Modern field guide to security and privacy

Opinion: Europe's privacy advocates should back off Privacy Shield

Privacy Shield is certainly not a solution for eternity. But it fills the current void for safeguarding data flows across the Atlantic and attempts to match European and American views on privacy.

Leonhard Foeger/Reuters/File
Max Schrems brought a lawsuit against Facebook that eventually led to the EU's highest court striking down the 15 year-old data-sharing pact known as Safe Harbor.

Many critics predicted the two-month-old data-sharing deal between the European Union and the US wouldn't survive the legal and policy challenges from privacy advocates.

It appears they might be right. And that's a troubling development for anyone involved in the modern digital economy.

On Wednesday, Europe's privacy watchdogs – the European Data Protection Authorities – issued a stinging critique of the data transfer pact known as Privacy Shield. The deal was meant to replace the 15-year-old agreement known as Safe Harbor that some 4,500 companies relied on to transfer Europeans' personal information across the Atlantic. 

Despite many new protections as part of Privacy Shield, such as a privacy ombudsman and additional mechanisms for Europeans to file privacy grievances, the Data Protection Authorities, or DPA, want even more protections and assurances that US intelligence agencies aren't indiscriminately scooping up mass amounts of Europeans' information.

But attacking Privacy Shield at its outset, and potentially dooming the agreement to future legal wrangling, only penalizes the companies that provide the backbone for economic growth in Europe and the US, and unfairly casts the US as a desert for civil liberties. Additionally, the notion that the DPAs want any new data-sharing deal reevaluated every two years would put undue burden on small and medium-sized enterprises that can't afford to adapt to changing legal frameworks for transatlantic trade.

Over the past year, the US has enacted surveillance reforms and gave Europeans the right to legal redress in US courts over data privacy issues with the Judicial Redress Act even as European governments are more dependent than ever on the intelligence gathering capabilities of US spy agencies. After all, privacy reforms took place as the threat level in Europe skyrocketed with the influence of the Islamic State rising in its cities and radicals committing horrible acts of terrorism in Paris and Brussels.

Now, even the data privacy-loving Germans are reconsidering their stance on information gathering. According to a DeutschlandTrend poll, 77 percent of Germans feel that security measures should be increased permanently after the Brussels attacks. This is a moment where Europe needs faster, broader, and more advance information sharing, not more harping over individuals' privacy concerns.

Privacy Shield is certainly not a solution for eternity. But it fills the current void for safeguarding data flows across the Atlantic. Privacy advocates may attack it and Max Schrems, whose original data privacy case against Facebook led to the end of Safe Harbor, are plotting additional legal challenges to Privacy Shield, but the current deal attempts to match European and American views on privacy.

Even though the DPA's comments aren't binding, hopefully they won't stymie the European Commission's willingness to adopt the data-sharing plan so it can be in place by the target implementation date of June. If it doesn't act, nearly $1 trillion in transatlantic trade will be put in jeopardy.

Sudha David-Wilp is a German Marshall Fund senior transatlantic fellow and deputy director of its Berlin office. Follow her on Twitter @SudhaDavidWilp.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.