On Tuesday, the US and European negotiators finally agreed to a data pact that should prevent regulators of the European Union from restricting data transfer by internet companies such as Amazon and Google across the Atlantic. The United States and the European Union had been racing to come up with a replacement for the Safe Harbour framework, which was outlawed last year by a top EU court over concerns regarding mass surveillance by the US. This had left thousands of US-based companies in a legal limbo as they didn’t know how to proceed. Political approval is still required for the pact, but its announcement coincided with two-day talks in Brussel.
The data protection authorities in Europe had been poised to put a stop to data transfers in these talks until a deal was made. According to the European Commission, stronger obligations would be imposed on US companies with the new Privacy Shield for protecting the personal data of European citizens and ensuring stronger enforcement and monitoring by US agencies. Andrus Ansip, the Vice President of the Commission said that they had received written assurances from the United States for the first time about the limitations and safeguards pertaining to US surveillance programs.
He added that as far as the commercial aspect was concerned, the Federal Trade Commission and US Department of Commerce had provided strong oversight about the compliance of companies with their obligations for protecting the personal data of the EU. In the State Department, an ombudsman will be created by the United States for dealing with enquiries and complaints received from the data protection agencies of the European Union. An alternative mechanism for dispute resolution will also be put in place for resolving any grievances and the accord will be subjected to a joint annual review. The system will also be policed by the European data protection authorities along with the Federal Trade Commission.
Various lobbying groups including the Paris-based International Chamber of Commerce and others such as BusinessEurope, DigitalEurope, BSA The Software Alliance and The Information Technology Industry Council gave a thumbs up to the accord. General Markus Beyrer, the BusinessEurope director said that the most important data flow in the world is between the US and EU and this agreement provides a reliable framework for transferring data internationally. However, the agreement was deemed as flawed by an umbrella group of digital civil rights bodies called European Digital Rights.
Joe McNamee, the Executive Director said that the announcement only meant that businesses on both sides of the Atlantic were simply facing an extended period of uncertainty while they waited for this new pact to fail. For 15 years, Safe Harbour had allowed nearly 4000 companies to avoid the cumbersome rules of data transfers in the EU by asserting that they were in compliance with the data protection law. Numerous industries make use of cross-border data transfers for sharing employee information, conducting e-commerce, credit card or travel transactions and for implementing target advertising based on the preferences of their customers.