- ‘Penis fish’ memes erupt after worms wash up on California coast Friday 5:58 PM
- Why Britons are tweeting ‘Little England’ in wake of the U.K. election Friday 3:22 PM
- Net neutrality advocates ask for rehearing on federal court decision Friday 2:29 PM
- Americans are sharing their #PrivateHealthLIFEhacks to help Brits Friday 2:28 PM
- Warren, Sanders, Yang pledge to skip next week’s debate over union dispute Friday 2:12 PM
- How to watch tonight’s Nets vs. Raptors matchup on NBA TV Friday 2:00 PM
- Alt-right comedian Owen Benjamin banned from Instagram over anti-Semitic memes Friday 1:55 PM
- TikTok teens are procrastinating with #FinalsWeek Friday 1:46 PM
- ‘The Mandalorian’ takes on a prison break in episode 6 Friday 1:30 PM
- Nick Cannon vs. Eminem battle expected to escalate after ‘off-limits’ daughter diss Friday 12:50 PM
- Laura Loomer vehemently denies being author of new Laura Loomer-themed action novel Friday 12:30 PM
- PewDiePie’s poop-inspired game gets banned by Apple Friday 11:29 AM
- ‘Game of Thrones’ showrunners to adapt ‘Lovecraft’ graphic novel to screen Friday 11:00 AM
- The 50 memes that defined the decade Friday 10:45 AM
- Venmo users are getting harassed with fraudulent payment requests Friday 10:38 AM
U.S. and E.U. release full text of new data-sharing privacy deal
Governments on both continents are optimistic that the deal will pass muster.
The United States and the European Union on Monday released the full text of an agreement that would let U.S. companies transfer Europeans’ data across the Atlantic and establish new ways for E.U. citizens to complain about data-privacy violations.
The Obama administration’s 128-page document package includes commitments from the Federal Trade Commission, the State Department, and other federal agencies to uphold the protections enshrined in E.U.–U.S. Privacy Shield, the deal struck in early February to replace a previous data-sharing agreement.
Europe’s top court struck down the first agreement, known as Safe Harbor, in late 2015 over concerns that U.S. companies could not meet the stringent privacy rules of Europe’s 28 national data-protection regulators because the firms were subject to American mass-surveillance programs. That threw the American business sector—especially the Silicon Valley firms awash in European customers’ personal data—into chaos, as they waited to see if a new deal would be struck to legalize their transfers.
“This isn’t a good deal. It hardly deserves to be called a ‘deal’ of any kind.”
The U.S. intelligence community did not agree to make any substantive changes to its surveillance activities, a fact that could jeopardize Privacy Shield’s fate when E.U. member states and their data-protection bodies meet to review the agreement. But the State Department will establish a privacy ombudsman office to receive complaints from Europeans about companies or government agencies improperly accessing their data.
Privacy Shield requires companies to respond to such complaints within 45 days, but there will also be “alternative dispute resolution” forums to hear complaints, and the European Commission—the region’s executive body—will work with the FTC to ensure that alleged violations are investigated.
“Strong law enforcement and increased cooperation will be critical to the new framework’s success, and the FTC will play a significant role in enforcing commercial privacy promises under the framework,” FTC Chairwoman Edith Ramirez said in a statement.
If Privacy Shield is enacted, U.S. companies will need to submit detailed reports explaining how they protect the privacy of individuals whose data they move between continents. Only then will the deal cover them.
The two governments will review compliance with data-privacy rules every year.
Tech-industry trade groups, which represent many large companies caught in a legal vacuum after Safe Harbor was struck down, praised the release of the new deal’s text in glowing, hopeful statements.
“The Privacy Shield will provide strong privacy safeguards, legal certainty for companies and enhances transatlantic trust,” said Christian Borggreen, international policy director for the Computer and Communications Industry Association.
“After our initial review, it appears that the two sides have achieved the objective of securing an agreement that both enhances privacy protections and provides the certainty needed to promote innovation and economic growth,” said Josh Kallmer, senior vice president for global policy at the Information Technology Industry Council.
“Approval of the new framework by European leaders will be an important step toward fostering greater innovation and global economic progress,” said Mark MacCarthy, senior vice president of public policy at the Software and Information Industry Association.
Digital privacy is considered a fundamental right in the European Union, enshrined in the region’s founding charter like freedom of speech in the United States. Many of Europe’s national data-protection agencies have expressed skepticism that Privacy Shield will meet their stringent requirements, and despite the months of work that went into its drafting, the deal’s success is far from assured.
European privacy advocates issued fresh condemnations of the agreement on Monday.
“This isn’t a good deal,” Joe McNamee, executive director of European Digital Rights, said in a statement. “It hardly deserves to be called a ‘deal’ of any kind.”
Illustration by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.