ignore privacy issues. The country is the European headquarters of other major American high-tech companies as well, such as Google and Microsoft. The firms are sources of both jobs and tax revenue, even if local loopholes allow businesses to escape normal tax rates.