> Part of the agreement between the US and Denmark was that "the USA does not use the system against Danish citizens and companies. And the other way around". Similar words can be found in an NSA presentation from 2011: "No US collection by Partner and No Host Country collection by US"
At first glance, it sounds OK, but what if the US has similar agreements with some neighboring countries (and as mentioned in the article it has) and uses the data collected via them against Danish citizens and companies and vice versa? Everything will be perfectly legal, but in practice, no one is at safety and the creators of the system who have agreements with many countries have a huge advantage over their so-called "partners" because they are aggregating the big picture, but "the partners" have some guarantees only about the data which is transferred via them and have no guarantees even about it when it leaves their country.
At first glance, it sounds OK, but what if the US has similar agreements with some neighboring countries (and as mentioned in the article it has) and uses the data collected via them against Danish citizens and companies and vice versa? Everything will be perfectly legal, but in practice, no one is at safety and the creators of the system who have agreements with many countries have a huge advantage over their so-called "partners" because they are aggregating the big picture, but "the partners" have some guarantees only about the data which is transferred via them and have no guarantees even about it when it leaves their country.