OwlTail

Cover image of Simon McGarr

Simon McGarr Podcasts

Read more

3 of The Best Podcast Episodes for Simon McGarr. A collection of podcasts episodes with or about Simon McGarr, often where they are interviewed.

Read more

3 of The Best Podcast Episodes for Simon McGarr. A collection of podcasts episodes with or about Simon McGarr, often where they are interviewed.

Updated daily with the latest episodes

Episode artwork

Simon McGarr - #DataPrivacy

Play
Read more

Data privacy will never be the sexiest topic to discuss but it is probably one of the most important. A recent ruling in the European Court of Justice has found that the US equivalent of GDPR known as Privacy Shield isn't up to European law standards. While the short term effects of this ruling are hard to find, the long term consequences of this ruling are extremely important. So important that Rachel felt she'd better get an expert on to talk about it. So who better than Director of Data Compliance Europe, Simon McGarr?

Become a patron - visit www.patreon.com/dtppod

Follow Simon on Twitter.

Jul 24 2020 · 1hr 6mins
Episode artwork

Simon McGarr #WolvesNow Ep.178

Play
Read more
Skeuomorphic thinking: where you attempt the jam the design language of a previous technology into a new technology in order to make it easier to digest and understand.

When the Broadcasting Authority of Ireland was recently suggested as the online regulator for Ireland and therefore the de facto regulator for the entire EU, many where glad that we were doing something. But our guest in The Tortoise Shack, Solicitor and Director of Data Compliance Europe immediately saw the flaws in this proposal.

We take a deep-dive into all of this, RTE's funding model and more.

From minute 56 we talk Genomics Medicine Ireland, the idea of a DNA fingerprint for the entire country and the high bar of informed consent, that Simon isn't convinced these companies are reaching. And from 1hr 7mins we get down to the real business, rewiliding Ireland and Wolves Now!

Help keep this podcast going: patreon.com/tortoiseshack
Jul 03 2019 · 1hr 15mins

Similar People

Gavan Casey

Wiley Fox

Lorna Bogue

Hazel Chu

Dawn Foster

Philip O’Connor

lorcan Sirr

Cllr Lorna Bogue

Ellen Reid

Séamus Malekafzali

Ken Foxe

Noelle Brown

Shana Cohen

Laurence Cox

Colm O’Regan

Episode artwork

Safe Harbour Ruling Strengthens Europe’s Hand – An Interview with Simon McGarr [Audio]

Play
Read more

Simon McGarr is our guest on today’s podcast. He’s the solicitor representing Digital Rights Ireland, who were granted amicus curiae status in the case regarding the EU-US ‘Safe Harbour Agreement’, which the EU Court of Justice ruled invalid this week.

Click on the player above to listen to the show, or download it here: 21:34; 12MB; MP3.

The case arises out of a complaint by an Austrian man named Max Schrems, who asked the Irish Data Protection Commisioner to investigate whether his data held by Facebook in the US was adequately protected under EU Data protection law. The Commisioner initially dismissed his case, arguing that since Facebook was covered by the EU-US Safe Harbour Agreement, that there was no case to answer.

‘Safe Harbour’ sounds impressive, says Simon, but it amounts to nothing more than companies certifying themselves as providing ‘adequate protection’.

It’s a very peculiar thing to be called an agreement. It’s an exchange of letters between the European Commission and the US Government, where the Commission asked for reassurances in relation to how things are done in the United States with relation to data. And then a further list of names is kept by the US Government of companies who agree to mostly self-certify that they are behaving well towards European users’ data, and if you follow all those rules and you were on the list and you had done what was required in terms of self certification, then you were deemed to be part of the Safe Harbour agreement, as about 4,500 companies were.

Digital Rights Ireland and Mr Schrems argued that this was inadequate. It didn’t matter that Safe Harbour was agreed by the EU Commission: it simply didn’t measure up under the EU’s Charter of Fundamental Rights. The Court agreed.

What the court has said is that Data Protection rights aren’t just a matter of national legislation. They’re not just a matter of EU legislation: the Directive.  They’re actually part of the Charter of Fundamental Rights. There’s now a separate Data Protection Right, separate and distinct, and in addition to your general Right to Privacy, written into the Charter of Fundamental Rights. The result is that when the Commission makes a decision in breach of that Charter, as the Court finds … it has the power to strike that decision down, and it did so.

Significantly, he explains, the ruling says that not only are Data Protection Commissioners permitted to investigate in spite of legislation, they are actually obliged to do so, and – if neccessary – to challenge the constitutionality of such legislation in court.

The data protection authorities of Europe – the independent overseers at national level – have been enormously strengthened by this ruling. They now have the power to make investigations, and indeed, not just the power, but an obligation is put on them by the court that they must investigate matters, even where there has been a Europe-wide decision issued from the European Commission, and if needs be they can take necessary litigation to challenge that European decision if their investigation discovers that the facts do not warrant the decision that has been made.

The ruling is set to have far -reaching implications, he says.

I think there’s no question but that it is significant, and I think it’s going to take a short period of time – not a long period of time for that significance to unfold out into the public gaze. We’ve seen a lot of holding statements issued in relation to ‘business carrying on as usual’, ‘no change’, ‘we can always use different methods of transferring data’, but those different methods – such as model contract clauses – rely on the same presumption that the Safe Harbour agreement relied on: that the United States Government wasn’t going to take a copy of all the data, a presumption which the Court has now effectively rebutted and struck down.

The judgement brings to the fore the essential ideological differences between US and European approaches to data protection.

There is no doubt but that the idea of personal data as a tradeable commodity is now anathema to the EU’s most fundamental laws. Mass surveillance is absolutely anathema to the fundamental rights of European Citizens. The European Court has said that in this case, and in the Digital Rights Ireland case, and in addition the Google Spain case has ruled on the limits of data as a profit centre, where the use of that data might contravene the personal rights of the individual, so what we see is a court that is very much staking out a series of case law precedents which say the privacy and dignity of the individual will have primacy over anything that a company, or indeed industry, may wish to use, and that includes the surveillance industry.

This ruling, he points out, carries the weight of constitutional law. The Charter of Fundamental Rights is “the bedrock document upon which the treaties, and all subsequent legislation, rest”.

So where does this leave EU-US relations, when it comes to digital business? Simon thinks that the court decision will strengthen Europe’s hand in data protection negotiations which have not been making progress. EU negotiators have already requested assurances of better data protection: now those requests carry the weight of a constitutional imperative.

“The commission can’t do a deal which trades away anything that the Court has found is fundamental to human rights. So the Commission now has an absolute red line. It cannot go lower in terms of protections than the court has found is required.”

Therefore, while businesses on both sides of the Atlantic will push for an agreement, in practice only the US has room to manouevre, as the Court decision makes much of the EU position non-negotiable.

“There’s no doubt that the Portarlington office of the Data Protection Commisioner finds itself at the sharp end of the entirety of Europe’s Data Protection regime”.

The task falls to the Irish Data Protection Commisioner to investigate Mr Schrems complaint against Facebook. Simon points out that the Commisioner’s office doesn’t have to start from square one. There is already considerable research on the shortfalls in the American data protection regime, including a report for the EU Commision which was used in evidence in the court case. “It’s up to the Irish Data Protection commisioner to decide the weight to give to that [in its investigation]”

Technology.ie is brought to you by Blacknight, Ireland’s leader in domains and hosting. 100% of our servers are hosted in Ireland. Where does your data live?

Like the show? We love making it! Subscribe with iTunes or RSS.

Related articles

Safe Harbour Ruling Strengthens Europe’s Hand – An Interview with Simon McGarr [Audio] originally appeared on Technology.ie News & Views on Gadgets & Tech - A Podcast about technology

Oct 07 2015 · 21mins