The European Union has one New enough result Adoption of EU-US data protection framework. The decision provides that the US will ensure “an adequate level of protection – comparable to that of the EU” – for personal data transferred from the EU to US companies under the new framework.
The new EU-US data protection framework should primarily take into account the concerns recently expressed by the European Court of Justice. Among other things, access by US secret services to EU data should be limited to a “necessary and proportionate level”.
A new complaints court for EU citizens
The agreement also provides for the creation of a data protection review court to which EU citizens can turn. Among other things, users can now request the deletion of their data stored in the US in the event of breaches.
“The new EU-US data protection framework will ensure safe data transport for Europeans and provide legal certainty for companies on both sides of the Atlantic,” commented Ursula von Leyen, President of the EU Commission. “Following the agreement in principle I reached with President Biden last year, the United States has made unprecedented commitments to creating a new framework. Today we are taking an important step forward in giving citizens confidence in the security of their data, deepening our EU-US economic relationship, while strengthening our shared values. Working together By doing so, the framework shows that we can tackle more complex problems.
New Obligations for US Companies
According to the EU, US companies that join the EU-USA data protection framework automatically enter into far-reaching data protection obligations. Among other things, they must undertake to delete personal data once it is no longer required for the intended purpose. Additionally, companies must ensure data security even if they send data to third parties.
In addition, the responsible US authorities and the EU Commission, together with European data protection authorities, intend to continue to verify the operation of the new agreement in the future. The first survey is scheduled to take place in a year.
The new EU-US data protection framework is necessary because the ECJ annulled the old Privacy Shield Agreement after the case of data protection organization Nive. Its predecessor was also canceled after a complaint by Niob, or Austrian activist Max Schrems.
Strong criticism from privacy advocates
Loeb described what was the EU Commission’s third “attempt” to reach an agreement on data transfers between the EU and the US. Press release “As a broad copy of the Privacy Shield”. The data protection authorities announced that they would appeal again to the ECJ.
In particular, the key issue of unequal treatment of US citizens and non-US citizens is not addressed. “Contrary to what the European Commission claims, little will change in US law: the fundamental problem with FISA 702 has not been addressed by the USA, namely that only US persons have constitutional rights and should not be subject to unwarranted surveillance.”
“Amateur coffee fan. Travel guru. Subtly charming zombie maven. Incurable reader. Web fanatic.”
More Stories
Martin Schulz: “I want more courage for the United States of Europe”
US reports first case of H5N1 bird flu virus in pigs
Polestar fears US sales ban