Monday

4th Dec 2023

Cracks emerge in EU US data 'shield'

  • The EU is hoping a new Privacy Shield will restore business confidence on data transfers to the US (Photo: Alessio Milan)

The next US administration can, if it so chooses, weaken an already patchy data sharing pact with the EU known as Privacy Shield.

The provisional agreement spells out how US companies can use the transferred data of EU nationals while respecting tough EU privacy laws.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

But fears are mounting a US administration headed by firebrand Donald Trump may attempt to punch holes in an agreement whose legal basis is largely based on promises and letters signed by top US officials.

Ted Dean, a US department of commerce official, told a room of skeptical MEPs on Thursday (17 March) that the US has made commitments to uphold its side of the bargain.

When pressed on the legal basis that ties the US to those commitments, he said it was in the commercial interest of the US to respect the rules.

"We've made these commitments, a new administration could look at them, but that is exactly why there is an annual review," he added.

His EU commission counterpart Tiina Astola echoed similar views, telling MEPs that possible changes is "a fact of life".

"Whenever an administration changes, when the legislature changes, there can be amendments and changes. But that is the fact of life," she said.

The two sides took years to reach a political agreement on how to protect the privacy of transferred data of EU citizens while allowing US firms to process and use that data for commercial ends.

Privacy Shield is supposed to ensure, among other things, that the US National Security Agency (NSA) won't bulk collect and use data of EU citizens once transferred to the US.

The entire agreement hinges on whether it can stand up against the scrutiny of the European Court of Justice in Luxembourg.

The Court last October scuppered a 15-year old Safe Harbour agreement following revelations by former NSA contractor Edward Snowden of US-led mass surveillance.

Over 4,000 US firms relied on Safe Harbour.

With Safe Harbour dead, many were at pains on how to transfer and use the data of EU citizens whose commercial value is estimated in the billions.

Negotiators on both sides of the Atlantic then scrambled to finalise the new Privacy Shield as a Safe Harbour replacement.

They then announced Shield at the start of February with much fanfare but without disclosing details on how it would work in practice.

Bulk collection still allowed

A few weeks later, the EU commission published a series of letters signed US state secretary John Kerry, commerce secretary Penny Pritzker, the Federal Trade Commission, and the Office of the Director of National Intelligence, amongst others.

Details in those letters show the US can still bulk collect data if targeted collection is somehow not feasible.

The EU commission says this is good enough, noting if the US fails to comply, it can suspend the pact.

"Even if bulk collection is sometimes allowed the sum total of these limitation and safeguards means there is no limitless collection and no limitless access, which is what the Court [ECJ] found to be in breach," said Astola.

The EU and US are hoping their arguments will re-inject business confidence among the thousands of firms that rely on processing data of EU nationals.

That includes restoring trust among the people whose data is being harvested. If people think the US will continue to violate their privacy, regardless of Privacy Shield, then they may turn away from US firms.

Some privacy advocates are describing Privacy Shield as a sham.

"Privacy Shield represents a step backwards for the scope and definition to the right of privacy," said Marc Rotenberg, president and Executive Director of the US-based Electronic Privacy Information Center.

He said section 702 of the US foreign Intelligence Surveillance Act (FISA) first needs to be repealed.

The section grants the US government sweeping powers to collect foreign intelligence information.

Orban's sovereignty bill seen as fresh attack on rule of law

Hungary's new sovereignty law has been criticised by the opposition as 'another dark milestone' for the country's democratic values and the rule of law — and it could bring yet another clash between Budapest and Brussels.

Analysis

How Wilders' Dutch extremism goes way beyond Islamophobia

Without losing sight of his pervasive Islamophobia, it is essential to note Geert Wilders' far-right extremism extends to other issues that could drastically alter the nature of Dutch politics — and end its often constructive role in advancing EU policies.

Latest News

  1. Afghanistan is a 'forever emergency,' says UN head
  2. EU public procurement reform 'ineffective', find auditors
  3. COP28 warned over-relying on carbon capture costs €27 trillion
  4. Optimising Alzheimer's disease health care pathways across Europe
  5. Georgian far-right leader laughs off potential EU sanctions
  6. The EU's U-turn on caged farm animals — explained
  7. EU-China summit and migration files in focus This WEEK
  8. COP28 debates climate finance amid inflated accounting 'mess'

Stakeholders' Highlights

  1. Nordic Council of MinistersArtist Jessie Kleemann at Nordic pavilion during UN climate summit COP28
  2. Nordic Council of MinistersCOP28: Gathering Nordic and global experts to put food and health on the agenda
  3. Friedrich Naumann FoundationPoems of Liberty – Call for Submission “Human Rights in Inhume War”: 250€ honorary fee for selected poems
  4. World BankWorld Bank report: How to create a future where the rewards of technology benefit all levels of society?
  5. Georgia Ministry of Foreign AffairsThis autumn Europalia arts festival is all about GEORGIA!
  6. UNOPSFostering health system resilience in fragile and conflict-affected countries

Stakeholders' Highlights

  1. European Citizen's InitiativeThe European Commission launches the ‘ImagineEU’ competition for secondary school students in the EU.
  2. Nordic Council of MinistersThe Nordic Region is stepping up its efforts to reduce food waste
  3. UNOPSUNOPS begins works under EU-funded project to repair schools in Ukraine
  4. Georgia Ministry of Foreign AffairsGeorgia effectively prevents sanctions evasion against Russia – confirm EU, UK, USA
  5. Nordic Council of MinistersGlobal interest in the new Nordic Nutrition Recommendations – here are the speakers for the launch
  6. Nordic Council of Ministers20 June: Launch of the new Nordic Nutrition Recommendations

Join EUobserver

Support quality EU news

Join us