The EU has been clear, if the States need any data from the users of an operator, they must have the approval of a judge or an independent entity. Organizations such as Privacy International and La Quadrature du Net denounced before the Court of Justice of the European Union (CJEU) that the abuse that some Member States and their surveillance systems supposed for the privacy of citizens. In this case, the Court has been resounding and has ruled that the countries of the Union will not be able to ask the operators for such data except in exceptional cases. They will only be able to request information in the face of “a serious threat to national security.” Even so, the approval of a judge or “an independent administrative authority” will be necessary as indicated in the sentence. Without this order, the States will not be able to request information from telecommunications operators. But doesn’t the Data Protection Law prevent us from being tracked? How is it possible, if I have the GPS disabled? The trick is called aggregated data, and it is legal. The carriers track your location and trade that data, and you can’t do anything. Let’s see how it works. The States requested to be able to ask the operators for generalized and undifferentiated information that they have collected on the use that their clients make of their telephone connections. This could involve the records of phone calls, messages and a large number of personal data and the lives of these people. Countries such as the United Kingdom, France and Belgium have monitoring bodies and laws that allowed them to request all this information from national telecommunications companies. However, this new ruling invalidates these activities and the process will be much more complicated for the States. Similarly, the European Union already ruled months ago that US companies could not send data from European users outside the EU It was determined that US national security laws do not cover the privacy of European citizens . Thus a new chapter is written in data protection law which, with new technologies, requires constant review now that our personal data can circulate so easily.