What changes can the U.S. make to satisfy Schrems II’s requirements?
Latest in Schrems v. Data Protection Commissioner
The U.S. government has issued a white paper to help maintain the free and lawful flow of commercial and government data from the European Union to the United States after Schrems II.
The decision of the European Court of Justice in Schrems II is gobsmacking in its mix of judicial imperialism and Eurocentric hypocrisy.
There’s a lot going on in the privacy and data protection world. But one of the most pressing issues is the uncertain fate of Privacy Shield, the framework governing the flow of data between the EU and the U.S. for commercial purposes.
European hypocrisy on data protection is a lot like the weather. Everyone complains about it but no one does anything about it. Until today.
Over the past fifteen years, an uneasy trans-Atlantic equilibrium between U.S. law enforcement and security agencies’ collection of personal information, sometimes on a bulk basis, and European privacy protection imperatives has prevailed—even despite Edward Snowden's disclosures. Most notably, beginning in the immediate post-9/11 era, international agreements enabling U.S. access to Europeans’ airline passenger name records (PNR) and international bank transaction data were reached, and have been quietly functioning.
Essentially Equivalent: A Comparison of the Legal Orders for Privacy and Data Protection in the E.U. and U.S.
Sidley Austin has released Essentially Equivalent: A Comparison of the Legal Orders for Privacy and Data Protection in the European Union and United States. The report—authored by a transatlantic team of attorneys and addressed to senior European officials and policymakers—provides a substantive roadmap for the comparative analysis of United States and E.U.
U.S. and European Union data-regulators today reached a new legal framework that will govern the transfer of data across the Atlantic. The new agreement—called the E.U.-U.S. Privacy Shield—will replace the Safe Harbor agreement that was struck down by the European high court in October. That ruling, largely informed by news reports regarding U.S. surveillance practices, claimed that the United States did not adequately protect the privacy of Europeans. Even so, European and American negotiators appeared positive today that the new agreement will withstand court scrutiny.
In October, the European Court of Justice and its Advocate General struck down as unlawful the EU/US Safe Harbor, which since 2000 has been a major way that US-based businesses could comply with the relatively strict EU privacy laws. Concerns about the weak protections in the US surveillance system were a major basis for striking down the Safe Harbor.
Although it is a close call, the decision of the Court of Justice of the European Union (CJEU) in Schrems v. Data Protection Commissioner may turn out to be the most important consequence of the Snowden revelations. The CJEU invoked fears of NSA surveillance to strike down the safe harbor agreement that makes it easy for American companies to transfer personal information of Europeans to the United States.