EU gives thumbs up to US data pact
-
(Photo: freestocks.org)
The European Commission on Wednesday (18 October) said the EU-US Privacy Shield, a deal reached between Washington and Brussels to protect Europeans' personal data transferred to the United States for commercial purposes, had passed its first annual review.
The Privacy Shield was concluded last year to replace the Safe Harbour agreement, declared invalid by the European Court of Justice (ECJ) in October 2015 over concerns about US government's misuse of Europeans' data for national security reasons.
Join EUobserver today
Become an expert on Europe
Get instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Already a member?
The ECJ verdict came in the wake of whistleblower Edward Snowden's revelations of US-led mass surveillance programs.
According to EU justice commissioner Vera Jourova, who presented the first annual report on the agreement, the Shield is "working well" and continues to ensure an adequate level of protection for Europeans' personal data transferred to participating companies in the US.
"US authorities", said Jourova "are complying with their commitments" by putting in place necessary structures and procedures to ensure the correct functioning of the agreement - such as new redress possibilities for EU individuals, a complaint-handling and enforcement procedure and cooperation with the European Data protection authorities.
There are 2,400 companies - including Facebook, Microsoft, Google and Alphabet Inc - said Jourova, "that have been certified by the US Department of Commerce" so far. That is more "than what happened" during the 10 years during which "the previous agreement was in place".
Room for improvement
Nevertheless, the commissioner explained, some "room for improvements" is still called for, notably the need from the the US Department of Commerce for a tougher monitoring of the compliance of companies with its privacy rules.
Commission vice-president for the digital single market Andrus Ansip said "this first annual review demonstrates our commitment to create a strong certification scheme with dynamic oversight work."
In the coming months, the Commission will continue to to closely monitor the functioning of the Privacy Shield framework, including the US authorities' compliance with their commitments.
The Commission's report, represents a further step after the first annual joint review of the Shield, held in Washington in mid-September 2017 to ensure the United States lived up to its guarantees to better protect data EU data transferred across the Atlantic.
Privacy ombudsperson needed
Last month, commissioner Jourova had told journalists that she wanted the United States to nominate a qualified privacy ombudsperson - someone who, as decided in the Privacy Shield, would be able to deal with European citizens' complaints about US spying.
Major concerns were expressed by Jourova as regarding possible forthcoming changes within the US Foreign Intelligence Surveillance Act (FISA), that is up for renewal before the end of the year.
"Of course we are very concerned about what the new version of this act will mean for Privacy Shield" explained Jourova.
"I was very clear about our position that we do not want to see any changes which will go to the detriment of the protection of private data of Europeans so we will be watching this very closely in the coming weeks and months," she added.
Site Section
Related stories
- US tests EU patience over Privacy Shield
- Safe Harbour invalidation puts EU data in quarantine
- US firms face possible sanctions over Safe Harbour
- Uber may face fines in EU for keeping data breach secret
- UK tech worried over post-Brexit data sharing
- EU Parliament 'cookie' restrictions worry online media