Negotiators in the European Union and the United States have agreed on a stop-gap measure to allow companies to transfer private data overseas. But the “EU-US Privacy Shield” is not likely to withstand legal challenge. To protect privacy, we need reform, not rebranding.
An agreement on data transfers has been reached, but the document has not been published.
EPIC has filed emergency Freedom of Information requests with the US the EU for release of a secret agreement for the transfer of personal data across the Atlantic. A new framework was required by a recent decision of the European Court of Justice. But European and American consumer organizations say the "Privacy Shield" does not provide adequate protection for the transfer of personal data.
American and European officials released details about a new trans-Atlantic data transfer agreement, prompting a new round of debate about how companies like Google move digital information between the two regions.
The United States does not want to change the substance of a data transfer pact agreed in February with the European Commission, a senior official said, after EU privacy watchdogs voiced concerns over elements of the deal.
Last week, the Article 29 Working Party published a non-binding opinion on the framework which called for more reassurances over U.S. surveillance practices and the independence of a new U.S. privacy ombudsman.
The Irish High Court refers Facebook privacy case to the Court of Justice of the European Unionin order to determine the legal status of data transfers under Standard Contractual Clauses. Therefore, Facebook could face questions from the CJEU about the validity of the model clauses it uses to transfer data outside of the 28-member-state bloc.