Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Microsoft's top lawyer: I have a cunning plan ... to rescue sunk safe harbor agreement

Internet faces 'digital dark ages' if nothing is done, we're told

Microsoft president and chief legal officer Brad Smith has presented a new safe harbor pact to replace the agreement struck down earlier this month by the European Court of Justice (ECJ).

The ECJ ruled that transferring Europeans' private information in and out of America is no longer allowed because America's privacy laws aren't compatible with the EU's. The US and Europe had a safe harbor pact permitting this flow of personal data over the Atlantic, but the court tore it up, which is a major problem for Silicon Valley.

Smith agreed the system had to change, but warned of the dangers of a Balkanized internet – a Euro internet versus an American one – saying it would lead to "a return to the digital dark ages."

"It's an opportunity whose time has come," he said in a blog post. "This month the old legal system collapsed, but the foundation long ago had crumbled. In recent years it has been apparent that a new century requires a new privacy framework. It's time to go build it."

Microsoft's plan is ridiculously straight forward: a new legal framework for handling data, where blocs on both sides of the Atlantic agree to play by each other's rules. American firms with European customers would handle their data in compliance with EU rules and vice versa.

That changes, however, if an EU citizen lives in the US or if an American moves to Europe. In that case the data rules used match the physical location of the customer. Finally, governments seeking data on a customer must only get it through the company that operates the data, to ensure the rules are followed.

"There are other nuances and complexities that should be considered as well. There always are," he said.

"But this fundamental approach would cut through the existing legal confusion by making clear both that people will not lose their privacy rights when their data is moved across a border, and that there is an effective and legally proper basis for law enforcement to access the data needed to keep the public safe."

Microsoft laying out its plan in this way is certainly useful to the debate, but El Reg suspects it won't be as easy as that. Getting the new rules past the EU, which is currently sore over NSA spying, will be tricky, and getting the US Congress to act will be akin to herding cats. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like