We are registering the start of this century when social media more or less didn’t exist yet, nobody heard of big data and Edward Snowden was still a young man.
At that time it wasn’t hard to see how the European Union and the USA made a gentlemen’s agreement on the processing of personal information in the USA even though the country offered a privacy protection level nowhere close to becoming adequate according to European privacy laws (data protection directive 95/46/EC) on the promise they would behave themselves and companies could be trusted with a self-certification system on which the American FTC (Federal Trade Commission) would keep a close eye. They called it “safe harbour” which lasted for around 15 years.
The adequacy of American data protection hasn’t changed in all these years and with the expected growing protection against unlawful data processing only increasing in the GDPR it will not change in the favour of the American views on privacy anytime soon either.
So why is the privacy shield more a cloak than a protective measure?