We've seen some early-stage advances for ways that might help restore sight to people with low vision (or no vision), but it will take many more years before the clinical trials and safety approvals are complete. And not everyone will want to undergo an eye surgery to try to regain some vision, either. Fortunately, robots and wearable technology continue to improve, and these gadgets could become very useful for the blind (and the rest of us, too). Maybe we won't just see telecommuting iPads for remote workers -- but also robot assistants for casual and everyday uses, as well.
In Johnson County during the summer of 2013, an argument occurred between Yeasin and his now ex-girlfriend after he saw messages from another man on her phone. The two drove around arguing and she asked Yeasin to let her out, but he refused. He also refused to return her phone.
She complained to the Johnson County police. Court records show Yeasin was charged with criminal restraint, battery and criminal deprivation of property. To resolve this incident, Yeasin voluntarily entered a no-contact order, meaning he could not contact his ex-girlfriend.
What Yeasin did next did not play a role in this decision, which was ultimately decided on the merits (or lack thereof) of the University of Kansas' interpretation of its own policies. But it does say something about the reach of the school's no-contact order (the school added its own on top of the one handed down by the county court), which was certainly further than it should have been.
“The Judge who entered the order ruled that it was entered by consent with no findings of abuse,” [attorney Terry] Leibold said. “In order to comply with the no-contact order, Navid removed the ex-girlfriend as a follower of his tweets. His Twitter account was private and could only be accessed by his followers.”
Yeasin still used his Twitter account to make disparaging remarks about his ex-girlfriend (referred to simply as "W" throughout the proceedings). But he never directed messages towards her. He tweeted about her but never used her name. This didn't keep the tweets from being mostly despicable and they certainly were "decoded" by those familiar with both parties, but the university's no-contact order went far enough to make even this indirect non-communication a potential violation. From the ruling:
You are hereby informed that this 'no contact' order means that you understand you are prohibited from initiating, or contributing through third-parties, to any physical, verbal, electronic, or written communication with [W.], her family, her friends or her associates. This also includes a prohibition from interfering with her personal possessions. . . . Moreover, retaliation against persons who may pursue or participate in a University investigation, whether by you directly or by your associates, is a violation of University policy.
On the same day the university opened its investigation into his off-campus actions, Yeasin tweeted:
On the brightside you won't have mutated kids. #goodriddens
After being informed of the university's no-contact order, he tweeted:
Jesus Navid, how is it that you always end up dating the psycho bitches?' #butreallyguys
Over the next few weeks, he tweeted the following:
Oh right, negative boob job. I remember her.
If I could say one thing to you it would probably be "Go fuck yourself you piece of shit." #butseriouslygofuckyourself #crazyassex
Lol, she goes up to my friends and hugs them and then unfriends them on Facebook. #psycho #lolwhat
These tweets were reported to the university. (No reports were made to law enforcement.) The university's Office of Institutional Opportunity and Access (IOA) sent Yeasin an email telling him that even though the tweets didn't mention W's name, they were still a violation of the no-contact order, which was expanded to cover even more potential communications.
Brooks gave Yeasin a second warning that "[g]oing forward, if you make any reference regarding [W.], directly or indirectly, on any type of social media or other communication outlet, you will be immediately referred to the Student Conduct Officer for possible sanctions which may result in expulsion from the University."
Seven hours later, Yeasin tweeted:
lol you're so obsessed with me you gotta creep on me using your friends accounts #crazybitch
Yeasin was summoned by the IOA, where he made conflicting statements about whether or not the tweets referred to W. He also made this concession:
Yeasin told McQueeney that he would not tweet anything that could be perceived as being directed at W. and he recognized doing so was a violation of both the protection order and the no-contact order.
The university moved ahead with its investigation and decided Yeasin's tweets had violated the no-contact order and expelled him, along with banning him from the campus until W. had graduated.
Yeasin then sued the university for kicking him out over incidents that had occurred off-campus, including the original confrontation that had resulted in his arrest. The lower court found in favor of Yeasin.
[G]iven its finding that the University erroneously interpreted the Student Code by applying it to off-campus conduct, the district court found that the University's decision that Yeasin violated Article 22 was not supported by substantial evidence because it failed to establish that Yeasin's conduct occurred on campus or at a university-sponsored event.
The district court ordered that the University readmit Yeasin, reimburse or credit Yeasin for his fall 2013 semester tuition and fees that he paid, and pay the transcript fees. However, the court issued a stay order at the University's request.
The appeals court agrees. It points out that the sections of the student code the university cited to support its expulsion of the student both contain wording that limits the university's discipline to actions taken on campus or during university-sponsored events.
Through every step of the disciplinary proceedings, the University relied on Article 22 of the Student Code as the basis for Yeasin's discipline. But, on appeal, the University cherry-picks a small phrase from Article 20 to argue that it did indeed have the authority to expel Yeasin for his actions in Johnson County during the summer and for his tweets in violation of the no-contact order.
The University asks us to find that the district court should have interpreted the phrase "or as otherwise required by federal, state or local law" found in Article 20 to mean that the University's jurisdiction to discipline a student for violating Article 22.A. extended to a student's off-campus conduct.
If we construed Article 20 as the University wants, we must insert words to the effect "for conduct wherever committed." The phrase then becomes, "or as otherwise required by federal, state, or local law for conduct wherever committed." If that is what the drafters of the Student Code meant, the article could have been written in that fashion.
Following this conclusion, the appeals court affirms the lower court's decision and lifts the stay order. Because the case was limited to school policies, the question of whether Yeasin's speech was protected by the First Amendment (almost definitely) isn't addressed.
While it's hard to conjure up much enthusiasm for an abusive jerk being told he's right by the appeals court, the decision prevents the eruption of negative side effects. For one, Kansas universities will still have to limit their disciplinary efforts to incidents on school property or during school-sponsored events. No one should be in any hurry to allow educational institutions to extend their reach into the private lives (and homes) of their attendees.
On top of that, there's the nature of the tweets themselves. While undeniably unpleasant and misogynistic, they were never aimed directly at W. Also unaddressed by the court's decision is the breadth of the university's no-contact order, which basically forbade Yeasin from engaging in private disparagement of his ex-girlfriend.
From Yeasin's lawyer:
The tweets made their way back to the ex-girlfriend who told the IOA about the tweets claiming the tweets were in violation of the no-contact order issued by the IOA…The tweets were no different than if Yeasin had complained to his friends about his ex-girlfriend and whatever he said ultimately reached the ex-girlfriend.”
The ruling here makes sense, even as it protects the unsavory actions and words of an apparently terrible person. But it is very much limited to the policies in place at the University of Kansas. The ruling notes that the school could claim jurisdiction over events occuring off-campus, but it apparently hadn't considered that angle until it was in the middle of a lawsuit. Expanding that reach may be the school's perogative, but any attempts it makes to control off-campus speech will only result in addtional lawsuits -- these ones predicated by the First Amendment.
It's been rumored for years, but reports out of Atlanta suggest that it's now confirmed that in order to finalize the Trans Pacific Partnership (TPP) agreement, everyone agreed to carve tobacco out of the corporate sovereignty system, better known as ISDS (investor state dispute settlement). These systems allow companies to sue countries for passing regulations that the companies feel harm their ability to profit -- and tobacco companies have already filed ISDS complaints in a few countries that have pushed to put health warnings on cigarette packages.
While some health activists have cheered on this carve out -- it appears that almost everyone else is pissed off. Not because they think that Big Tobacco should be shaking down countries that pass anti-smoking laws (though, there may be some of that), but because they recognize the problems that occur when governments can start to set up trade deals that "carve out" certain industries. It's opening up a huge can of worms. Even some supporters of corporate sovereignty/ISDS are worried about what it means when one particular industry can just be excluded entirely from the process. Two of the biggest supporters of ISDS and TPP in Congress, Senators Mitch McConnell and Orrin Hatch, have both warned that the US should not carve out tobacco. Here's McConnell a few months ago, standing up for those poor, poor tobacco farmers:
“It is essential as you work to finalize the TPP, you allow Kentucky tobacco to realize the same economic benefits and export potential other U.S. agricultural commodities will enjoy with a successful agreement.”
And here's Hatch actually making a fairly salient point about the carve out:
“Although I don’t support tobacco at all, I still think it was essential,” Hatch said. “It’ll cost us some votes. And every vote is essential. And there are other things I am very concerned about. I’ve committed to read the bill, and I will read it, but right now I’m leaning against it.”
That doesn't bode well for the agreement, given that Hatch was a huge supporter of the TPP. Another Senator, Thom Tillis, has pointed out that carving out one industry opens up the possibility of carving out others:
“I’ll not only vote against it, I’ll work hard to have it defeated if it goes in the final agreement.... Once you carve out someone from dispute settlement agreements, then who’s next?”
And the tobacco carve-out, believe it or not, seems to be one thing that both big business and big labor agree on, though for entirely different reasons. The US Chamber of Commerce and the National Association of Manufacturers are totally against it:
we ask all of the TPP governments to reject the exclusion of products from the coverage of the TPP and its enforcement mechanism.... Such exclusions are unnecessary and would be highly damaging to the international rules based trading system and the prospects for the TPP.
And here was the AFL-CIO opposing the entire ISDS mechanism, and noting that the tobacco carve-out just highlights the problems of ISDS. Whereas Senator Tillis worried about "who's next" to get carved out, the AFL-CIO is pointing out that maybe there should be a lot more.
Any industry-specific carve-out will not address the serious structural problems inherent in the system itself. Issues of broad public interest should not be viewed through the narrow lens of trade and investment at all, let alone decided by unaccountable private panels. Systems of justice should be transparent and accessible on an equal basis. ISDS is anything but: Only foreign investors can use it and there are no requirements that affected communities be allowed to participate or even have their view considered. In many cases, there often are not even requirements that hearings or decisions be made available to the public at all! Even in the case of clear legal error, it is almost impossible to reverse a decision.
Indeed, as Sean Flynn pointed out just last week, carving out tobacco really just enforces how dangerous corporate sovereignty really is:
The new exception validates, rather than assuages, the concerns of those who have been criticizing ISDS systems for many years. Without express carve outs, ISDS provisions do threaten common health and safety regulations.
The carve out does nothing to halt the disturbing recent trend of companies using ISDS provisions in trade agreements to enforce international intellectual property norms through ISDS tribunals. This is, indeed, the claim at the heart of the tobacco cases now being litigated in ISDS systems. The claim is that tobacco regulations requiring plain packaging violate the trademark rights of tobacco companies protected by the World Trade Organization agreement on Trade Related Aspects of Intellectual Property Rights (TRIPS). The pharmaceutical company Eli Lilly has also claimed that the denial of a new use patent on an old (off-patent) medicine violates rights granted by TRIPS and the North Atlantic Free Trade Agreement (NAFTA).
Meanwhile, US trade officials are, of course, trying to tap dance around the fact that basically everyone absolutely hates this. The USTR has tried to pretend this isn't a big deal because tobacco is "unique."
The U.S. Government seeks to include this language because tobacco is a unique product – it is highly addictive, always harmful to human health, and the single most preventable cause of death in the world. Recognizing these facts about tobacco through the TPP will represent an important step forward for public health in the international trade community.
It's true that tobacco can be a serious health concern, but shouldn't we be raising questions about why this procedure is no good for tobacco companies, but just dandy for every other industry -- including some that produce harmful products? Or those like pharmaceutical companies who are jacking up prices to keep necessary medicines out of the hands of the poor?
Oh, and then there are those who are in complete denial, who are insisting that there really isn't a carve-out for tobacco, even though there almost certainly is (we can't say for sure, of course, because the documents are secret):
“TPP will not discriminate against any agricultural commodity nor will it exclude tobacco. On the contrary, TPP will provide protections to ensure that governments can implement tobacco control measures, while guaranteeing that tobacco has the same legal status as any other product,” a U.S. official told CQ Roll Call last week.
In short, the whole tobacco carve-out situation is a microcosm of the problems with the TPP. You have a terrible idea (corporate sovereignty) mixed with a weak attempt to appease health activists (carve out tobacco), that basically fixes nothing and satisfies no one. And, now, the same Senators in Congress who demanded the fast track authority be granted, which ties their own arms behind their backs in terms of changing the agreement, are threatening to force this change, even though they've already given up the power to do so.
from the orphan-works-are-your-fault,-don't-blame-us dept
A few weeks ago, we wrote about the big ruling by Judge George King in a district court in California that Warner/Chappell does not hold a valid copyright in the song "Happy Birthday." The press ran with the story, with nearly all of the coverage falsely stating that the judge had declared Happy Birthday to be in the public domain. As we noted in our post, however, that was not the case. While the plaintiffs had urged just such a finding, Judge King noted that there were issues related to this that a jury would need to answer, and he would not go that far. Instead, he merely stated that Warner did not hold a valid copyright. Many people assume that this is good enough. The likelihood of some third party magically showing up after all of these years and not just claiming the copyright, but having enough evidence to prove it seems very slim. Glenn Fleishman has done a nice job writing up a detailed explanation of this copyright mess for Fast Company, in which he notes the "uncertainty is maddening."
It's worse than that. As we noted in our original post, technically, this makes "Happy Birthday" an orphan work -- i.e., a work where the exact copyright status or owner is "unknown." Orphan works have been a big problem that the Copyright Office has been studying for some time. However, the solution proposed by the Copyright Office is ridiculous, and the case of Happy Birthday should demonstrate pretty simply why the proposal is broken.
The plan says that anyone who wants to make use of an orphaned work would have to meet six criteria to avoid possible liability:
Users must: (1) if sued for infringement, prove to the court by a preponderance of the
evidence that they performed a good faith, qualifying search to locate and identify the owner of
the infringed copyright before the use of the work began; (2) file a Notice of Use with the
Copyright Office; (3) provide attribution to the legal owner of the copyright, if reasonable under
the circumstances; (4) include a to-be-determined "orphan works" symbol with any public
distribution, display, or performance of the work; (5) assert eligibility for such limitations in the
initial pleading in any civil action involving the infringed work; and (6) state with particularity
the basis for eligibility for the limitations during initial discovery disclosures.
Now, let's look at this in terms of Happy Birthday. If you want to sing Happy Birthday, you would first have to conduct and document a "good faith, qualifying search to locate and identify the owner" of Happy Birthday before you sang it. You would then have to file a "notice of use" with the Copyright Office, telling the Copyright Office about this use of an orphaned work. Now, obviously, for most folks singing "happy birthday" at a birthday party, they're not going to do that -- and that's fine. After all, they ignored the copyright when many believed Warner/Chappell held a valid copyright.
But -- and here's the important point -- all of the "professional" situations where the song was used would almost certainly have to go through this process. Films that used the song wouldn't be able to get "errors and omissions" (E&O) insurance without first proving they made it through this process (and you need E&O insurance to ever get a movie released). Restaurants that wanted to sing Happy Birthday rather than their made up song would need to do the same thing. And they'd all likely have to hire lawyers in order to properly document the "search" and to file the notice with the Copyright Office. And very few people are going to want to go through that process. It may be slightly better than paying thousands of dollars to Warner/Chappell, but not much.
How is this solution possibly a "good compromise" on the issue of orphan works? How does adding such a burden, just so someone can sing Happy Birthday, possibly make sense?
Once again, the "problem" of orphan works is a self-made problem, created by copyright laws that automatically grant copyright to all new fixed works, rather than requiring registration in the first place. If it required registration, there would be some sort of record and paper trail of who owned the copyright and when it was valid. But in a world where everything gets copyright protection, we get a world with millions upon millions of orphaned works -- and if anyone who ever wanted to do anything with it had to go through the convoluted mess just to do something like sing Happy Birthday, the "answer" is no answer at all. It's just making a bad problem worse.
The way to fix orphan works is not to increase the burden, it's to fix a broken copyright system, and to require registration in the first place.
Bonus content: This doesn't fit directly into this post about orphan works, but this video by Vi Hart about the copyright on Happy Birthday is totally worth watching, presenting the issue from the perspective of someone knowledgeable about music theory, rather than copyright law, and showing yet another way in which the idea that Happy Birthday ever deserved copyright is a ridiculous idea.
Poor Verizon. Telco executives for years have sat in their board rooms bored by the billions to be made on telecom and transit, jealously eyeing Facebook and Google ad revenue, and desperately dreaming of being seen as more than just a dull old phone company. That's why the telecom giant recently paid $4.4 billion to acquire AOL, and is now throwing tens of millions at a new Internet video service aimed squarely at Millennials (hey kids, why get Internet video right from the source or a disruptive content company when you can get it from the phone company?).
And, lucky you, the same kind of greasy principles that have guided the company's legacy telecom networks are being applied to this brave, new, hipper advertising frontier. You'll recall that the company was widely criticized for manipulating user traffic streams to insert "zombie cookies," or unique identifier traffic headers that track user behavior online and can be abused by third parties. Only discovered by researchers two years after being implemented, it only took Verizon another six months of sustained criticism to finally let users opt out of being watched.
"Verizon said in a little-noticed announcement that it will soon begin sharing the profiles with AOL’s ad network, which in turn monitors users across a large swath of the Internet. That means AOL’s ad network will be able to match millions of Internet users to their real-world details gathered by Verizon, including — “your gender, age range and interests."...AOL will also be able to use data from Verizon’s identifier to track the apps that mobile users open, what sites they visit, and for how long."
So not only is Verizon now using its AOL acquisition to expand its plan to modify traffic to watch people, the telco's still opting users in by default and bouncing this traffic around the Internet unencrypted so it can be abused by third parties. Verizon of course insisted this could never happen, right before it did. But whereas you might see this as a dramatic expansion of a horrible precedent, Verizon thinks you shouldn't worry because this is all occurring under the roof of one giant, happy, Verizon family:
"I think in some ways it’s more privacy protective because it’s all within one company,” said Verizon’s Zacharia. “We are going to be sharing segment information with AOL so that customers can receive more personalized advertising."
Are you comforted yet? It seems like only a matter of time before freshly-Verizon-owned media properties (The Huffington Post, Engadget, TechCrunch et al) pen furious missives informing us that this Verizon snoopvertisement-dominated Internet is a step in the right direction. It's worth reminding Verizon users that they can opt out of having their traffic modified and tracked via the Verizon privacy portal or by calling 866-211-0874. Of course this should be disabled by default if not outlawed all together, but hey -- at least we're all part of one big, loving Verizon family, right?
The company, which is famous for its somewhat arbitrary decisions to reject certain apps from appearing in its iTunes store, has now pulled iFixit's app entirely. Though, this time it's not necessarily for "arbitrary" reasons, but because Apple is pissed that iFixit took the Apple TV device that Apple sent the company, and did a teardown on it.
Of course, that makes you wonder what the hell Apple expected iFixit to do, since teardowns are kind of its thing.
Not too long ago, we tore down the Apple TV and Siri Remote. The developer unit we disassembled was sent to us by Apple. Evidently, they didn’t intend for us to take it apart. But we’re a teardown and repair company; teardowns are in our DNA—and nothing makes us happier than figuring out what makes these gadgets tick. We weighed the risks, blithely tossed those risks over our shoulder, and tore down the Apple TV anyway.
A few days later, we got an email from Apple informing us that we violated their terms and conditions—and the offending developer account had been banned. Unfortunately, iFixit’s app was tied to that same account, so Apple pulled the app as well. Their justification was that we had taken “actions that may hinder the performance or intended use of the App Store, B2B Program, or the Program.”
Live and learn.
iFixit notes that it's not too concerned about this. Its Android app still works, and it's been improving its mobile site so you don't really need an app in the first place. And also, iFixit offers open APIs that would allow others to make their own apps that use iFixit data (though whether or not Apple would approve such an app is another question).
But, still, in this age where so much of what we buy is computerized and a complete black box, one of the key points of last week's podcast was the importance of learning what's really inside these boxes. Given that Apple's earliest roots come from Steve Wozniak hacking around devices and building something better, it seems like a real shame that Apple is not only not supporting such activities with its own equipment, but it's actively punishing those who do so.
If you're new to the world of micro-computers or are already an expert, the Complete Raspberry Pi 2 Starter Kit for 85% off ($115) in the Techdirt Deals store has all you need to get started with the Raspberry Pi 2. The bundle includes all of the hardware you need to start playing around with the Pi 2, which is faster and has more memory than the original. You also get access to online training courses that cover everything from a basic introduction to the world of Raspberry Pi to coding in Python to building robots with your Pi 2 and more.
Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.
from the the-future-of-democracy-is-solitary-confinement dept
Reddit of course has been trying to balance advertising with the website's uncontrollable, valuable, but occasionally ugly democratic side for some time with decidedly mixed results. The company's recent new content moderation policy raised all manner of eyebrows for its attempt to keep what makes Reddit great in place, while applying often arbitrary and inconsistent restrictions on subjectively-defined objectionable content. It's a debate that of course will likely continue long through the point where Reddit is ultimately supplanted by some other, better method of organic Internet interaction.
If Reddit's latest venture is any indication, the company wants that time to come sooner rather than later. The company is cooking up a new website dubbed Upvoted that will take existing popular content on Reddit and write it up as Upworthy-esque clickbait fare. Unlike Reddit however, there will be no reader interaction or commenting on the new property. Execs see this as a way to harness potential ad money lost to other websites who often simply write up stories that unfold first on Reddit:
"Upvoted is a way for Reddit to recapture some of the attention (and, ahem, traffic) that the site loses when other news organizations take stories from the site; it serves as a kind of introduction to the world of Reddit for non-users; and it acts as a testing ground for advertisers who may be hesitant to dive straight into advertising in a world moderated by unaffiliated, unpaid volunteers. Upvoted may be our first look at what the future of Reddit might hold."
But wait: is the "future of Reddit" really about taking Reddit content, stripping away all of the best democratic aspects of the Reddit community, then shoving the entire construct into an entirely un-interactive, more traditional media mold? Like the relentless push to kill ye olde news comment section, there seems to be a bizarre shift toward taking the wonderful, bidirectional power of the Internet -- and demanding it once again become a one-way medium of expression and publication without any of this nasty democratic thought stuff.
To hear Reddit tell it, it's not gutting interactivity for the sake of obtaining more ad cash, it's doing this out of a love of the Reddit community:
"The stuff our community creates on a daily basis blows our mind. Unfortunately, rather than telling that story, some news outlets take our users’ content and repackage it as their own. They don’t tell the backstory of our communities. We think our users’ stories need to be told, but with them at the center of it."
On one hand, you can understand exec logic here; they see the laundry list of websites mindlessly regurgitating Reddit AMAs into news stories and see that as easy money they should be cashing in on. But operating a massive democratic community and operating a news organization are not somehow magically synonymous, and there's obviously no guarantee that the stories Upvoted posts will be heard under the din of countless other, click-bait oriented like-minded efforts. It's also worth noting that Upvoted's going to be heavily focused on native advertising:
"Rather it will post sponsored content paid for and approved by advertising partners—and written by the same editorial team that writes editorial posts. “They’re going to be just as interesting as actual content,” Chang says. “It could be a piece on Tesla, a piece on how WiFi works, no matter what it’ll be good content—and it’ll just happened to be sponsored."
So again, your ingenious master plan is to take Reddit content, try to write it up, strip away everything that's great about Reddit (interactivity, democracy), pepper that content with heavy advertorial content, and hope for the best? If people really think that's the "future of Reddit," the future of Reddit is going to be some other, better, more-interactive and open platform not-named Reddit.
A couple of weeks ago we wrote about the fact that it appeared that the EU Court of Justice was likely to throw out the EU-US data protection safe harbor as invalid, following a case brought over the NSA's snooping on US tech companies -- and now it has happened. The "the EU-US data protection safe harbor" may sound boring, but it's actually been fairly important in making sure that US internet companies can operate in Europe. It's been under attack for some time from those who feel that these American companies don't take European privacy interests seriously enough, but it's really the NSA and its idiotic "collect it all" mentality that has brought the whole structure crashing down. Many will celebrate this, but probably for the wrong reasons. As it stands right now, this result is undoubtedly bad for the internet. What happens next is key. If you want to blame anyone... blame the NSA. And if the US wants to fix this mess, it needs to stop mass surveillance.
The case was brought by Max Schrems, an Austrian privacy activist who argued that the NSA's PRISM surveillance program (a program that resulted from Section 702 of the FISA Amendments Act, and enables the NSA to request certain information from internet companies, once approved by the FISA Court) violates the safe harbor. The safe harbor itself was established back in 2000 in order to allow internet companies to transfer data from Europe back to the US, with a promise that the privacy of that data would be kept at a similar level as if it were in Europe. The process for getting such safe harbor protections is something of a joke (we've gone through it here at Techdirt), and mostly involves throwing money at an organization that takes money to make sure your policies comply with the safe harbor requirements. Like so many regulations, it really seems to only serve to shift money to those who make sure you comply.
Still, losing those safe harbors can really shake up the internet -- and not necessarily in a good way. While I'm sure some (probably short-sighted) privacy advocates will cheer on this result, it's going to make a mess of things for the time being. Europe has been working on a new data protection directive to update the old one (which the safe harbor is based on) and early indications are that it will be a mess, and potentially hazardous to free speech rights. In addition, the US and EU have been trying to negotiate a new data protection safe harbor anyway, and that hasn't been going smoothly, and this will continue to throw a wrench into things.
Big companies will likely be able to negotiate their way around this, but there will likely be some legal flareups in one or two countries, creating a mishmash of jurisdictional confusion over privacy rights. Smaller internet companies will now face much greater threats in doing business in Europe. Even worse, some are going to use this as an opportunity to try to fragment the internet, demanding companies keep data locally within country borders -- which actually will create more targets for mass surveillance, rather than fewer. Chances are that little will change in the immediate future -- as many companies will just keep right on doing what they're doing and hoping no one really cares. But the potential for people to bring lawsuits could shake things up.
In the specific case here, the Court of Justice found that the safe harbor was invalid, and thus it did not stop Irish officials from considering Schrems' complaint that Facebook violated his rights in making data available to the NSA. So that specific case still needs to move forward and should be interesting to watch.
In short, though, this is yet more damage directly done by the NSA and the US's ridiculous attitude towards mass surveillance, without any concern at all to the economic costs that such mass surveillance creates for US companies. As the EFF notes in its response to the news, the US brought this on itself with its idiotic mass surveillance efforts. This end result is a mess that could lead to greater fragmentation of the internet, which won't do anything to better protect people's privacy (and, actually, might make it more exposed). The only logical way forward is to move away from mass surveillance and towards a more comprehensive view of privacy that takes into account the public's rights -- including the right to free expression. Danny O'Brien at EFF sums it up nicely:
That would certainly force the companies to re-think and re-engineer how they manage the vast amount of data they collect. It will not, however, protect their customers from mass surveillance. The geographic siloing of data is of little practical help against mass surveillance if each and every country feels that ordinary customer data is a legitimate target for signals intelligence. If governments continue to permit intelligence agencies to indiscriminately scoop up data, then they will find a way to do that, wherever that data may be kept. Keep your data in Ireland, and GCHQ may well target it, and pass it onto the Americans. Keep your data in your own country, and you'll find the NSA—or other European states, or even your own government— breaking into those systems to extract it.
What will change the equation is for states, including and especially the United States, to realize that dragnet surveillance undermines their national security and the global security of our data. It has economic consequences, as regulators, companies and individuals lose trust in Internet companies and services. It has political consequences as nations vie to keep data out of the hands of other countries, while seeking to keep it trackable by their own intelligence services.
There's only one way forward to end this battle in a way that keeps the Internet open and preserves everyone's privacy. Countries have to make clear that mass surveillance of innocent citizens is a violation of human rights law, whether it is conducted inside their borders or outside, upon foreigners or residents. They have to bring their surveillance programs, foreign and domestic, back under control.
The ruling today is not a win for privacy. It creates a bigger mess, but it's one that needs to be cleaned up at the source, and that's where governments (and not just the US government) are going with mass surveillance. Unfortunately, there doesn't seem to be any indication that this is what's going to happen. Instead, expect the US and EU to try to paper over this by coming up with a new safe harbor plan that won't change anything, but which may just be more expensive for companies. That's a mistake. There's a way to fix this mess and it's to stop mass surveillance.