Transatlantic Data Agreement

Kewley said the result could be that more customer data remains stored in Europe, which happened after the safe harbor was cancelled. The European Court of Justice`s Schrems II decision last month led to the invalidation of the Privacy Shield, impacting the $7.1 trillion data transmission relationship between the United States and the European Union. More than 5,300 companies, including tech giants Google, Facebook, Amazon and Twitter, have fallen back, at least in part, on the privacy shield framework for transatlantic data transfers. The United States and the European Union have begun discussions to determine whether a new and improved Privacy Shield could be viable, and the private sector has called for a new framework to ensure the smooth flow of data across the Atlantic. But a new deal must emerge from a historically fragile relationship when it comes to transferring personal data. Privacy Shield`s predecessor, the Safe Harbor Agreement, was invalidated in 2015 for similar reasons, with regard to data protection rights that are threatened by US surveillance authorities. This ongoing struggle between EU citizens` data protection rights and US national security policy reveals a fundamental gap between the two economies. Thomas Boué, a wonk politician with the influential technology lobby BSA | Software Alliance said the invalidation of the Privacy Shield « eliminates one of the most flexible and trustworthy compliance mechanisms widely used by SMBs for transatlantic transactions. » The ECJ ruling may also have an impact on other negotiations. South Korea is currently discussing with the European Union its data protection adequacy after making changes to better protect personal data. Provisional EU authorisations are expected to be published this summer. At a summit between South Korea and the European Union on June 30, it was found that South Korea had made « significant progress. » The Commission should be more reluctant to make adequacy decisions in the future, following the absence of Safe Harbor and Privacy Shield.

This could make negotiations between Britain and South Korea more difficult. However, if expectations are too high, it is mainly developing countries that will be forced to abandon attempts to enter the EU digital market, especially if the ECJ refuses to take into account the political context. It is not realistic to think that every country will adopt all EU standards. Why it matters: Big global tech companies like Facebook, Google and Microsoft send materials containing user data across the Atlantic every day. This decision complicates the future of this situation and sends the message that Europe does not accept the way in which the data of its citizens is processed on the side of the States. « We will ensure that our advertisers, customers and partners can continue to use Facebook services while keeping their data secure and protected, » Eva Nagle, associate general counsel at Facebook, said in a statement. So far, both sides have adopted conciliatory tones. A senior U.S. official told POLITICO this week that Washington was ready to reconsider EU data privacy if the Privacy Shield was removed. And Didier Reynders, the European Commissioner for Data Protection, said after the verdict that he would discuss it with American colleagues to find a new agreement. The effects of the ECJ ruling will also affect other countries.

The CDC ruling indicates that there is potential for implementation on a global scale, with specific repercussions for certain countries. For example, China is known to regularly violate internet freedom rights. The data flows between the European Union and China are considerable: the European Union exports 200 billion euros of data per year to China. By imposing the need for substantially equal protection, the transfer of data with China could be threatened. . . .