Re: Don't be naive
> There needs to be a bit of precision about exactly which laws are the subject of such statements. In the context of the article and this comment, US laws probably are being observed ...
But not EU law - and it really looks like they (the NSA) weren't (and still aren't) observing US law either.
EU data protection law is fairly clear - (to over simplify somewhat) your personal data cannot be "exported" anywhere where it would be subject to less protection than if it remained on European soil. Up until now, the "Safe Harbour" agreement has held that US companies using it can be classed as "equivalent to being in Europe" for this purpose - but now it's been shown to be a complete and utter lie (as many suspected, but no-one could prove).
I really hope (and have high expectations) that the ruling will be that Safe Harbour isn't fit for purpose, and that will really stir up the brown stuff as it will make it illegal for the likes of Facebook, Google, etc to export your data without proper informed consent. It will really put a crimp on their operations and it will hurt the USA - to the extent that their government will actually have some serious impetus to address the problem. If Apple, Facebook, Google, Microsoft, and a few others suddenly turn on their paid for puppets politicians and demand something be done - I think we may see some action.
At the very least, it is bringing more and more out into the open - which is a very good thing.
Biting the hand that feeds IT
