Monday

25th Mar 2019

Privacy Shield less relevant given GDPR, says data chief

  • Is Privacy Shield still relevant? (Photo: European Commission)

Two years ago the EU's data protection chief said the EU-US data transfer pact known as 'Privacy Shield' would increasingly play a minor role.

On the eve of the launch of the general data protection regulation (GDPR), Giovanni Buttarelli, the European data protection supervisor, maintains his position.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 18 year's of archives. 30 days free trial.

... or join as a group

On Wednesday (23 May) in an interview with EUobserver, he said the soon to be enforced data rules will provide a much higher standard of safeguards that go far beyond Privacy Shield.

"You may say Privacy Shield is still there but is less relevant for me because the entire set of standards, including the transfer, should be subject to higher standards," he said.

Privacy Shield is a self-certifying legal framework enforced by the Americans that allows US tech firms to transfer data of Europeans back to the United States on the basis they respect European privacy laws.

GDPR is a European regulation that goes way beyond the scope of Privacy Shield, is enforced by European data regulators as of Friday, and wrestles away the corporate grip on people's data worldwide.

GDPR means, among other things, that people in Europe must give affirmative consent for their data to be used, that any business anywhere in the world be clear about how they use that data, and that one can demand that same data be deleted or transferred elsewhere.

It also means companies must design services that have privacy standards built in by default. The whole is supposed to protect data from things like abuse and identity theft.

"On Friday, what you do in Europe remotely is subject to GDPR in its entirety," said Buttarelli, noting that Privacy Shield will no longer be considered as a 'free pass' for US firms to use the data as they please.

The thousands of US companies like Facebook listed under shield are supposed to respect European privacy laws, but in practice, this has raised serious doubts of compliance.

The pact had to be renegotiated after the European Court of Justice scuppered its predecessor Safe Harbour in late 2015 given US mass surveillance, in the wake of secret documents leaked to the press by former US agent Edward Snowden.

The US then earlier this year renewed privacy-invasive programs like section 702 of the US Foreign Intelligence Surveillance Act (FISA), which allows the National Security Agency to gather intelligence on Europeans by collecting data from fibre optic cables.

The Americans have also yet to appoint the necessary staff on their side to make sure the conditions of the Privacy Shield pact are fully respected. This includes setting up a permanent ombudsman within the US state department to field complaints by EU citizens.

US promises to meet those conditions fell apart under the Donald Trump administration despite repeated European Commission demands. Last September, Vera Jourova, the EU justice commissioner went to the United States to sort outstanding issues. She came away empty handed.

"I made clear that my patience is running to an end," Jourova told reporters last week when asked if anything has since changed.

Despite the loopholes and lack of US compliance, some MEPs maintain that Privacy Shield remains vital. MEPs in the civil liberties committee on Thursday are set to vote on a report on Privacy Shield.

One of its biggest defenders is Axel Voss, a German centre-right MEP.

"It decreases the administrative burden for businesses and keeps a safe environment for citizens' data," he said, in a statement on Wednesday.

Voss had also tabled more amendments to weaken the general data protection regulation than any other MEP, according to LobbyPlag.

Focus

Are EU data watchdogs staffed for GDPR?

The success of the new general data protection regulation (GDPR) will depend on whether data protection authorities enforce the new rules - which, in turn, will be at least partly determined by how many people they employ.

Eight countries to miss EU data protection deadline

The EU starts enforcing its general data protection regulation on 25 May - but Belgium, Bulgaria, Cyprus, Czech Republic, Greece, Hungary, Lithuania and Slovenia won't be ready. The delay will cause legal uncertainty.

New GDPR enforcer says complaints imminent

The European Data Protection Board is a new EU body tasked with enforcing the EU's privacy laws with powers to impose massive fines. Its head Andrea Jelinek told reporters complaints against companies are expected to be immediate.

GDPR - a global 'gold standard'?

The new EU privacy rules are touted as a global 'gold standard' - but Mexico's former data commissioner warns some nations are far from ready.

News in Brief

  1. EU leaders at summit demand more effort on disinformation
  2. Report: Corbyn to meet May on Monday for Brexit talks
  3. Petition against Brexit attracts 2.4m signatures
  4. Study: Brexit to cost EU citizens up to €40bn annually
  5. NGOs demand France halt Saudi arm sales
  6. Report: Germany against EU net-zero emissions target
  7. Former top EU official takes job at law firm
  8. Draft text of EU summit has Brexit extension until 22 May

Stakeholders' Highlights

  1. Nordic Council of MinistersNew campaign: spot, capture and share Traces of North
  2. Nordic Council of MinistersLeading Nordic candidates go head-to-head in EU election debate
  3. Nordic Council of MinistersNew Secretary General: Nordic co-operation must benefit everybody
  4. Platform for Peace and JusticeMEP Kati Piri: “Our red line on Turkey has been crossed”
  5. UNICEF2018 deadliest year yet for children in Syria as war enters 9th year
  6. Nordic Council of MinistersNordic commitment to driving global gender equality
  7. International Partnership for Human RightsMeet your defender: Rasul Jafarov leading human rights defender from Azerbaijan
  8. UNICEFUNICEF Hosts MEPs in Jordan Ahead of Brussels Conference on the Future of Syria
  9. Nordic Council of MinistersNordic talks on parental leave at the UN
  10. International Partnership for Human RightsTrial of Chechen prisoner of conscience and human rights activist Oyub Titiev continues.
  11. Nordic Council of MinistersNordic food policy inspires India to be a sustainable superpower
  12. Nordic Council of MinistersMilestone for Nordic-Baltic e-ID

Latest News

  1. Italy takes China's new Silk Road to the heart of Europe
  2. What EU leaders agreed on climate - and what they mean
  3. Copyright and (another) new Brexit vote This WEEK
  4. EU avoids Brexit crash, sets new date for 12 April
  5. Campaigning commissioners blur the lines
  6. Slovakia puts squeeze on free press ahead of election
  7. EPP suspends Orban's Fidesz party
  8. Macron is confusing rigidity with strength

Stakeholders' Highlights

  1. Counter BalanceEU bank urged to free itself from fossil fuels and take climate leadership
  2. Intercultural Dialogue PlatformRoundtable: Muslim Heresy and the Politics of Human Rights, Dr. Matthew J. Nelson
  3. Platform for Peace and JusticeTurkey suffering from the lack of the rule of law
  4. UNESDASoft Drinks Europe welcomes Tim Brett as its new president
  5. Nordic Council of MinistersNordic ministers take the lead in combatting climate change
  6. Counter BalanceEuropean Parliament takes incoherent steps on climate in future EU investments
  7. International Partnership For Human RightsKyrgyz authorities have to immediately release human rights defender Azimjon Askarov
  8. Nordic Council of MinistersSeminar on disability and user involvement
  9. Nordic Council of MinistersInternational appetite for Nordic food policies
  10. Nordic Council of MinistersNew Nordic Innovation House in Hong Kong
  11. Nordic Council of MinistersNordic Region has chance to become world leader when it comes to start-ups
  12. Nordic Council of MinistersTheresa May: “We will not be turning our backs on the Nordic region”

Join EUobserver

Support quality EU news

Join us