The European Union (E.U.) has given its approval for a newly established agreement concerning the privacy of personal data transmitted between Europe and the United States.
The E.U.-U.S. Data Privacy Framework has been deemed to provide a sufficient level of protection for personal data by the E.U.’s executive commission. This endorsement signifies that the framework aligns with the stringent data protection standards of the 27 E.U. member states, allowing companies to transfer information between Europe and the U.S. without requiring additional security measures.
The accord stems from an executive order signed by U.S. President Joe Biden in October, which was implemented following a preliminary agreement between Biden and European Commission President Ursula von der Leyen. This collaboration aims to resolve the longstanding dispute between Washington and Brussels over the safeguarding of E.U. citizens’ data stored by tech companies in the U.S., following the annulment of two prior data transfer agreements.
E.U. Justice Commissioner Didier Reynders expressed the significance of this development at a press briefing in Brussels, stating, “Personal data can now flow freely and safely from the European Economic Area to the United States without any further conditions or authorizations.”
What’s new
The framework, which took effect July 10th, includes enhanced safeguards against data collection abuses and offers multiple avenues for recourse.
U.S. intelligence agencies’ access to data is constrained to what is deemed “necessary and proportionate” for national security purposes. A Data Protection Review Court, comprising judges independent of the U.S. government, will address complaints from Europeans who suspect their data has been accessed by U.S. authorities.
Critics vow to challenge decision
However, the endorsement of the E.U.-U.S. Data Privacy Framework is not without its critics. The non-profit organization NOYB (None of Your Business), spearheaded by Austrian privacy activist Max Schrems, has vowed to challenge the decision. Mr. Schrems emphasized that the mere proclamation of something being “new,” “robust,” or “effective” does not suffice in the eyes of the European Court of Justice.
He asserted, “We would need changes in US surveillance law to make this work, and we simply don’t have it.” Mr. Schrems, renowned for his previous challenges against Facebook’s data storage practices and his pivotal role in the European Union’s top court decision affirming European privacy rights, remains steadfast in his stance against the framework’s adequacy.