The U.S.-EU Privacy Shield framework, the agreement between the U.S. government and the European Commission that enables continued flows of commercial data from Europe to the United States, is undergoing its first annual review by the Commission and other European institutions. A report on their review is due in September. In the longer term, the Privacy Shield faces potential legal challenges in the Court of Justice of the European Union. [Disclosure: I have advised legal clients on the Privacy Shield and legal challenges.]
Latest in EU-US Privacy Shield
Yesterday’s Executive Order on “Enhancing Public Safety in the Interior of the United States” triggered alarm among privacy advocates in the U.S. and EU about the continued viability of the economically important Privacy Shield agreement.
Digital commerce across the Atlantic is highly dependent on the free flow of data. And that, in turn, is dependent on the existence of roughly equivalent privacy protections on both sides of the Atlantic that provide legal, and practical, comfort to Europeans and Americans about the security and privacy of their personal information.
As the new administration takes office this week, we will start to see just how literally to take Donald Trump's pronouncements and the promised targeting of his predecessor’s executive orders for immediate destruction. Trade policy appointments signal that statements about being aggressive against barriers to trade should be taken very literally. Wilbur Ross, the prospective Commerce Secretary; Peter Navarro, tapped to lead a new Trade Council on the White House staff; and Robert Lighthizer, designated U.S.
The podcast is back with a bang from its hiatus. Our guest, Scott DePasquale, is the CEO of Utilidata, an electric utility IoT and cybersecurity company. Scott talks about his contribution to the Internet Security Alliance’s upcoming book, The Cyber Security Social Contract.
This week’s news roundup is dominated by the Ninth Circuit and the European Union. The EU parliament has approved the Privacy Shield that replaces the Safe Harbor. Michael Vatis, Alan Cohn and I ask whether companies should seek protection under what may prove to be a pretty leaky Shield.
Over the past fifteen years, an uneasy trans-Atlantic equilibrium between U.S. law enforcement and security agencies’ collection of personal information, sometimes on a bulk basis, and European privacy protection imperatives has prevailed—even despite Edward Snowden's disclosures. Most notably, beginning in the immediate post-9/11 era, international agreements enabling U.S. access to Europeans’ airline passenger name records (PNR) and international bank transaction data were reached, and have been quietly functioning.
Does the FISA court perform a recognizably judicial function when it reviews 702 minimization procedures for compliance with the Fourth amendment? Our guest for episode 115 is Orin Kerr, GWU professor and all-round computer crime guru.
EU data protection authorities, the Article 29 Working Party (WP), have issued a comprehensive analysis of the proposed EU-US data transfer agreement. Privacy Shield, as it’s known, would replace the Safe Harbor agreement struck down by the Court of Justice of the European Union (CJEU) in Schrems. Since the CJEU in Schrems relied heavily on the WP’s earlier critical assessment of Safe Harbor, the WP’s take on Privacy Shield has been eager anticipated.
If the devil is in the details, then the announcement early Monday of the inner workings of the new US-EU data-transfer agreement, Privacy Shield, may lack the granularity the deal needs to flourish. There is much to applaud in the new agreement, including extraordinary transparency from the US and a new safeguard to address EU privacy complaints in the form of a State Department Ombudsperson.