Scalper1 News
Tech giants Amazon ( AMZN ), Alphabet ( GOOGL ) and Facebook ( FB ) were lifted from legal limbo Tuesday when the U.S. and European Union agreed to a key deal to continue allowing data transfers across the Atlantic. The 11th-hour deal, creating the EU-US Privacy Shield, replaces the Safe Harbor accord, which came under scrutiny in 2013 after former National Security Agency contractor Edward Snowden alleged mass surveillance by the U.S. government. But even as companies lauded the deal, European privacy advocates deemed the proposed framework too flimsy, with one calling for U.S. legislation limiting European surveillance in place of a mere “scout’s honor.” U.S. Mass Surveillance Limited In October, the European Court of Justice struck down the 15-year-old Safe Harbor agreement. The court said it inadequately protected the region’s 500 million citizens from U.S. surveillance. Privacy laws are more stringent in Europe, where privacy is considered a basic human right and the “right to be forgotten” has been codified. Austrian graduate student Max Schrems brought the original suit that struck down Safe Harbor, arguing Facebook misused Europeans’ data in cooperation with the NSA’s Prism program. Facebook has denied that allegation. Facebook, Alphabet and Amazon.com didn’t respond to requests for comment about the EU-U.S. pact. Central to the new accord is “written assurances” by the U.S. that access to European data by public authorities and law enforcement “will be subject to clear limitations, safeguards and oversight mechanisms,” according to the EU press release. An ombudsman will be established to examine European complaints of data misuse, and companies operating under the new Privacy Shield will be obliged to “commit to robust obligations on how personal data is processed.” The regulations apply to tech firms shuffling data across the ocean, as well as companies with international human resources. Per the agreement, companies must publish their commitments and will be subject to deadlines for handling European complaints. The Department of Commerce and Federal Trade Commission will oversee enforcement. The U.S. and EU will jointly review operations under the Privacy Shield on an annual basis. Andrus Ansip, vice president of the EU’s executive body, the European Commission, and Commissioner Vera Jourova have been charged with taking steps to put the pending framework in place. Both praised the agreement, which came a day after a deadline set by European protection authorities . “Our people can be sure that their data is fully protected,” Ansip said in the press release issued by the E.C. “Our businesses, especially the smallest ones, have the legal certainty they need to develop their activities across the Atlantic.” ‘Scout’s Honor’ Isn’t Enough On Tuesday, Schrems mocked the agreement as “ an exchange of letters ” from the U.S., assuring the government wouldn’t spy on European citizens, and tweeted a series of fake postcards purportedly between government officials. “With all due respect, but a couple of letters by the outgoing Obama administration is by no means a legal basis to guarantee the fundamental rights of 500 million European users in the long run, when there is explicit law allowing U.S. mass surveillance,” he said in a statement. He added: “I doubt a European can walk into a U.S. court and claim his fundamental rights based on a letter by someone.” Sophia In’t Veld, vice chairwoman of the group Alliance of Liberals and Democrats for Europe, agreed, likening the letters to a mere “ scout’s honor ” by the U.S. government. “We urgently need a thorough legal appraisal of the safeguards offered by the U.S.,” she said in a statement. “The legal status of these safeguards is very unclear.” Veld doubted the U.S. safeguards would pass muster with the Court of Justice and called it “highly implausible” that the ombudsman would have “sufficient power to oversee U.S. intelligence services.” Joe McNamee, executive director of European Digital Rights — a civil rights advocacy association — accused the E.U. of backing down from the Court of Justice’s ruling “to accept a new, badly flawed arrangement.” Still Policy Work To Do Daniel Castro, vice president of the Washington, D.C.-based Information Technology and Innovation Foundation (ITIF), said the group understood the E.U.’s concern following Snowden’s disclosures. “Abruptly revoking the Safe Harbor agreement was the wrong way the address those concerns,” he said in a statement. “We are pleased that U.S. and European policymakers have resolved this issue and support the free flow of data between these two markets.” From a policy perspective, however, there’s still work to be done, Castro said. The Judicial Redress Act , a law proposed in the U.S. House of Representatives and favored by the ITIF, would allow a foreign citizen to sue the U.S. if the government released that person’s records without his or her consent. And also from a policy perspective, “in Europe, this means rejecting protectionist measures, such as a European Cloud, and fully embracing the spirit of a digital single market, not just in Europe, but globally,” Castro said. Scalper1 News
Scalper1 News