The new trans-Atlantic data agreement puts E.U. priorities first

For the third time in seven years, Washington and Brussels have shaken hands on a deal to keep customer data flowing—and to keep a certain American social network afloat—across the Atlantic.

The new Trans-Atlantic Data Privacy Framework’s provisions for E.U. individuals to seek redress against overreaching U.S. intelligence collection may or may not survive court scrutiny in Europe. But this much about the arrangement seems clear: Once again, U.S. inaction on privacy has let E.U. priorities take precedent. Americans still stand to gain privacy upgrades—for example, lower odds of having their data swept up unintentionally in an intelligence agency’s search of overseas communications—but any handwritten thank-you cards will need to be sent with international postage.

The U.S. and the E.U. inked the deal, announced Friday by the White House and the European Commission, to solve a problem that’s been festering for U.S. firms—Facebook foremost—since Edward Snowden revealed the National Security Agency’s post-9/11 bulk collection of communications data.

Those disclosures of sweeping online surveillance programs led Austrian privacy activist Maximillian Schrems to file a complaint with regulators alleging that international “Safe Harbor” data-transfer policies left his Facebook data exposed to the NSA without adequate recourse. After multiple appeals, the Court of Justice of the European Union agreed, scuttling Safe Harbor in an October 2015 ruling.

The U.S. and the E.U. tried again with a 2016 arrangement called Privacy Shield—but Schrems sued and won again, with the CJEU ruling in July of 2020 that this newer deal still yielded insufficient protection for Europeans’ data.

That “Schrems II” sequel suit has now yielded the framework announced Friday. A White House outline breaks down the major provisions:..

Read The Full Article at Fast Company