Joe Biden signs a decree for a new framework in the transfer between the EU and the United States

This is a file that has dragged on for years and could finally speed up. US President Joe Biden signed an executive order on Friday that allows progress in the implementation of a new framework for the transfer of personal data from the European Union to the United States, crucial for the digital economy. Washington and Brussels had reached an agreement in principle on this issue in March, previous versions having been challenged by the Court of Justice of the European Union (CJEU) due to fears about US surveillance programs.

The signing of the decree by the US president will allow the European Commission to start its own ratification process, which should take several months. “This is the culmination of our joint efforts to restore trust and stability to transatlantic data flows,” US Commerce Secretary Gina Raimondo said during a briefing with reporters.

Guarantee confidentiality

The text reinforces the measures aimed at guaranteeing confidentiality and the protection of civil liberties in US surveillance programs that target data collected in Europe and transferred or hosted across the Atlantic.

It also creates an independent and binding mechanism for people in eligible states to seek redress if they believe their personal data has been illegally collected by US intelligence. This mechanism provides for two levels of appeal, one with an officer in charge of the protection of civil liberties in the direction of US intelligence, the other with an independent court formed by the Department of Justice. “These commitments fully respond to the Schrems II decision of the European Court of Justice and will cover transfers of personal data to the United States under EU law,” said Gina Raimondo.

In July 2020, the Court considered that the “Privacy Shield”, used by 5,000 US companies, including giants such as Google or Amazon, did not protect possible “interference with the fundamental rights of the people whose data is transferred”.

complaint against facebook

The case was opened by a complaint against Facebook by Max Schrems, a figure in the fight for data protection, already at the origin of the 2015 ruling on the predecessor of “Privacy Shield”, “Safe Harbor”.

It is possible that the new version could be questioned again, US administration officials acknowledged during the briefing. But it was designed to comply with the previous reservations of European justice, they assured.

The CJEU’s decision had plunged companies operating in the EU that transfer or host data to the other side of the Atlantic into legal uncertainty. Since then, they have resorted to alternative solutions, with a more uncertain legality, to continue with these transfers, waiting for a more solid and sustainable system.

Leave a Reply

Your email address will not be published. Required fields are marked *