Some items on our site have recently moved. Visit our News Hub for selected articles, special reports, podcasts and other resources.
EU hopeful Biden administration will make US 'adjustments' on Privacy Shield, lawmaker says
09 November 2020 22:54 by Jakub Krupa
US President-elect Joe Biden's administration should make the necessary adjustments to unblock transatlantic data transfers after the EU's top court this summer struck down the Privacy Shield over surveillance concerns, a senior lawmaker in the European Parliament said today.
"I strongly hope that the ... Biden administration, if soon confirmed, will make necessary adjustments to privacy" so that the issue won't "jeopardize the good start we have had with the partner across the Atlantic," Miapetra Kumpula-Natri told an online conference.*
In July, the EU's top court annulled the US-EU data transfer agreement knows as Privacy Shield, arguing that American intelligence surveillance oversight is “not circumscribed in a way that satisfies requirements that are essentially equivalent to those required under EU law”.
The Finnish member of the European Parliament, who is vice-chairman of Parliament's delegation for relations with the US, said "when it comes to bilateral and regional trade agreements, I think we can still go much further."
She added that the EU's focus should be on aligning its digital economy with "the countries [with] which we have an adequacy decision on privacy," or an equivalent arrangement.
Kumpula-Natri, who is also responsible for drafting the European Parliament Industry Committee's report on the EU Data Strategy, further argued that the mechanism of data-adequacy checks provided by the bloc's strict General Data Protection Regulation offers suitable safeguards for international data transfers.
Her comments were echoed by the European Commission's coordinator on World Trade Organization e-commerce negotiations, Judit Fischer, who said "the EU has always been clear that the localization of data is not a suitable measure to protect privacy," as the GDPR contains a range of tools that "guarantee that the [level of] protection travels with the data, no matter where the data is."
She said the EU sees "data localization requirements introduced for protectionist reasons as trade barriers," adding that the block will seek "a clear prohibition" of this practice during WTO talks.
The lawmakers' comments appear to rebut concerns that the Schrems II judgment on Privacy Shield may prompt companies to store data in Europe rather than risk transferring it to the US and that the commission's data strategy could push companies to use EU-based cloud services to the detriment of foreign service providers.
Meanwhile, Niclas Poitiers of EU think tank Breugel warned that the bloc shouldn't get its hopes too high on Biden's victory opening a fast path to resolve the legal issues around Privacy Shield.
"I don't see a clear way out, [even] with a more sympathetic Biden administration, for the simple reason that the kind of problem the European Court of Justice has seen with this is ... that there is no legal avenue for European citizens to litigate against infractions of their privacy. This is something I cannot foresee the US government changing, and giving up on the security laws they have for [the sake of] Europeans," he said.
Poitiers also suggested the issue could affect ongoing negotiations over a data-adequacy decision for the UK after it leaves the EU.
"We should be aware that there is a Damocles' sword hanging over UK data flows [as] the same reasoning that the ECJ applied to the US could also be applied to the UK the moment Brexit happens. I think there are questions [about] whether there actually will be an adequacy decision between the EU and the UK," he suggested, "as they might not have an adequate framework."
The ongoing adequacy discussions are in parallel to broader talks about the future trade arrangements between the UK and the EU. Experts have long been warning that, if granted, it would likely face "immediate" legal challenge from privacy campaigners.
*Webinar on data flows, artificial intelligence and international trade; European Parliament; Nov. 9, 2020
26 May 2023 14:59 by Sam ClarkWhen the EU’s General Data Protection Regulation came into force five years ago, some said it would usher in a new era of EU supremacy over Silicon Valley's tech giants, reining in their rampant data-driven power.
24 May 2023 15:39 by Mike SwiftSince the General Data Protection Regulation took effect five years ago this week, more than 40 countries have enacted national privacy laws, most of which drew liberally from the canonical text of the EU law.
23 May 2023 23:47 by Mike SwiftThe count of countries with data protection laws more than doubled to 162 over the past dozen years, a total that includes a wide majority of the world’s nations, with new research suggesting data protection rules are approaching ubiquity.