U.S.-EU Data Transfer Deal Close to Finish Line - Articles

Articles

11Oct

U.S.-EU Data Transfer Deal Close to Finish Line

The President just signed an executive order on government surveillance that should pave the way to an operable trans-Atlantic data transfer deal with the European Union (EU) by spring 2023.

The prior deal, the U.S.-EU Privacy Shield, was struck down by a European court in March 2020 in the Schrems II case.

Insights and analytics companies that retained their self-certification, like through the Insights Association’s Privacy Shield program, should be able to transition quickly to the new data framework once it comes to fruition. The IA Privacy Shield Program is a benefit exclusive to company members and corporate research department members, since IA serves as an Independent Recourse Mechanism (IRM), a required component of the program.

The White House’s October 7, 2022 Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities directs “steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework (EU-U.S. DPF) announced by President Biden and European Commission President von der Leyen in March of 2022.” It aims to "restore an important legal basis for transatlantic data flows by addressing concerns that the Court of Justice of the European Union raised in striking down the prior EU-U.S. Privacy Shield framework as a valid data transfer mechanism under EU law."

Welcoming “significant improvements compared to the Privacy Shield,” the European Commission announced it would move to adopt an "adequacy decision" under the EU General Data Protection Regulation (GDPR) for the framework. As the Commission explained:

The adoption procedure for an adequacy decision consists of different steps: obtaining an opinion from the European Data Protection Board (EDPB) and the green light from a committee composed of representatives of the EU Member States. In addition, the European Parliament has a right of scrutiny over adequacy decisions. Only after that, the European Commission can adopt the final adequacy decision in relation to the US. From that moment on, data will be able to flow freely and safely between the EU and US companies certified by the Department of Commerce under the new framework. US companies will be able to join the framework by committing to comply with a detailed set of privacy obligations.

IAPP also shared an infographic in March mapping the process.

Nothing is yet set in stone, of course. Privacy Shield was struck down by the courts several years after the preceding Safe Harbor was similarly invalidated. As soon as the Biden Administration's executive order was announced, a leading EU activist group warned it was “likely still insufficient to protect Europeans’ privacy and personal data when it crosses the Atlantic.” Such activist groups probably are already preparing their new opposition briefs for court.

However, the Insights Association remains optimistic.

"IA members who have maintained their U.S. Privacy Shield enrollment throughout the last few chaotic years are looking forward to resolving the critical U.S.-EU concerns that invalidated the framework in 2020," commented Juliana Wood, IA Director of Certifications.

IA company and department members interested in Privacy Shield and the new EU-U.S. Data Privacy Framework should contact Juliana Wood.

This information is not intended and should not be construed as or substituted for legal advice. It is provided for informational purposes only. It is advisable to consult with private counsel on the precise scope and interpretation of any laws/regulation/legislation and their impact on your particular business.

About the Author

Howard Fienberg

Howard Fienberg

Based in Washington, DC, Howard is the Insights Association's lobbyist for the marketing research and data analytics industry, focusing primarily on consumer privacy and data security, the Telephone Consumer Protection Act (TCPA), tort reform, and the funding and integrity of the decennial Census and the American Community Survey (ACS). Howard has more than two decades of public policy experience. Before the Insights Association, he worked in Congress as senior legislative staffer for then-Representatives Christopher Cox (CA-48) and Cliff Stearns (FL-06). He also served more than four years with a science policy think tank, working to improve the understanding of scientific and social research and methodology among journalists and policymakers. Howard is also co-director of The Census Project, a 900+ member coalition in support of a fair and accurate Census and ACS. He has also served previously on the Board of Directors for the National Institute for Lobbying and Ethics and and the Association of Government Relations Professionals. Howard has an MA International Relations from the University of Essex in England and a BA Honors Political Studies from Trent University in Canada, and has obtained the Certified Association Executive (CAE), Professional Lobbying Certificate (PLC) and the Public Policy Certificate (PPC). When not running advocacy for the Insights Association, Howard enjoys hockey, NFL football, sci-fi and horror movies, playing with his dog, and spending time with family and friends.

Related

California Privacy Regulator Has More Draft CCPA-CPRA Regulations on Tap

California Privacy Regulator Has More Draft CCPA-CPRA Regulations on Tap

The California Privacy Protection Agency (CPPA) Board is proposing more draft regulations under the ...

Read More >
NTIA Considering Online Privacy Rules for Children

NTIA Considering Online Privacy Rules for Children

The U.S. National Telecommunications and Information Administration (NTIA), “working to promote a h...

Read More >
Data and Algorithm Transparency Agreement Act of 2023 - DATA Act - S. 688

Data and Algorithm Transparency Agreement Act of 2023 - DATA Act - S. 688

Sen. Rick Scott (R-FL) introduced the Data and Algorithm Transparency Agreement Act (DATA Act) (S. 6...

Read More >
California 2023 Legislative Update: Wins, Losses and New Laws

California 2023 Legislative Update: Wins, Losses and New Laws

The insights industry had wins and losses in 2023 in California, as legislators have tried to tackle...

Read More >
CFPB Data Broker Proposal Would Still Restrict Insights Industry

CFPB Data Broker Proposal Would Still Restrict Insights Industry

The Consumer Financial Protection Bureau (CFPB) continues to refine the agency’s extensive “data b...

Read More >
House Votes Against FY24 FTC Funding Cut but Still Hopes to Curtail Agency

House Votes Against FY24 FTC Funding Cut but Still Hopes to Curtail Agency

The U.S. House of Representatives voted to maintain proposed funding levels for the Federal Trade Co...

Read More >
Members only Article - Please login to view