Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
By George Lynch
The repeal of an FCC rule to require internet service providers to get user consent to collect and share personal data weakens European Union trust in the U.S. privacy regime and may undercut a vital EU-U.S. data transfer pact, privacy professionals told Bloomberg BNA.
President Donald Trump signed a congressional resolution April 4 that rescinded a Federal Communications Commission rule requiring ISPs, such as AT&T Inc. and Comcast Corp., to seek subscribers’ permission before using their web-browsing history for marketing and other purposes. The rule was rescinded before it took effect.
The new concerns over the commitment of the U.S. to privacy come during the ramp-up to the first annual review of the EU-U.S. Privacy Shield cross-border data transfer program in September. Anything that might jeopardize the data transfer pact is cause for concern to the thousands of companies that use the program to transfer personal data out of the EU to the U.S. Without the program, it would be far more cumbersome for U.S. companies to carry out such transfers.
The Privacy Shield allows U.S. companies that self-declare their compliance with EU-approved privacy and security principles to legally transfer personal data from the EU to the U.S. Over 2,000 U.S. companies are certified under the scheme, including Facebook Inc., Alphabet Inc.'s Google and Microsoft Corp. Tens of thousands of EU companies also rely on the program to legally transfer data to certified U.S. companies.
Some EU lawmakers and privacy advocates previously expressed concern about the Trump administration’s commitment to the Privacy Shield and whether there are plans to allow for broader U.S. government surveillance of data. Officials on both sides of the Atlantic have said they understand the economic importance of maintaining the trans-Atlantic flow of data.
EU privacy regulators from the 28 EU countries have been skeptical about the privacy protections that the EU-U.S. Privacy Shield puts in place, particularly as to the potential bulk collection of personal data by the U.S. government. Those concerns were the basis for the invalidation of the predecessor U.S.-EU Safe Harbor agreement data transfer pact by the EU’s top court.
European Data Protection Supervisor Giovanni Buttarelli said at a press briefing at the International Association of Privacy Professionals Global Summit that the repeal of the FCC privacy rules has left him skeptical as to whether the Trump administration is serious about upholding its obligations under the Privacy Shield.
The repeal of the FCC rule isn’t a violation of the Privacy Shield agreement, but it provides ammunition for Privacy Shield skeptics who argue that it isn’t up to EU standards, Todd Ruback, chief privacy officer at privacy consulting and software services company Evidon Inc./Ghostery Inc. in New York, told Bloomberg BNA.
The loss of EU trust in U.S. privacy “is an overlooked unintended consequence of rolling back the rules,” Ruback said.
Brian Hengesbaugh, a data protection partner at Baker McKenzie in Chicago, told Bloomberg BNA that the broadband privacy rule repeal shouldn’t have a direct affect on the data transfer program because the “Privacy Shield does not depend on the structure or existence of the FCC rules in any respect.”
However, the EU is “closely monitoring internal U.S. privacy developments, such as those related to the FCC rules, as an indicator to how the new administration will approach data privacy and security issues more generally,” he said.
Gary Southwell, general manager of data security company CSPi Inc., told Bloomberg BNA that the problem for the U.S. is one of perception more than legality. Trump’s March 6 executive order that appeared to remove Privacy Act protections related to the Privacy Shield is another example of the perception problem. Although the order didn’t ultimately present substantive problems, it “created initial confusion in the European Parliament” about the U.S. commitment to privacy, Southwell said.
To contact the reporter on this story: George Lynch in Washington at gLynch@bna.com
To contact the editor responsible for this story: Donald Aplin at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)