Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Recently confirmed U.S. Commerce Secretary Wilbur Ross may be faced with the task of bolstering confidence in an important European Union-U.S. cross border data transfer program, privacy attorneys told Bloomberg BNA March 1.
Although Ross has other priorities on his plate, including North American Free Trade Agreement (NAFTA) reform, he can expect, at some point this year, to deal with EU-U.S. Privacy Shield data transfer program issues. Over a thousand U.S. companies certified in the program, as well as tens of thousands of EU companies that work with them, rely on the program to legally transfer personal data out of the EU. Some in the EU are concerned that President Donald Trump may take action to undercut the program’s privacy guarantees, and it may fall to Ross to calm those fears.
Ross should be up to the task, Brian Hengesbaugh, former special counsel to the general counsel at Commerce and part of the core team that negotiated the U.S.-EU Safe Harbor data transfer pact that preceded the Privacy Shield, told Bloomberg BNA March 1. He “will have a strong grasp of the importance of Privacy Shield for the U.S. and the global digital economy,” Hengesbaugh, now a privacy and data protection partner at Baker McKenzie in Chicago, said.
Jeewon Kim Serrato, counsel at Shearman & Sterling LLP and co-head of the firm’s global privacy and data protection group, told Bloomberg BNA March 1 that Ross and the Trump administration will need to balance U.S. national security interests with EU citizens’ "rights to privacy and data protection” to make sure the Privacy Shield remains intact.
Hengesbaugh said Ross’ background as “a successful investor and business leader” will invariably lead him to start with trade reforms such as NAFTA, but he will inevitably have to face Privacy Shield issues head-on. Ross, a private equity investor, is worth $3 billion, Bloomberg data show.
Companies shouldn’t worry that a lack of completed, lower-level political appointments may negatively affect Commerce’s administration of the Privacy Shield, Hengesbaugh said. The Privacy Shield process predates Ross at Commerce, so there won’t be “much differentiation” in how different staffs handle the data transfer program, he said.
Commerce didn’t immediately respond to Bloomberg BNA’s email request for comment.
The Privacy Shield allows U.S. companies that self-certify their compliance with EU-approved privacy and security principles with Commerce to legally transfer personal data from the EU to the U.S. It provides critical support for the more than $260 billion in trade in services between the U.S. and EU, according to the Obama administration’s Jan. 4 exit memo on Commerce. The Privacy Shield replaced the Safe Harbor framework, which was invalidated, in part, due to fears that it was inadequate to protect EU personal data sent to the U.S. from widespread government access.
Ross said during a Jan. 18 confirmation hearing that he remains committed to the Privacy Shield, but “there will be a tension between privacy on one hand and problems of localization and data and the implications that they have for the internet as we go forward.”
The Privacy Shield’s first annual review set for this summer will be an early test for Ross to see how “businesses, the U.S. Department of Commerce and the European data protection authorities” have lived up to expectations under the cross-border data transfer program, Serrato said. Ross will need to reach out to EU privacy regulators to ensure “that the data collection practices by U.S. intelligence agencies and businesses meet the requirements for providing adequate protections” for EU citizens, she said.
Earlier, Trump’s immigration executive order asserted limitations on the ability to extend the Privacy Act, which allows individuals to sue the government over alleged misuse of their personal data, to non-U.S. citizens. The Privacy Shield depends, in part, on amendments to the Privacy Act that allow the Department of Justice to designate that citizens from countries or groups of countries, such as the EU, may also sue under the law.
The immigration order has been stayed by federal courts, and officials on both sides of the Atlantic have promised that it doesn’t affect the Privacy Shield. Trump is expected to release a new version of the immigration order soon, but it is unknown if it will include language similar to the initial order.
In the meantime, the U.S. Department of Justice has assured the European Commission, the EU’s executive arm, that Trump’s executive orders won’t affect EU citizen redress rights under U.S. laws, Hengesbaugh said. That should signal to companies that the “Privacy Shield will remain in place and operating as currently structured for the foreseeable future,” he said.
To contact the reporter on this story: Daniel R. Stoller in Washington at dStoller@bna.com
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)