The European Court of Justice’s bombshell

This morning’s Observer column:

On Tuesday, the European court of justice, Europe’s supreme court, lobbed a grenade into the cosy, quasi-monopolistic world of the giant American internet companies.

It did so by declaring invalid a decision made by the European commission in 2000 that US companies complying with its “safe harbour privacy principles” would be allowed to transfer personal data from the EU to the US.

This judgment may not strike you as a big deal. You may also think that it has nothing to do with you.

Wrong on both counts, but to see why, some background might be useful….

Read on

LATER This is a truly extraordinary moment. Lots of interesting and informative stuff about it on the Web, including this piece by Julia Powles and this NYT piece by Robert Levine.

And this from Edward Snowden:

Snowden_tweet

So what happens next? My colleague Nóra ní Loideain has passed me this reassuring note:

Christopher Graham, UK Information Commissioner, said on 8 October at a meeting at Dentons [a law firm]: “Don’t panic. Safe Harbor is not the only route for international transfers. We are coordinating our thinking with other DPAs across the European Union.” The 28 DPAs which form the EU Art. 29 Data Protection Working Party met in their International Transfers sub-group on 8 October, and this group’s plenary will discuss the issue on Thursday this week, on 15 October.

Which means … what, exactly??