05:59 GMT +321 August 2019
Listen Live
    Surveillance

    European-US Privacy Shield Data Sharing Deal Blasted as Inadequate

    CC0
    Europe
    Get short URL
    192

    Privacy groups in Europe have slammed the latest EU-US data-sharing agreement as being insufficient to protect the personal rights of European citizens, when their data is taken from computers in Europe and stored on servers in the US.

    The new data agreement was brought about because the European Court of Justice ruled in October 2015 that the previous EU-US data agreement – Safe Harbor – was invalid. The issue arises from the strict EU laws – enshrined in the Charter of Fundamental Rights of the European Union – to the privacy of their personal data.

    The Safe Harbor agreement was a quasi-judicial understanding that the US undertook to agree that it would ensure that EU citizens’ data on US servers would be held and protected under the same restrictions as it would be under EU law and directives. The data covers a huge array of information – from internet and communications usage, to sales transactions, import and exports.

    The case arose when Maximillian Schrems, a Facebook user, lodged a complaint with the Irish Data Protection Commissioner, arguing that – in the light of the revelations by ex-CIA contractor Edward Snowden of mass surveillance by the US National Security Agency (NSA) – the transfer of data from Facebook’s Irish subsidiary onto the company’s servers in the US does not provide sufficient protection of his personal data.

    The court ruled that the Safe Harbor Decision denies the national supervisory authorities their powers where a person calls into question whether the decision is compatible with the protection of the privacy and of the fundamental rights and freedoms of individuals. 

    Privacy Shield

    The new proposed replacement – known as Privacy Shield — has been agreed after months of negotiation between the US and the EU. It promises "stronger obligations on companies in the US to protect the personal data of Europeans and stronger monitoring and enforcement by the US Department of Commerce and Federal Trade Commission (FTC), including through increased cooperation with European Data Protection Authorities".

    If an EU citizen considers that their data has been misused under the new arrangement, they can have their complaint referred to the US Department of Commerce and the Federal Trade Commission, or to an Alternative Dispute resolution system. The US has also promised to appoint an ombudsman to oversee the system.

    However, Anna Fielder, chair of Privacy International said:

    "It’s still a half-baked agreement. It is slightly different to Safe Harbor, but they seem to have spent more on a logo than on the actual substance. We think it will be subject to further legal challenges. It’s an agreement in principle and we don’t think it will work."

    "The [proposed] ombudsman is based in the US equivalent of the Foreign Office. We don’t know what kind of independence it will have. The [European Court of Justice in its October ruling] demanded an independent authority and this is scarcely independent. How do I know that my data has been abused?" she said.

    Related:

    EU and US Miss Deadline for Data Privacy Agreement
    Call to Halt EU-US Data Exchange Might Facilitate Compromise on Safe Harbor Deal
    The Snowden Effect: Safe Harbor for Facebook Users 'Invalid'
    So Long Safe Harbor: EU/US Data Sharing Deal Suspended
    Tags:
    Safe Harbor agreement, data, information, surveillance, privacy, European Court of Justice, Maximilian Schrems, Edward Snowden, Europe, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik