Skip to footer
Passcode
Modern field guide to security and privacy

What to expect from Privacy Shield

While details of the new transatlantic data transfer pact known as Privacy Shield aren't expected until Monday, EU Ambassador David O’Sullivan told Passcode it contains the fundamentals to enhance privacy safeguards for Europeans.

|
Michael Bonfigli /The Christian Science Monitor
EU Ambassador David O'Sullivan (r.) spoke with Passcode on Feb. 26 about the tentative data transfer agreement known as Privacy Shield

After months of intense negotiations to craft a replacement for the transatlantic data transfer pact known as Safe Harbor, European Union officials are expected to release details of a replacement agreement Monday.

While the new version of Safe Harbor – known as Privacy Shield – will likely face intense scrutiny from privacy advocates and legal experts on both sides of the Atlantic, the EU ambassador to the US says he's confident the deal will contain the fundamentals needed to enhance privacy safeguards for Europeans.

"This hopefully gives us a very solid platform for protecting data sharing between the US and the EU," said Ambassador David O’Sullivan at an event hosted by Passcode in Washington on Friday. "This builds on the Safe Harbor. The basic principle is still the same."

In October, the EU's highest court struck down the 15 year-old Safe Harbor agreement that allowed US firms to certify they abided by EU laws for data transfers. The court's decision resulted from a case brought by Austrian privacy activist Max Schrems who argued Safe Harbor was no longer adequate due to US intelligence agencies' practices.

Earlier this month, EU officials announced several of the key components of the new agreement to replace Safe Harbor that the European Commission said "will provide stronger obligations on companies in the US to protect the personal data of Europeans."

For instance, said Ambassador O'Sullivan, the new framework will make it easier for Europeans to file complaints about potential privacy violations, ensures that regulators review the data transfer pact annually, and calls for the creation of a privacy ombudsperson.

"We’ve got a much clearer structure of complaint management," O’Sullivan said. "We’re able to be much more clear about how complaints can be managed by citizens themselves."

What's more, he said, Privacy Shield will allow EU citizens to lodge privacy complaints with companies directly, and failing that, seek out the EU Fair Trade Commission or an arbitration mechanism.

Earlier this week, the US enacted another mechanism to manage complaints, as President Obama signed the Judicial Redress Act. The law gives European citizens the right to sue if they feel their data has been misused by US law enforcement.

Monday's expected release of Privacy Shield will just be the beginning of the bureaucratic process of actually implementing the new data transfer agreement. National data protection authorities in Europe, the EU Parliament, and member states will have an opportunity to weigh in before the deal is finalized. 

Privacy advocates, including Mr. Schrems, may also mount legal challenges to Privacy Shield, said Amie Stepanovich, US policy manager at Access Now, who also participated in Friday's event. 

"Privacy Shield will inevitably face legal challenges. It's likely to be invalidated in the European courts unless the US makes legislative changes," said Ms. Stepanovich, who said that the pact may not be enough to safeguard European data without additional spy agency reforms in the US.

"We're disappointed that there isn't the surveillance reform needed to make Privacy Shield lasting," she said. With the current deal, she said, "the only thing we're agreeing on internationally is that governments are going to invade privacy."

Still, others on Friday's panel said the new pact was essential for ensuring some regularity when it comes to the movement of data across borders, which is vital for the biggest tech companies and also small and medium sized businesses.

"This isn't just a concern for tech companies or US companies. It's a global business and innovation concern," said panelist Josh Kallmer, senior vice president of Global Policy at Information Technology Industry Council, a trade association.

"Small businesses want to innovate and expand," he said. "Without certainty they're not likely to take risks."

Privacy Shield certainly won't end the ongoing debates over digital privacy matters in Europe, where the Edward Snowden disclosures sparked widespread backlash against both the US government and American tech companies over US surveillance practices.

Panelists Bruce Heiman, a partner at the law firm K&L Gates, which hosted Friday's panel discussion, said the European court's decision to invalidate Safe Harbor was a "political decision" aimed at the US government. And, unfortunately, "US companies were roadkill."

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to What to expect from Privacy Shield
Read this article in
https://www.csmonitor.com/World/Passcode/2016/0226/What-to-expect-from-Privacy-Shield
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe