Max Schrems has a lot to answer for. The Austrian is single-handedly responsible for bringing down a key transnational data agreement that has left cloud service providers scrabbling for legal counsel. This is either a good thing, if you’re a privacy activist concerned about intrusive US surveillance policies, or a confusing and worrying one, if you’re a provider or customer of cloud services.
Worried by the Edward Snowden revelations, Schrems questioned the Irish Data Protection Commissioner, on the basis that Facebook was collecting his data in Ireland and then moving it to the US for processing. The Irish DPC simply pointed to the Safe Harbour agreement and said that its hands were tied.
The case was bumped up to the Court of Justice of the European Union (CJEU), which on October 16 ruled that Safe Harbour was illegal. Its rationale was that it enabled companies to share data for national security purposes but didn’t address whether the protections were strong enough.