https://abs.twimg.com/emoji/v2/... draggable="false" alt="⚠️" title="Warnsignal" aria-label="Emoji: Warnsignal">https://abs.twimg.com/emoji/v2/... draggable="false" alt="📢" title="Lautsprecheranlage" aria-label="Emoji: Lautsprecheranlage">Very important decision today by the top French Administrative Court @Conseil_Etat on post #SchremsII developments
The Court rejects the request of the petitioners against the hosting of the #healthdatahub by @MicrosoftEU ...
Thread (1)
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">
https://abs.twimg.com/emoji/v2/... draggable=https://abs.twimg.com/emoji/v2/... draggable="false" alt="📢" title="Lautsprecheranlage" aria-label="Emoji: Lautsprecheranlage">Very important decision today by the top French Administrative Court @Conseil_Etat on post #SchremsII developmentsThe Court rejects the request of the petitioners against the hosting of the #healthdatahub by @MicrosoftEU ...Thread (1)https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">" title="https://abs.twimg.com/emoji/v2/... draggable="false" alt="⚠️" title="Warnsignal" aria-label="Emoji: Warnsignal">https://abs.twimg.com/emoji/v2/... draggable="false" alt="📢" title="Lautsprecheranlage" aria-label="Emoji: Lautsprecheranlage">Very important decision today by the top French Administrative Court @Conseil_Etat on post #SchremsII developmentsThe Court rejects the request of the petitioners against the hosting of the #healthdatahub by @MicrosoftEU ...Thread (1)https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">" class="img-responsive" style="max-width:100%;"/>
I will focus here on only one HUGE point in this decision re post #SchremsII developments: the Court didn& #39;t follow the French DPA @CNIL in its position that US Cloud Providers (or under https://abs.twimg.com/emoji/v2/... draggable="false" alt="🇺🇸" title="Flagge der Vereinigten Staaten" aria-label="Emoji: Flagge der Vereinigten Staaten"> Jurisdiction) should not be used as a matter of principle for hosting health data... (2)
As already explained https://abs.twimg.com/emoji/v2/... draggable="false" alt="🇫🇷" title="Flagge von Frankreich" aria-label="Emoji: Flagge von Frankreich">DPA @CNIL invited Court to say that providers under US jurisdiction should not be used & this even if all data (encrypted in this case!) are localized in Europe & there are no "transfers" to https://abs.twimg.com/emoji/v2/... draggable="false" alt="🇺🇸" title="Flagge der Vereinigten Staaten" aria-label="Emoji: Flagge der Vereinigten Staaten">bc US Gov might still make requests
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten"> https://twitter.com/TC_IntLaw/status/1314591793657372674?s=20">https://twitter.com/TC_IntLaw...
This seemed to go beyond what CJEU said in #SchremsII: this was a case abt Art. 45&46 #GDPR. Even before #SchremsII there was no legal basis for a company under US jurisdiction to transfer/disclose data directly to a foreign government. This could be violation Art.48 GDPR... (4)
...and create a conflict of laws. See for instance the whole discussion re extraterritorial effect of #CloudAct & the clear position of @EU_EDPB on this... (5)
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">
https://edpb.europa.eu/sites/edpb/files/files/file2/edpb_edps_joint_response_us_cloudact_annex.pdf">https://edpb.europa.eu/sites/edp...
The French Court reframes correctly debate by saying that this point has not been discussed by CJEU. #SchremsII was about data transfers for commercial/service purposes. It was NOT about whether US law has an extraterritorial effect & under which conditions a US company... (6)
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">
......should process data solely in Europe or be able to oppose US requests if indeed found trapped in a conflict of laws situation. The Court also notes the importance of a new blocking statute adopted by France prohibiting any transfer of HDH data outside EU. (7)
......should process data solely in Europe or be able to oppose US requests if indeed found trapped in a conflict of laws situation. The Court also notes the importance of a new blocking statute adopted by France prohibiting any transfer of HDH data outside EU. (7)
......should process data solely in Europe or be able to oppose US requests if indeed found trapped in a conflict of laws situation. The Court also notes the importance of a new blocking statute adopted by France prohibiting any transfer of HDH data outside EU. (7)
The French Court thus rules that there is no “urgency” to strike down a system of hosting encrypted & pseudonymized health data strictly localized in Europe on the basis of such a hypothesis. It also notes that the petitioners DO NOT invoke a direct violation of #GDPR but ...(8)
...rather only the “risk of a violation in the event that Microsoft would not be able to oppose” a hypothetical request for access to these encrypted & pseudonymized data by US authorities... (9)
There are other interesting elements in this so important decision – I might return later. It must be noted that this was only a decision under an urgency procedure for interim measures of protection - and the Court heavily insists on this when rejecting the request... (10)
...A judgment on the merits will follow. All translations in this thread by DeepL.
Original Judgment in French here: https://www.conseil-etat.fr/actualites/actualites/health-data-hub-et-protection-de-donnees-personnelles-des-precautions-doivent-etre-prises-dans-l-attente-d-une-solution-perenne
(11">https://www.conseil-etat.fr/actualite... & end for now)
https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Rückhand Zeigefinger nach unten" aria-label="Emoji: Rückhand Zeigefinger nach unten">
Health Data Hub et protection de données personnelles : des précautions doivent être prises dans...

Par crainte de possibles transferts de données personnelles vers les États-Unis, des associations et syndicats ont demandé au juge des référés du Conseil d’État de suspendre en urgence la plateforme...

https://www.conseil-etat.fr/actualites/actualites/health-data-hub-et-protection-de-donnees-personnelles-des-precautions-doivent-etre-prises-dans-l-attente-d-une-solution-perenne
You can follow @TC_IntLaw.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more