Government need v. User rights v. Law

Europe and the US have long been in conflict over information: the US has its broad discovery rules and Europe has its broad privacy protections.  This week, the conflict assumed a different shape.

“In Europe’s Terror Fight, Police Push to Access American Tech Firms’ Data,” The Wall Street Journal, May 2, 2016 A1. Belgian officials wanted to access user data for an account at an as-yet-unnamed US company’s social media site in connection with a threatened terrorist attack, and didn’t want to wait to follow the US legal requirements.  Enter the US DOJ, who helped persuade the US company to provide the data.

Query:  Was it legal for the US company to provide this information without the required process?

Where does this fit? Is the “culture of compliance” flexible enough to allow reality to override law?  Does Europe want us to recognize their laws and ignore ours? Is privacy paramount, or is it subject to “higher issues”?

Leave a comment

Filed under Access, Business Case, Compliance, Controls, Culture, Governance, IT, Legal, Privacy, Requirements, Risk, Security, Third parties

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s