by Pat Brans

Is France a Safe Harbour for European Data?

Dec 02, 2015
Cloud ComputingIT Leadership

Anybody interested in knowing where European data can legally be stored should keep an eye on France. In July 2015 – six months after the January Charlie Hébdo attacks – French lawmakers passed legislation that allows French secret service agencies to perform electronic eavesdropping without a warrant. All government spies have to do is get approval from the French prime minister. Then they can look at your data without your knowledge.

Perhaps the bland official name of this law is by design, a way of minimising public attention. The official name is “Loi du 24 juillet 2015 relative au renseignement”, which translates to “The July 24th 2015 law concerning intelligence”. In any case, the passage of this law didn’t get as much attention around Europe as one might expect.

But what’s interesting is that the European Court of Justice (ECJ) just shot down the so-called Safe Harbor Agreement, effectively making it illegal for EU countries to store user data in the United States on the grounds that US authorities can collect such data without a warrant. One wonders how long it will take for a European citizen to raise a complaint forcing the ECJ to rule that, since July 24, 2015, France is not a Safe Harbor either.

What’s more, it might get worse in France. Just a few weeks after the November 13 terrorist attacks in Paris, and in the context of the COP21 meetings in Paris, the French government declared a three-month state of emergency allowing the police to search homes without a warrant.

One might think the French have given up on civil liberties. According to a survey conducted by RTL and Le Figaro less than a week after the November attacks, 84% of French people are willing to accept higher surveillance if it means greater security. But not all French people are taking it lying down.

Laurence Comparat is one of the 16% who are not willing to accept higher surveillance. Deputy Mayor in charge of the Open Data initiative for the city of Grenoble, Comparat says: “I personally think this law is totally ineffective. It’s mass surveillance. The authorities already had their eyes on the right people well before the attacks. When you sift through the data of tens of millions of people instead of focusing on the few you’re really after, you miss the warnings.”

Comparat believes: “The new law is an attack against liberty, and it’s inefficient. Therefore, it’s unacceptable.”

According to Grenoble’s head of Open Data, even with a very high level of surveillance, the NSA has not prevented the numerous attacks that still occur around the world. “France and the United States are not the only countries where there are attacks. Let’s not forget that the first victims of terrorism are in the countries where the sponsors of terrorism are. Lebanon, Pakistan, and Africa are where most of the killings are taking place,” Comparat says.

According to Laurence Comparat, Benjamin Franklin, lover of all things French, summed it up pretty nicely 250 years ago: “Those who surrender freedom for security will not have, nor do they deserve, either one.”

High-mindedness aside, let’s keep an eye on the French for clues on how the Safe Harbor battle might play out. As IT professionals, what’s most important for us is to know where we can store data without getting into trouble.