For governments, getting personal data on users from tech companies like Facebook, Google, and Amazon is a challenging endeavor that can be made all the more so when that data resides in servers in another country, so EU officials are preparing a law that would force tech companies to hand over such information. The law would apply to people of any nationality, so long as they were caught up in an EU investigation. While the blanket law is not-so-subtly targeted at the large tech firms of Silicon Valley, it would apply to any personal data held on a server outside of the EU by any company, if the data is deemed to be potentially useful in an EU investigation.
There are worries that such laws could conflict with the current legislation dictating how international data is treated, and erode personal privacy. Those concerns have actually been voiced by EU officials before, but European Justice Commissioner Vera Jourova addressed the apparent change of heart by acknowledging those challenges and complications. According to Jourova, one of the biggest concerns with getting such a law off the ground would be getting foreign authorities to play along, none more so than those in the United States. Jourova covered this point by saying that she hopes that offering a similar courtesy to the United States would help to convince it to get on board. Since most of the user data that the EU could perceivably want is mostly stored within the EU and the US, other countries outside of the EU were of slightly smaller concern. This law is still in the drafting stage and is expected to be presented late in March. Given its international implications, it’s quite likely that the United Nations may become involved in the matter going forward.
The longstanding debate over whether privacy or law should be prioritized in the digital era rages on a number of different fronts, but this particular law is unique in that it could set a precedent. If it fails, privacy advocates will have a case study to point to in defense of international privacy. If it goes through, however, lawmakers the world over could cite the case in passing their own, similar laws. While such a scenario certainly wouldn’t be the end of online privacy as we know it, it would likely mean that the way international data is handled and treated would change.