Privacy, Government, Surveillance, and You.

The EU's highest court struck down a deal that allows thousands of companies to easily transfer data from Europe to the United States, in a landmark ruling on Tuesday that follows revelations of mass U.S. government snooping.

Many companies, particularly tech firms, use the Safe Harbour system to help them get round cumbersome checks to transfer data between offices on both sides of the Atlantic, including payroll and human resources information as well as lucrative data used for online advertising.

But the decision by the Court of Justice of the European Union (ECJ) sounds the death knell for the system, set up by the European Commission 15 years ago and used by over 4,000 firms including IBM, Google and Ericsson.

The court said Safe Harbour did not sufficiently protect EU citizens' personal data as American companies were "bound to disregard, without limitation" the privacy safeguards where they come into conflict with the national security, public interest and law enforcement requirements of the United States.

In addition, EU citizens have no means of legal recourse against the storage or misuse of their data in the United States, the court said. A bill is currently winding its way through the U.S. Congress to give Europeans the right to legal redress.

The ECJ cited U.S. surveillance and authorities' access to data as a reason behind its ruling. In its summary of the case it referred to revelations from former National Security Agency contractor Edward Snowden, which included that the Prism programme allowed U.S. authorities to harvest private information directly from big tech companies such as Apple, Facebook and Google.

The European Commission said it would continue to work with the United States on a revamped data transfer deal that could fill the void left by the ruling on Safe Harbour, which came into effect immediately.

"In the light of the ruling, we will continue this work towards a new and safe framework for the transfer of personal data across the Atlantic," Commission Vice President Frans Timmermans told a news conference.

Without Safe Harbour, companies will be forced to draw up contracts establishing privacy protections between groups or seek approval from data protection authorities for information transfers to countries the EU deems to have lower privacy standards, including the United States.

The court case stemmed from a complaint by Austrian law student Max Schrems, who challenged Facebook's transfers of European users' data to its American servers because of the risk of U.S. snooping, in light of Snowden's revelations in 2013.

The European Commission separately demanded a review of Safe Harbour to ensure that U.S. authorities' access to Europeans' data would be proportionate and limited to what is absolutely necessary.

Washington and Brussels have been in talks for two years to strengthen Safe Harbour in a way that could allay Europe's privacy concerns, and Tuesday's judgement heaps pressure on the Commission to accelerate the talks.

"The Court put pretty high standards on a new Safe Harbour," Kuschewsky said.

Christian Borggreen, director at the Computer & Communications Industry Association, whose members include Google, Facebook and Amazon, said the ruling would hit small and medium-sized businesses most.

Schrems filed his complaint to the Irish Data Protection Commissioner, as Facebook has its European headquarters in Ireland. The case eventually wound its way up to the Luxembourg-based ECJ, which was asked to rule on whether national data privacy watchdogs could unilaterally suspend the Safe Harbour framework if they had concerns about U.S. privacy safeguards.

"The judgement makes it clear that U.S. businesses cannot simply aid U.S. espionage efforts in violation of European fundamental rights," said 28-year-old Schrems.

The Irish commissioner said her office would immediately engage with colleagues in other national authorities across Europe to determine how the judgement could be implemented.

U.S. firms are losing millions of dollars annually to cybercrime, even as the cost to hackers themselves falls. According to a new report by Hewlett Packard and the U.S.-based Ponemon Institute of Cyber Crime, hacking attacks cost the average American firm $15.4 million per year, double the global average of $7.7 million.

In a survey of more than 2,000 executives and employees in 250 organizations worldwide, the report's authors found that cybercrime affected all industries and all markets. The most costly cybercrimes were those carried out by malicious insiders, D Do S and web-based attacks. (D Do S, or a Denial of Service Attack, is a way to take down a website by overwhelming it with traffic.) The global financial services and energy sectors were the worst hit, with average annual costs of $13.5 and $12.8 million respectively.

Rising business expenses come as the cost to hackers themselves is plunging, thanks to a proliferation of botnets that make launching D Do S attacks cheap and simple, and the easy sharing of tools and exploits on "dark net" forums and marketplaces. According to cybersecurity firm Incapsula, the price of launching a D Do S attack has plummeted to just $38 per hour. By comparison, "the real-world cost of an unmitigated attack is $40,000 per hour" for businesses.

Another boon to cybercriminals was the release of tools and data from Italian surveillance company Hacking Team, which was itself hacked in July. Included in the leaked data were a number of "zero day" exploits, or previously unknown security flaws in popular software. While the affected software makers, including Adobe and Microsoft, rushed to fix their software, experts reported seeing several attacks in the wake of the hack and warned that users who do not regularly update their software are at risk.

the scores are tied to the country’s top financial/IT/search/social companies, so they know not just what you’re buying, but also what you’re saying online and who your friends are

the scores are completely public

you are rated on your political beliefs, and whether or not you’re making political statements without prior approval

you are rated not just on your own score and behavior, but on the scores of those you associate with

other score factors include: shopping preferences, hobbies, and overall lifestyle

they specifically call out, and score against, video gaming

the system has incentives built in, where you get a guaranteed loan at a score of 600, at 650 you can rent a car without a deposit, at 700 you can travel to Singapore without hassle, and at 750 you can travel to Europe as well.

MPs have no protection from having their communications read by UK security agencies, a tribunal has said. Green Party politicians Caroline Lucas MP and Baroness Jenny Jones argued a long-standing doctrine protecting MPs' communications was being breached. But in a landmark decision the Investigatory Powers Tribunal said the so-called "Wilson Doctrine" was no bar to the incidental collection of data. Ms Lucas said the decision was a "body blow" for democracy.

The Wilson Doctrine came into being in 1966 when the then Labour prime minister, Harold Wilson, gave assurances to MPs that their phone calls would not be intercepted without him knowing - and that he would tell Parliament of any change in that policy.

The doctrine has been repeatedly reaffirmed, including by Prime Minister David Cameron. However, Ms Lucas, Baroness Jones and former MP George Galloway argued that GCHQ was acting outside the long-standing doctrine by bulk collecting communications data from the internet, which would inevitably include correspondence between parliamentarians and their constituents.

"We are satisfied that the Wilson Doctrine is not enforceable in English law by the claimants or other MPs or peers by way of legitimate expectation," said the IPT. "The Wilson Doctrine has no legal effect, but in practice the agencies must comply with...their own guidance.

"The regime for the interception of parliamentarians' communications is in accordance with the law."

The IPT panel, headed by two senior High Court judges, said parliamentarians had the same legal protections as anyone else against unwarranted and unjustified interception of their communications - and only journalists and lawyers had greater protections under human rights law.

parliamentarians had the same legal protections as anyone else

only journalists and lawyers had greater protections under human rights law.