Tuesday

12th Dec 2017

EU to adopt new US data rules in July

  • EU commission is set to roll out its updated draft version of Privacy Shield (Photo: Matthew Klein)

The European Commission is set to present a new draft of its data-exchange pact with the US, the Privacy Shield, in early July.

EU justice commissioner Vera Jourova told EUobserver in a recent interview that the most contentious issues had been agreed by Washington and Brussels.

Thank you for reading EUobserver!

Subscribe now for a 30 day free trial.

  1. €150 per year
  2. or €15 per month
  3. Cancel anytime

EUobserver is an independent, not-for-profit news organization that publishes daily news reports, analysis, and investigations from Brussels and the EU member states. We are an indispensable news source for anyone who wants to know what is going on in the EU.

We are mainly funded by advertising and subscription revenues. As advertising revenues are falling fast, we depend on subscription revenues to support our journalism.

For group, corporate or student subscriptions, please contact us. See also our full Terms of Use.

If you already have an account click here to login.

These concerned access to data by US security services, bulk collection of people’s personal information and independent oversight.

“We reached an accord on more precise listing of cases when bulk collection can occur and a better definition of how our American partners understand the difference between bulk collection which may be justified and mass surveillance without any purpose, which is not tolerable”, she said.

“These specific points have already been finished and put down in written form”.

The shield is to replace the 15 year-old Safe Harbour pact that failed to protect the privacy of EU nationals whose data was transferred to firms, such as Facebook, based in the US.

The EU Court of Justice (ECJ) invalidated the harbour treaty last year, due in part, to revelations by Edward Snowden, a former US intelligence contractor, of mass-scale US snooping on Europeans.

The EU commission and the US, after two years of talks, proposed the shield treaty as a replacement earlier this year.

But the EU's main regulatory body on privacy, the Article 29 Data Protection Working Party, criticised the initial draft in the strongest possible terms.

The body is composed of EU states’ national data supervisors and EU officials.

Isabelle Falque-Pierrotin, its chair, said in April that the shield would fail to protect people's data.

“The possibility that is left in the shield and its annexes for bulk collection … is not acceptable," she said.

She sent the draft back to the EU commission, which is now set to present its updated version.

Big money

The issue is important because big and small companies that use data on both sides of the Atlantic have had to use more costly and more complicated data exchange frameworks ever since Safe Harbour’s demise.

A lot of money is involved. The data flows are worth an estimated €230 billion a year.

Broader concerns on how well the new “shield” would stand up to ECJ scrutiny have also put companies on edge.

Giovanni Buttarelli, the European data protection supervisor (EDPS), told reporters in May he too had "serious concerns" with Privacy Shield.

But Jourova remained confident.

Aside from having narrowed down on US bulk collection, she said she had also tackled the problem of oversight.

The US has promised to set up a special ombudsman, embedded in the state department, to help deal with complaints from EU nationals.

But doubts emerged over the independence of the new office.

Jourova told this website that "a more precise definition of competencies, status, and functioning" of the ombudsman have since been agreed.

Not everything is ready, however.

Jourova said the EU and US still need to agree on how long firms can retain the data and for what purpose.

"We want to make sure that personal data will only be kept for that period which is necessary and to agree on exceptions which enable them to keep data for a longer time," she said.

Exceptions in the EU include retaining data for scientific research purposes or for healthcare needs.

“In the US they have a broader, a more benevolent system [on retention], and everything that we do on Privacy Shield is to make sure that there’ll be equivalent, not the same, but equivalent, protection [for EU and US nationals]”, she said.

EU data regulation

The EU commission said the Privacy Shield would become operational almost immediately after it is adopted by the college of EU commissioners in July, with no further input from the EU Council or MEPs.

Around a year later, the EU's reformed data protection regulation should also be implemented.

The regulation is much tougher when it comes to privacy controls and companies will have to comply with it or face big fines.

The difference between the two hinges on how a company uses data.

Data sent to a company in the US would fall under the Privacy Shield. But if the same company also offers goods and services in the EU and collects EU nationals’ data remotely, then it will have to comply with the EU regulation as well.

Romania wants EU signal on Schengen membership

Bucharest expects other member states to decide on its accession to the passport-free area before it takes the rotating EU presidency on 1 January 2019 - amid criticism of a controversial new justice reform.

Germany says China using LinkedIn to recruit informants

Germany's spy agency says the Chinese state is trying to recruit high-ranking German officials via social media outlets like LinkedIn. It accused Chinese intelligence of setting up fake profiles to lure them into becoming informants.

News in Brief

  1. EU to Israel: Don't expect us to move embassies
  2. EU Commission condemns anti-semitic 'Jerusalem' protests
  3. Ministers have 'lots of questions' on new CAP plans
  4. Commission: Brexit agreement is 'deal between gentlemen'
  5. 25 EU states sign defence cooperation pact
  6. Netanyahu wants 'hardy' talks with EU on Jerusalem
  7. French centre-right elects new leader
  8. Germany and UK increase arms sales

Stakeholders' Highlights

  1. ACCACFOs Risk Losing Relevance If They Do Not Embrace Technology
  2. UNICEFMake the Digital World Safer for Children & Increase Access for the Most Disadvantaged
  3. European Jewish CongressWelcomes Recognition of Jerusalem as the Capital of Israel and Calls on EU States to Follow Suit
  4. Mission of China to the EUChina and EU Boost Innovation Cooperation Under Horizon 2020
  5. European Gaming & Betting AssociationJuncker’s "Political" Commission Leaves Gambling Reforms to the Court
  6. AJC Transatlantic InstituteAJC Applauds U.S. Recognition of Jerusalem as Israel’s Capital City
  7. EU2017EEEU Telecom Ministers Reached an Agreement on the 5G Roadmap
  8. European Friends of ArmeniaEU-Armenia Relations in the CEPA Era: What's Next?
  9. Mission of China to the EU16+1 Cooperation Injects New Vigour Into China-EU Ties
  10. EPSUEU Blacklist of Tax Havens Is a Sham
  11. EU2017EERole of Culture in Building Cohesive Societies in Europe
  12. ILGA EuropeCongratulations to Austria - Court Overturns Barriers to Equal Marriage

Latest News

  1. Alignment with EU is 'last resort', May tells MPs
  2. Iceland: further from EU membership than ever
  3. Israel presses Jerusalem claim in EU capital
  4. From dark coal toward a brighter future
  5. UK casts doubt on EU deal in 'bizarre' twist
  6. Romania wants EU signal on Schengen membership
  7. Germany says China using LinkedIn to recruit informants
  8. No chance of expanding EU warrant crime list

Stakeholders' Highlights

  1. Centre Maurits CoppietersCelebrating Diversity, Citizenship and the European Project With Fundació Josep Irla
  2. European Healthy Lifestyle AllianceUnderstanding the Social Consequences of Obesity
  3. Union for the MediterraneanMediterranean Countries Commit to Strengthening Women's Role in Region
  4. Bio-Based IndustriesRegistration for BBI JU Stakeholder Forum about to close. Last chance to register!
  5. European Heart NetworkThe Time Is Ripe for Simplified Front-Of-Pack Nutrition Labelling
  6. Counter BalanceNew EU External Investment Plan Risks Sidelining Development Objectives
  7. EU2017EEEAS Calls for Eastern Partnership Countries to Enter EU Market Through Estonia
  8. Dialogue PlatformThe Turkey I No Longer Know
  9. World Vision7 Million Children at Risk in the DRC: Donor Meeting to Focus on Saving More Lives
  10. EPSU-Eurelectric-IndustriAllElectricity European Social Partners Stand up for Just Energy Transition
  11. European Friends of ArmeniaSignature of CEPA Marks a Fresh Start for EU-Armenia Relations
  12. Nordic Council of MinistersNordic Energy Ministers Pledge to Work More Closely at Nordic and EU Level