The U.S. and European Commission have released details of the new U.S.- EU Privacy Shield to replace the Safe Harbor that was invalidated by the European Court of Justice last year. The Privacy Shield moves beyond the Safe Harbor with pledges of more robust enforcement by U.S. authorities; greater transparency obligations on U.S. companies; allowing redress for EU citizens and providing for an annual review mechanism.
Last week President Obama signed the US Judicial Redress Act giving EU citizens the same rights US citizens enjoy under the 1974 Privacy Act.
In addition, the U.S. government has provided written assurance in the form of a letter from the General Counsel of the Office of the Director of National Intelligence, identifying the six situations in which U.S. intelligence will be explicitly allowed to use data collected in bulk, including for undefined “counter-terrorism” purposes.
The new Privacy Shield next must be approved by the European Parliament in conjunction with the execution of a new Umbrella Agreement on data transfers between the U.S. and the EU. Max Schrems, who challenge to Facebook’s privacy practices led to the European Court of Justice’s decision, still believed that the U.S. surveillance “violates EU fundamental rights”.
EU Fact Sheet
Department of Commerce Fact Sheet
EU Press Release and FAQs
Pingback: CLBR #215: Digital Medicine with Harry Nelson – Cyber Law & Business Report
Pingback: CLBR #216: Cam Kerry on the US-EU Privacy Conflict – Cyber Law & Business Report
Pingback: US Forced Back to Negotiating Table on EU Privacy Shield | Cyber Report
Pingback: EC Gives Final Approval to Privacy Shield | Cyber Report