Every #PrivacyPolicy: "We follow the law"
No shit, Sherlock! I was expecting that much of you. That doesn't mean, that you don't exploit loopholes where you can.
23 years of illegal data transfers due to inactive DPAs and new EU-US deals.
The highest European court sent a strong message for better data privacy, when it invalidated the data transfer deals "Safe Harbor" and "Privacy Shield" in 2015 and 2020 respectively.
The logical consequence of this decision was that almost all transfers between the European Union and United States since the year 2000 were illegal.
In reality, companies didn’t stop the practice though. This was largely made possible by to the inaction of European data protection authorities (DPAs), which mostly failed to implement the CJEU’s rulings. In combination with new (and void) deals, we are therefore lookig back on 23 years of illegal data transfers.
When you post on Twitter(1) or Bluesky(2) you grant them a broad perpetual license to use, modify, and sublicense your content. You effectively make them co-owners of your content. They can mine it and monetize it. They can even sell it. When you post on Mastodon(3) most instances take no license at all. That's right, they tell you what they are doing with your content—storing posts and delivering them—but no license.