EU-US Privacy Shield

Latest in EU-US Privacy Shield


Needles in Haystacks: The Coming Threat to Trans-Atlantic Data Transfer Agreements

Over the past fifteen years, an uneasy trans-Atlantic equilibrium between U.S. law enforcement and security agencies’ collection of personal information, sometimes on a bulk basis, and European privacy protection imperatives has prevailed—even despite Edward Snowden's disclosures. Most notably, beginning in the immediate post-9/11 era, international agreements enabling U.S. access to Europeans’ airline passenger name records (PNR) and international bank transaction data were reached, and have been quietly functioning.


Transatlantic Setback or Invitation to Dialogue?: EU Data Regulators’ Verdict on Privacy Shield

EU data protection authorities, the Article 29 Working Party (WP), have issued a comprehensive analysis of the proposed EU-US data transfer agreement. Privacy Shield, as it’s known, would replace the Safe Harbor agreement struck down by the Court of Justice of the European Union (CJEU) in Schrems. Since the CJEU in Schrems relied heavily on the WP’s earlier critical assessment of Safe Harbor, the WP’s take on Privacy Shield has been eager anticipated.


Privacy Shield’s Prospects: The Good, the Bad, and the Ugly

If the devil is in the details, then the announcement early Monday of the inner workings of the new US-EU data-transfer agreement, Privacy Shield, may lack the granularity the deal needs to flourish. There is much to applaud in the new agreement, including extraordinary transparency from the US and a new safeguard to address EU privacy complaints in the form of a State Department Ombudsperson.


Cracks in the Ice: US-EU Privacy Relations Start to Thaw

In the years since Edward Snowden claimed that U.S. intelligence agencies were tapping into Europeans’ personal data flowing to the United States through undersea cables, an icy distrust has prevailed between Washington and Brussels on the subject of privacy and security. Tensions reached a new high last fall, when the European Court of Justice (ECJ) invalidated the principal legal mechanism for trans-Atlantic data flows, the U.S.-EU Safe Harbor Framework on protecting personal information in the commercial context.


EU Commission Press Release on New EU-US Privacy Shield

U.S. and European Union data-regulators today reached a new legal framework that will govern the transfer of data across the Atlantic. The new agreement—called the E.U.-U.S. Privacy Shield—will replace the Safe Harbor agreement that was struck down by the European high court in October. That ruling, largely informed by news reports regarding U.S. surveillance practices, claimed that the United States did not adequately protect the privacy of Europeans. Even so, European and American negotiators appeared positive today that the new agreement will withstand court scrutiny.


Subscribe to Lawfare