Privacy and data protection rights are fundamental rights and part of the most central guiding principles of each EU member state as well as the EU law and the Charter of Fundamental Rights of the European Union.
Data protection authorities are independent and exclusively responsible for monitoring compliance to data protection.
Security agencies require court order to access any data stored on servers. The powers of national security agencies end at their national borders.
US security agencies are not allowed to access non-US companies’ servers within the European Union.
Server can be accessed only on probable cause, e.g. following a police report or in case of sufficient evidence for a committed crime, yet only to the extent permitted by the respective court order.
Affected individuals and organizations must be provided extensive opportunities in order to safeguard their interests early on, already at the investigation stage.