
First thoughts on the decision invalidating Safe Harbor - thibaut_barrere
http://www.europe-v-facebook.org/EN/Complaints/PRISM/Response/response.html
======
RockyMcNuts
is there a TL;DR or a version written in plain English? Facebook going to have
to keep EU users' data in Europe and not store it in USA?

~~~
jeremysmyth
Not a TL;DR, but here's a very telling excerpt:

 _Consent has to be at least 1. freely given, 2. specific, 3. informed and 4.
unambiguous under Directive 95 /46/EC.

...

Users would have to be informed about the specific situation. So just saying
that “data is transferred outside of the EEA”, as the Facebook terms currently
do, will clearly not be sufficient to make an average users understand that
his data may end up at the NSA. At the same time Facebook is still publicly
claiming that it has never heard of any of any US spy program.

...

To get a valid consent Facebook in our example would have to be very upfront
and explain that all data that is used on facebook.com is subject to mass and
indiscriminate surveillance by the US government.

...

A legally binding consent under EU law can be done technically, but very
likely Facebook would automatically violate the “gag order” that applies to
them under US law. So basically they are trapped between US “gag orders”
prohibiting proper information and EU law demanding exactly that.

...

Bottom line: We will see a hand full of lawyers advising client to simply put
some additional disclaimer in their privacy policy – maybe just to have some
additional argument in the public debate or before DPAs that are known to be
“business friendly”, but this will not be a legally stable solution when data
is processed at US companies that are subject to ‘mass surveillance’._

~~~
pjc50
This is the "Snowden cookie warning" I suspected here
[https://news.ycombinator.com/item?id=10385807](https://news.ycombinator.com/item?id=10385807)

