Commission formally adopts the EU-US Privacy Shield

2016-09-19T13:14:00+01:00

Following the reservations in the opinion from the Article 29 Working Party (WP29) on 13 April 2016 and a resolution of the European Parliament demanding further negotiation on 26 May 2016, the Commission formally adopted the Privacy Shield on 12 July 2016. The formal adoption comes after a positive vote on the Privacy Shield from the article 31 Committee on 8 July 2016. This will enter into force immediately.

The article 31 committee held a number of additional meetings in June 2016 to further understand the implications of the Privacy Shield and whilst a qualified majority of Member States voted to approve the final text, representatives from Austria, Croatia, Slovenia and Bulgaria abstained from voting, having previously raised concerns that the Privacy Shield does not go far enough to protect their citizens’ rights.

Indeed Commissioner Ansip stated “We have approved the new EU-U.S. Privacy Shield today. It will protect the personal data of our people and provide clarity for businesses. We have worked hard with all our partners in Europe and in the US to get this deal right and to have it done as soon as possible. Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions”.

Until October last year, organisations could transfer personal data to the US under the EU-US Safe Harbor scheme which allowed for self-certification as a proof of compliance with European data protection standards. However, in October 2015 the CJEU found the scheme invalid as it failed to protect EU citizens’ data from mass surveillance by the US government and therefore violated the right to privacy.

Since the October ruling, the Commission has been negotiating with the US on a new framework for data transfers to the US known as the Privacy Shield. The negotiation process has not been smooth and the constant moving deadline for an agreement, has left companies in limbo for some time.

The Privacy Shield imposes inter alia:

stronger obligations on companies handling data;
safeguards and more transparency in relation to US government access to EU citizens’ data;
tightened conditions for onward transfer of data; and
effective protection of European citizen’s rights including the right of redress.

TechUK, which represents 900 firms in the UK, described Privacy Shield as a “restoring a stable legal footing”. “The coming months will see much discussion on future options for the UK’s data environment in a post-Brexit world, today’s agreement underlines the importance of data flows to transatlantic trade,” said Charlotte Holloway, the group’s associate director of policy. “We urge policymakers to continue to keep front of mind that data and trade go hand in hand in today’s global economy.”

However, criticisms of the Privacy Shield still linger as is shown by the following statement of Joe McNamee, Executive Director of European Digital Rights: “Sadly, for both privacy and for business, this agreement helps nobody at all. We now have to wait until the Court again rules that the deal is illegal and then, maybe, the EU and US can negotiate a credible arrangement that actually respects the law, engenders trust and protects our fundamental rights”

Topics

Brexit

News
European Parliament Resolution on the assessment of the implementation of Article 50 TEU (Withdrawal of a Member State)
2022-03-01T11:24:00Z
On 16 February, the European Parliament approved a resolution on the assessment of the implementation of Article 50 TEU
News
EU and UK Parliaments announce their delegation members to the EU-UK Parliamentary Partnership Assembly
2022-02-01T15:48:00Z
The EU and UK Parliaments announced their delegation members to the EU-UK Parliamentary Partnership Assembly (PPA). The PPA is set up under Article 11 of the EU-UK Trade and Cooperation Agreement (TCA). It is composed of 70 representatives from the UK and EU Parliaments. Its role is to provide a ...
News
One year post-Brexit: where are we now?
2021-12-20T15:07:00Z
As 2021 draws to a close, this article reflects on Brexit developments between the UK and EU across the year with a particular focus on the Northern Ireland Protocol negotiations and the recent establishment of the EU-UK Joint Parliamentary Assembly. For both areas, this article reviews what has happened in ...

More Latest news

News
Case Law Digest May 2022
2022-05-18T15:59:00Z
In this edition of the Case Law Digest, we take a look at the recent decisions made from the Court of Justice of the European Union from April to May 2022. These cases cover the de-referencing of allegedly inaccurate content, approximation of laws, air transport and unfair terms in consumer ...
News
Ukraine: Is a chemical or biological attack likely?
2022-05-11T16:53:00Z
Exploring key questions about chemical and biological weapons as, although large-scale use in Ukraine appears unlikely, concerns remain about targeted attacks.
News
The ICC launches an investigation into Russia’s invasion of Ukraine
2022-05-10T12:54:00Z
The International Criminal Court has now launched an investigation into Russia’s invasion of Ukraine. However, neither Ukraine nor Russia are State Parties to the Court’s Treaty, calling into question the jurisdiction of the Court.

Commission formally adopts the EU-US Privacy Shield

Topics

Related articles

European Parliament Resolution on the assessment of the implementation of Article 50 TEU (Withdrawal of a Member State)

EU and UK Parliaments announce their delegation members to the EU-UK Parliamentary Partnership Assembly

One year post-Brexit: where are we now?

More Latest news

Case Law Digest May 2022

Ukraine: Is a chemical or biological attack likely?

The ICC launches an investigation into Russia’s invasion of Ukraine