Her comments come just two days after the European Commission unveiled a new agreement of sharing data to replace Safe Harbor, which was last year ruled to have been invalid.
The agreement was a quasi-judicial understanding that the US undertook to agree that it would ensure that EU citizens’ data on US servers would be held and protected under the same restrictions as it would be under EU law and directives. The data covers a huge array of information – from internet and communications usage to sales transactions, import and exports.
The case arose when Maximillian Schrems, a Facebook user, lodged a complaint with the Irish Data Protection Commissioner, arguing that – in the light of the revelations by ex-CIA contractor Edward Snowden of mass surveillance by the US National Security Agency (NSA) – the transfer of data from Facebook’s Irish subsidiary onto the company’s servers in the US do not provide sufficient protection of his personal data.
The new proposed replacement – Privacy Shield – has been agreed after months of negotiation between the US and the EU. It promises "stronger obligations on companies in the US to protect the personal data of Europeans and stronger monitoring and enforcement by the US Department of Commerce and Federal Trade Commission (FTC), including through increased cooperation with European Data Protection Authorities".
However, Falque-Pierrotin told reporters in Brussels that the proposals, as they stand, are legally totally unclear.
"We can't just accept words. It's difficult to come to a conclusion when you're facing political will but no real documents. The legal format of the arrangement is still unclear for us."
Falque-Pierrotin demanded to see the full set of documents over Privacy Shield by the end of February in order to assess whether the agreement met the EU standards on data privacy.
"We still have concerns of the US legal framework."