EU Privacy Official Will Monitor U.S. Surveillance

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

The European Union-U.S. Privacy Shield data transfer framework is proof that it is possible to “bridge the differences” between different privacy laws, EU Justice Commissioner Vera Jourova said March 31.

However, Jourova said she still has concerns about U.S. government surveillance and the day-to-day enforcement of the privacy protections under the Privacy Shield program. A joint EU-U.S. review of the framework in September will ensure that it continues to be enforced properly, she said at a Center for Strategic International Studies event.

The Privacy Shield, which is administered by the U.S. Department of Commerce, allows companies that self-declare their compliance with EU-approved privacy and security principles to transfer personal data from the EU to the U.S. Over 1,800 U.S. companies have registered for the program, including Microsoft Corp., Facebook Inc. and Alphabet Inc.'s Google.

Jourova traveled to Washington and met with Commerce Secretary Wilbur Ross, seeking assurances that President Donald Trump’s administration will honor the Privacy Shield commitments made under former President Barack Obama. After meeting Ross, Jourova told Bloomberg BNA that she remains “strongly committed” to the Privacy Shield and called for Ross and other U.S. officials to “reaffirm” their commitments. She later told Bloomberg TV that she was feeling “positive” about the long-term prospects for the program.

The creation of a U.S. ombudsman under the Privacy Shield, and the placement of limits on intelligence data collection through presidential directives, “represent the U.S.'s commitment” to limiting government access to data, Jourova said.

The September Privacy Shield review will involve getting input from companies, including asking them how many times they have received requests from the U.S. government to provide data on EU citizens, Jourova said. It will also analyze the roles of various U.S. federal agencies in the enforcement of the Privacy Shield, she said.

The review will look for possible “negative changes in U.S. legislation,” including the pending reauthorization of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes the National Security Agency to collect digital communications of foreign citizens outside the U.S. from internet service and other communications providers, she said.

To contact the reporter on this story: Jimmy H. Koo in Washington at jkoo@bna.com

To contact the editor responsible for this story: Donald Aplin at daplin@bna.com

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security