Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Dec. 1 —The European Union will watch carefully for any signs that the administration of U.S. President-elect Donald Trump might backslide on EU-U.S. Privacy Shield data transfer pact requirements, EU officials said Dec. 1.
But EU and U.S. officials played down fears companies might have about the continued legal viability of trans-Atlantic data transfers under the program.
EU Justice Commissioner Vera Jourova said the European Commission, the EU's executive arm, would “closely monitor the respect of protection standards and the correct implementation” of Privacy Shield “under the new U.S. leadership.”
The viability of Privacy Shield under Trump has been brought into question because the transfer mechanism is predicated on respect for EU privacy rights when personal data of EU citizens is transferred to the U.S. for commercial purposes. During the U.S. presidential campaign, Trump made statements that some in the EU interpreted to mean that such privacy rights might be disregarded.
Chris Connolly, director of the information technology consulting company Galexia Pty Ltd, said that, in particular, Trump has promised to cancel the Trans-Pacific Partnership trade agreement, which includes data protection commitments and that he was in favor of law enforcement profiling on the basis of ethnicity or religious group affiliation.
But Adina-Ioana Valean, a center-right Romanian member of the European Parliament, said at the same conference that during the U.S. presidential campaign “a lot of things were said,” and “we should sit and wait for the next move and then we can judge” the impact of the Trump administration on data flows.
Jourova, Connolly and Valean spoke at the European Data Protection and Privacy Conference in Brussels.
The Privacy Shield is a data protection program under which U.S. companies can self-certify that their privacy practices are in line with European Union privacy standards. Participating companies can use this certification to legitimize their transfers of the personal data of EU citizens to the U.S. and other companies, including those in the EU, can point to the certification to allow transfers to those companies.
Certification under Privacy Shield became possible Aug. 1. Shannon Coe, head of international data transfers in the U.S. Department of Commerce, also speaking at the Brussels conference, said that more than 1,800 companies had submitted self-certifications, and about 1,000 of these had been processed and listed on the Privacy Shield website.
Coe said the high level of interest in Privacy Shield was “revealing about the importance of our trans-Atlantic data flows,” and companies should “keep calm and carry on” as the Trump administration takes office.
Privacy Shield was agreed to by the EU and U.S. after the EU's top court in 2015 invalidated Privacy Shield's predecessor, the U.S.-EU Safe Harbor program, on the basis that it didn't offer an adequate level of privacy and hadn't been sufficiently monitored by the European Commission.
Bruno Gencarelli, head of the data protection unit within the commission's Justice Directorate and one of the lead Privacy Shield negotiators, told Bloomberg BNA Dec. 1 that one consequence of the court ruling was that Privacy Shield would be monitored “in a much more dynamic way” than had the Safe Harbor.
The Privacy Shield contains provisions on protection of data in commercial contexts and checks on government access to data that is transferred to the U.S. Gencarelli said that if monitoring by the commission “would reveal that these mechanisms are not functioning, that would put in question the arrangement.”
The Privacy Shield requires the commission to carry out an annual review of the functioning of the mechanism, with the first review to be completed in summer or fall 2017.
Under Privacy Shield the U.S. administration must “do a number of things,” such as ensure redress for EU citizens in cases of privacy breaches, and “the practice will tell us if the U.S. is complying or not with its commitments, Gencarelli said.
He added that Privacy Shield received bipartisan support in the U.S. and “we should not assume that the situation will change to an extent that will put those arrangements in danger.”
Gencarelli also said the commission would issue a strategy paper in January on the range of mechanisms that companies can use to transfer the personal data of EU citizens outside the bloc, and how these mechanisms could be built on to create a more encompassing framework for transfers.
Gencarelli said “we have a diversified toolkit in terms of transfers,” including Privacy Shield, adequacy decisions that recognize as effective the data protection regimes of non-EU countries, and mechanisms used by companies, such as binding corporate rules.
“We need now to use those tools and see how these tools can be adapted to a diversified world,” Gencarelli said.
To contact the reporter on this story: Stephen Gardner in Brussels at firstname.lastname@example.org
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)