:
EU-U.S. Data Privacy Framework Allows Continued Data Transfers
Background
Businesses can continue transferring data from the European Union to the U.S. as normal after the two superpowers this week agreed a landmark data-sharing pact.
Implications for U.S. Tech Giants
The framework, which replaces a previous agreement that was invalidated in 2020, is a major development with implications for U.S. tech giants, which rely on the pact to transfer data on their European users back to America.
Relief for U.S. Companies
Without it in place, these companies faced the risk of costly initiatives to process and store user data locally — or withdraw their business from the bloc altogether. So the agreement of the new rules will provide some relief to Meta and other U.S. companies which share gargantuan amounts of user data around the world.
Legal Challenges and Privacy Concerns
However, the rules already face the threat of legal challenges from privacy activists, who are unhappy with the level of protection the measures offer European citizens. They say it isn’t that different from an earlier framework called Privacy Shield.
What is the EU-U.S. Data Privacy Framework?
The new data-sharing pact, called the EU-U.S. Data Privacy Framework, aims to ensure that data can flow safely between the EU and U.S., without having to put in place additional data protection safeguards.
Why Was a New Data Transfer Agreement Needed?
The Data Privacy Framework replaces a prior agreement, called Privacy Shield, which allowed companies to share data on Europeans to the U.S. for storage and processing locally in their domestic data centers. This was struck down in July 2020, when the European Court of Justice, the EU’s top court, sided with Austrian privacy campaigner Max Schrems, who alleged U.S. law did not offer sufficient protection against surveillance by public authorities.
Why Does it Matter?
Multinational companies operate in various jurisdictions, and they need to move data on their customers across borders in a way that’s both secure and complies with data protection regulations.
Challenges and Potential Success
The approval of a new data privacy framework means that businesses will now have certainty over how they can process data across borders going forward. Still, obstacles lie ahead. Privacy activists and Max Schrems have already expressed concerns and plan to launch legal challenges against the new data-sharing pact.