Facebook, Microsoft, Apple, Yahoo, and Skype have been hit with a complaint in the European Union over data protection issues in relation to the recently revealed NSA spying program Prism. THe complaint has been brought by the same group that ran the Europe v Facebook campaign. Through this latest complaint, they hope to gain clarification on the laws regarding foreign data passing to US agencies.
These five companies have been selected specifically because of their corporate structure. Each has a subsidiary in the European Union, which should be required to follow EU data protection rights and policies. The question becomes a bit less straightforward when these companies have US headquarters, possibly making them be required to comply with US laws that are in conflict with EU laws. They have an excellent explanation:
If a European subsidiary sends user data to the American parent company, this is considered an "export" of personal data. Under EU law, an export of data is only allowed if the European subsidiary can ensure an "adequate level or protection" in the foreign country. After the recent disclosures on the "PRISM" program such trust in an "adequate level of protection" by the involved companies can hardly be upheld.
There can in no way be an adequate level of protection if they cooperate with the NSA on the other end of the line. Right now an export of data to the US must be seen as illegal if the involved companies cannot disprove the reports on the PRISM program.
You'll notice that Google and YouTube were not included. This is because they do not feature a subsidiary in the EU. They do, however, have datacenters and Evf believes they can use this to file a similar complaint. We'll be following this complaint closely and let you know as soon as any major breakthroughs happen.