Apple, Microsoft, Yahoo, Skype and Facebook receive complaints from European data protection agency
A European group known as Europe v. Facebook has filed complaints against the European subsidiaries of Apple, Microsoft, Facebook, Skype and Yahoo. The complaints argue that the five violated European Data Protection laws because of their cooperation with the NSA and its PRISM program which allowed the agency to receive information on phone calls and conduct surveillance on other forms of electronic communications.
The complaints against Apple and Facebook were made in Ireland, while the complaints filed in Luxembourg focused on Microsoft and Skype. The complaint against Yahoo was filed in Germany. Each of these U.S. companies have European divisions that must follow the privacy laws of the continent even if the data is processed by the U.S. subsidiary of each firm.
If a European subsidiary sends user data to the U.S.parent, this export of data is allowed only if the European division can guarantee "adequate protection" in the foreign country. Since this cannot be promised in light of the NSA PRISM disclosure, the European subsidiaries of the named companies are committing an illegal act.
source: EuropevFacebook via BGR
"In order to avoid taxes US companies have spun a network of subsidiaries. At the same time these ‘tax avoidance strategies’ lead to a situation where the companies have to abide by US and EU laws. This can get tricky when they have to adhere to EU privacy laws and US surveillance laws. Many journalists have asked us in recent weeks if PRISM is legal from a EU perspective. We have looked at that a little closer. The result was – after consulting with legal experts – that it is very likely illegal under EU data protection laws, because of the corporate structure of the companies."-Max Schrems, spokesman, Europe v Facebook
If a European subsidiary sends user data to the U.S.parent, this export of data is allowed only if the European division can guarantee "adequate protection" in the foreign country. Since this cannot be promised in light of the NSA PRISM disclosure, the European subsidiaries of the named companies are committing an illegal act.
These same European subsidiaries are required by European law to answer questions about their involvement in PRISM. The Europe v Facebook group says that the European divisions of these companies can either show some proof that they are not involved in the scandal, or explain why the gathering of information by the NSA fits into European data protection laws.
Graph shows how non-secured data export to the U.S. is illegal in Europe
source: EuropevFacebook via BGR
Things that are NOT allowed: