LinkedIn keeps pestering me to
Download their Mobile App -> Scan the QR Code -> Download a Partner App -> Upload a picture of my government issued ID + a photo of my face
At least one of their providers are sketch. From what I saw they use (a company called CLEAR and one called PERSONA).
CLEAR’s privacy policy specifies they may store, process, and transfer personal data in a country other than that in which you live, including the United States. They state compliance with the EU-US Data Privacy Framework, UK Extension to that, and Swiss-US Data Privacy Framework for handling data from EU/UK/Switzerland.
While they describe their security commitments (encryption, controls, etc.), there is no clear public statement specifying which exact countries or data centres they use beyond implying “countries other than that where you live”.
At least with CLEAR’s data could be stored in the US, or another country EVEN if you’re in Europe.
This is a problem because even under the new EU-US Data Privacy Framework (DPF), the fundamental legal issue remains:
– US intelligence laws (notably FISA 702 and Executive Order 12333) still let U.S. agencies collect data from U.S. companies, even if that data belongs to EU citizens.
– The U.S. CLOUD Act (2018) requires U.S. companies to provide data to U.S. law enforcement when legally requested — even if that data is stored in Europe.
– Even if your data is physically stored in Frankfurt or Dublin, if the service is run by a U.S. company, U.S. authorities could compel access.
Comments URL: https://news.ycombinator.com/item?id=45855032
Points: 1
# Comments: 0
Source: news.ycombinator.com
