Illegal EU Data-Sharing Deal With The U.S. Shows Transparency Not Always Enough
Despite detailing every element of the information sharing with U.S. border officials, EU courts strike it down.
The European Court of Justice on May 30 annulled a 2-year-old agreement between U.S and European officials for sharing data on airline passengers flying into the United States. The deal shows that as the U.S. government takes heat for using subpoenas to get data from Internet companies, even carefully crafted arrangements can land in trouble.
The court ruled illegal a 2004 agreement requiring European Union airlines to send information about each passenger from computer reservation systems to U.S. Customs and Border Protection within 15 minutes after a flight departs for the United States. European Commission lawyers have until Sept. 30 to draft a new data-sharing agreement, or leave airlines hanging with conflicting government demands.
It also shows the different ways businesses respond to government requests for data. Some airlines complied, others didn't, which forced the EU to decide whether cooperation is mandatory. Though the European Parliament initially dubbed the agreement adequate, Parliament ultimately brought its data-protection concerns to the court.
The 2004 pact was very specific on what information U.S. border officials could have, when, and for how long. Passenger name data could be used only to fight terrorism and other serious crimes. Data couldn't be kept more than three years and six months, unless it was involved in an investigation. No other agencies could get direct access to Customs and Border Protection databases. It allowed Customs and Border Protection to pull passenger information from EU air carrier reservation systems only until the carriers could implement a system to push the data themselves. The agency was required to implement an automated system to filter out sensitive information, from race and religion to union membership and health histories.
Still, the data-sharing deal has been found illegal. Transparency isn't always enough.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.