The controversial EU-US Privacy Shield data sharing pact is to undergo its first annual review this week, with IT and business groups highlighting its strengths, while the European Commission takes a more cautious approach.
The arangement was brought into force on 12 July last year after the European Court of Justice, the EU’s top court, struck down its predecessor, known as ‘Safe Harbour’, amidst concerns over European data being monitored under the US government’s mass surveillance programmes.
Privacy Shield seeks to ensure privacy protections by giving EU citizens stronger means of seeking redress in disputes, including a privacy ombudsman within the US State Department assigned the task of dealing with EU complaints.
One of the EU’s current issues with the deal, however, is the new US presidential administration’s failure to appoint an ombudsman, something EU justice commissioner Vera Jourova said she would address in a trip to the US on Monday and Tuesday.
More than 2,400 firms have signed up to the deal, which allows them to transfer Europeans’ data out of the bloc without the need for costly bespoke contracts.
“The agreement improves privacy protections and ensures that data can continue to flow across the Atlantic, supporting the EU-US trillion-euro trade relationship, by far the largest in the world,” stated Victoria Espinel, president and chief executive of The Software Alliance (BSA), which was founded by Microsoft in the 1980s and represents firms such as Apple and IBM.
“Almost every type of transaction today has both a digital and international component and therefore relies on the unhindered and uninterrupted flow of data.”
The White House issued a statement saying the review would demonstrate the “value and integrity” of Privacy Shield.
“We firmly believe that the upcoming review will demonstrate the strength of the American promise to protect the personal data of citizens on both sides of the Atlantic,” the White House stated.
Jourova has been more circumspect, telling various press outlets over the weekend she expects her fact-finding mission to identify some problems and make some proposals for improvement, although she doesn’t expect negotiations will be reopened. The Commission is to produce a report based on Jourova’s review next month.
MEPs initially rejected Privacy Shield in a non-binding vote and it is currently subject to two legal challenges, while European data protection authorities have also expressed doubts over its effectiveness.
In May 2016 Giovanni Buttarelli, the European data protection supervisor (EDPS), said in an official opinion he didn’t believe Privacy Sheild was robust enough to stand up under future legal scrutiny, particularly with EU data protection rules due to be tightened under the General Data Protection Regulation (GDPR) coming into force in May 2018.
“It’s time to develop a longer-term solution in the transatlantic dialogue,” Buttarelli said at the time.
In January the Information Commissioner’s Office (ICO) and EU data protection regulators said efforts by the new US administration to roll back data privacy regulations didn’t immediately affect Privacy Shield, but they said the actions raised concern over future US policies.
How well do you know the cloud? Try our quiz!
OpenAI's bid to convert to a 'for-profit' organisation is opposed by Elon Musk and co…
Group of news publishers in Canada become the latest group to sue OpenAI for allegedly…
CEO Pat Gelsinger has been “retired” effective 1 December, after the board of directors reportedly…
World spanning subsea cable measuring 40,000km (or 24,854 mile) long, reportedly being planned by Meta…
More legal trouble. Canada's Competition Bureau sues Google for alleged anti-competitive conduct in online advertising
As social media ban passes, Australian government is accused by Meta of failing to consider…