EU: Leave Facebook if you don't want to be spied on by US, warns EU - by Samuel Gibbs

The European Commission has warned EU citizens that they should close their Facebook accounts if they want to keep information private from US security services, finding that current Safe Harbour legislation does not protect citizen’s data.

The case, dubbed “the Facebook data privacy case”, concerns the current Safe Harbour framework, which covers the transmission of EU citizens’ data across the Atlantic to the US. Without the framework, it is against EU law to transmit private data outside of the EU. The case collects complaints lodged against Apple, Facebook, Microsoft, Microsoft-owned Skype and Yahoo.

Schrems maintains that companies operating inside the EU should  not be allowed to transfer data to the US under Safe Harbour protections – which state that US data protection rules are adequate if information is passed by companies on a “self-certify” basis – because the US no longer qualifies for such a status.

The case argues that the US government’s Prism data collection program, revealed by Edward Snowden in the NSA files, which sees EU citizens’ data held by US companies passed on to US intelligence agencies, breaches the EU’s Data Protection Directive “adequacy” standard for privacy protection, meaning that the Safe Harbour framework no longer applies and does not protect citizen’s data.

The comments were made by EC attorney Bernhard Schima in a case brought by privacy campaigner Maximilian Schrems, looking at whether the data of EU citizens should be considered safe if sent to the US in a post-Snowden revelation landscape.

“You might consider closing your Facebook account, if you have one,” Schima told attorney general Yves Bot in a hearing of the case at the European court of justice in Luxembourg.

Read more: Leave Facebook if you don't want to be spied on, warns EU | Technology | The Guardian

Government Spying: Snowden Says Technology Companies Should Lead on Data Encryption - by Adam Satariano

Edward Snowden, who leaked classified documents revealing the surveillance activities of the National Security Agency, said technology companies need to take a leadership role in improving encryption tools.

“There’s a technical response that needs to occur,” said Snowden, speaking through a video feed to a packed room of more than 3,000 people today at the South by Southwest Interactive conference in Austin, Texas. Technology companies can add layers of security that make it harder for intelligence agencies to scour for data, and can do it faster than new surveillance-oversight laws can be implemented, he said.

Snowden is now a fugitive in Russia to avoid arrest following last year’s release of the documents, which disclosed how global spy agencies collect vast amounts of data about phone calls and online activities. The revelations frayed U.S. relationships with countries such as Brazil and Germany and set off a global debate about whether the government is overstepping its authority and violating privacy to bolster security.

The leaks from Snowden, a former NSA contractor, showed that the U.S. had been collecting phone records as well as data from companies such as Google Inc. (GOOG), Facebook Inc. and Apple Inc. The disclosures made Snowden a hero to some people who want to see government activities reined in, while others, including U.S. President Barack Obama, say his actions compromised efforts to combat terrorism.

Security and privacy have been main themes of South by Southwest this year. Known as the conference that helped catapult Twitter Inc. to popularity, the gathering typically focuses on the discovery of new social-networking companies. Instead, this year’s event has focused more on the drawbacks and consequences of sharing personal information online.

Wikileaks founder Julian Assange spoke at the conference on March 8 and said the group would soon release a new trove of classified information. He didn’t disclose the timing or the topic of the material because he said he didn’t want to give the subjects a chance to prepare.

Other speakers, including Google Chairman Eric Schmidt, have discussed the impact of Snowden’s leaks. Schmidt said the material alerted his company to the fact the U.S. government was intercepting data from Google’s servers. Schmidt said the company has since enhanced its encryption and is “pretty sure” the government can’t access the data.

Still, he said the company must comply with court orders for information. Schmidt said there must be a balance between transparency and security, because the government data being disclosed could put lives at risk. Assange and Snowden’s release of classified information have made them “celebrities,” Schmidt said, and may spawn copycat efforts, increasing the risk for harm if the disclosures aren’t done carefully.

Read more: Snowden Says Technology Companies Should Lead on Data Encryption - Bloomberg

NSA created 'European bazaar' to spy on EU citizens, Snowden tells European Parliament - by Loek Essers

"Don't worry EU, we are your friend"

The U.S. National Security Agency (NSA) has turned the European Union into a tapping “bazaar” in order to spy on as many EU citizens as possible, NSA leaker Edward Snowden said.

The NSA has been working with national security agencies in EU member states to get access to as much data of EU citizens as possible, Snowden said in a testimony sent to Members of the European Parliament (MEPs) published Friday March 7.

The European Parliament had invited Snowden to provide testimony for an inquiry into the electronic mass surveillance of EU citizens. That surveillance, often instigated by the NSA but carried out with help of EU member states, is quite extensive, he wrote.

The NSA has been pressuring EU member states to change their laws to enable mass surveillance, according to Snowden. This is done through NSA’s Foreign Affairs Division (FAD), he said, adding that lawyers from the NSA and GCHQ work very hard “to search for loopholes in laws and constitutional protections that they can use to justify indiscriminate, dragnet surveillance operations that were at best unwittingly authorized by lawmakers,” he said.

The deals between the NSA and foreign partners are set up in such a way as to provide the NSA with a means of monitoring a partner’s citizens without informing the partner, and to provide the partner with a means of plausible deniability, he said.

“The result is a European bazaar, where an EU member state like Denmark may give the NSA access to a tapping center on the (unenforceable) condition that NSA doesn’t search it for Danes, and Germany may give the NSA access to another on the condition that it doesn't search for Germans. Yet the two tapping sites may be two points on the same cable, so the NSA simply captures the communications of the German citizens as they transit Denmark, and the Danish citizens as they transit Germany, all the while considering it entirely in accordance with their agreements,” Snowden said.

Snowden, who said that he’s still seeking asylum in the EU, also provided solutions to solve the mass surveillance problem.

It is easy to make mass surveillance more expensive through changes in technical standards, he said. “Pervasive, end-to-end encryption can quickly make indiscriminate surveillance impossible on a cost effective basis,” he said, adding that the result is that governments are likely to fall back to traditional, targeted surveillance founded upon an individualized suspicion.

The European Parliament is set to vote on a draft resolution on Wednesday March 12 that seeks to keep data protection out of EU-U.S. trade talks. The MEPs want the EU to suspend two deals with the U.S., one on exchanging banking data and the other on the Safe Harbor privacy principles for U.S. firms holding European data, as, they say, the fight against terrorism can never justify secret and illegal mass surveillance.

The MEPs will also vote on a proposal for stronger safeguards for data transfers to non-EU countries.

Wednesday’s vote could result in the updating of 19-year-old data-protection laws. Under MEPs’ amendments, companies breaking the rules would face fines of up to €100 million (about $139 million), or up to 5 percent of their annual worldwide turnover, whichever is greater, according to the Parliament

Read more: NSA created 'European bazaar' to spy on EU citizens, Snowden tells European Parliament | PCWorld