Archive | February, 2016

An EU-US Privacy Shield?

Last October the EU-US “Safe Harbour” agreement was canceled by the European Court of Justice. This agreement was created to ensure that European personal data was to be treated with care when handled by US companies. But the ECJ found that the agreement did not meet the requirements of the Data Protection Directive, because of NSA access.

ArsTechnica then reported…

“The most significant repercussion of this ruling is that American companies, such as Facebook, Google, and Twitter, may not be allowed to send user data from Europe back to the US.”

Link: Europe’s highest court strikes down Safe Harbour data sharing between EU and US »

Today the media has reported that a new agreement has been reached: The EU-US Privacy Shield.

Such an agreement has been a top political priority for the EU as well as the US — as the respective administrations have not wanted data protection to get in the way of business as usual.

But is there a real agreement? Not really. All there is, is a “framework agreement”, basically saying that the EU and the US agree to agree at some point.

Today ArsTechnica writes…

“What that means in practice is that the Commission has negotiated some breathing space to strike a deal with the US.”

“The US has clarified that they do not carry out indiscriminate mass surveillance of European citizens,” EU Commissioner Andrus Ansip has declared. No further details on this, though…

Link: Last gasp Safe Harbour “political deal” struck between Europe and US »

Apparently the EU and the US have no such thing as an actual deal to show. But there is a lot of hot air coming out of Brussels and Washington.

Earlier today, before the news about an “framework agreement” from Brussels, ArsTechnica had an interview with Max Schrems, the Austrian law student who took this case to court to begin with.

“On the subject of any potential new agreement, he argues it would be no better, and that a sector-specific approach to EU-US data transfers would be preferable. “If this case goes back to the ECJ [European Court of Justice]—which it very likely will do, if there is a new safe harbour that does not meet the test of the court—then it will fail again, and nobody wants that,” he says.”

Link: Why Safe Harbor 2.0 will lose again »

Apart from the EU and the US having agreed to agree — everyone seems to be just as much in the dark as before. (There is also the hidden agenda of mass surveillance and intelligence cooperation that led to the end of “safe harbour” in the first place, to be taken into consideration.)

I suppose the new agreement, when it is finalized, will end up in the European Parliament for final approval. Then, if not before, we should know. And it is encouraging that the Parliament has been very vigilant concerning EU-US data protection issues in the past.

/ HAX

0