- Twitter lifts ‘permanent’ suspension of activist Barrett Brown Monday 5:52 PM
- Billie Eilish fans fend off objectifying comments on tank top photo Monday 5:32 PM
- Groom’s mother sabotages wedding by tricking guests into wearing jorts and hoodies Monday 4:39 PM
- No one believes Bill de Blasio’s son sent him these debate prep texts Monday 3:26 PM
- Meek Mill, Jay-Z to release ‘Free Meek’ documentary on Amazon Prime Monday 3:20 PM
- 3 ways to secure your Nest cameras Monday 3:15 PM
- This Pokémon generator site is creating hilarious monsters Monday 2:48 PM
- MrBeast impersonator tricks kid into destroying his XBox Monday 12:50 PM
- This mom has the perfect nickname for her nonbinary kid Monday 12:25 PM
- Netflix tests pop-out player that will allow viewers to multitask Monday 11:44 AM
- Man allowed to sue media publishers over readers’ Facebook comments Monday 11:42 AM
- Republicans slammed for joke about ‘heavily armed militia’ at Oregon statehouse Monday 11:30 AM
- New bill wants tech companies to tell you how much your data is worth Monday 10:53 AM
- AOC has the best response to Steve King’s ‘concentration camp’ criticism Monday 10:19 AM
- Did Jake Paul and Tana Mongeau just get engaged? Monday 9:26 AM
U.S., E.U. negotiators still split over major data-sharing deal for businesses
The man whose lawsuit overturned the old deal on privacy grounds says he’s not sure how this ends.
U.S. and European negotiators are racing to complete a data-sharing agreement that American businesses say is crucial to their overseas operations. But in the wake of the court ruling that struck down the old agreement, no one knows how to solve the pressing privacy concerns at the heart of the debate.
Negotiations over a new “Safe Harbor” deal—which would let American companies transfer European citizens’ data to and from their U.S. servers—prompted conversation, speculation, and no small amount of anxiety at the Internet Education Foundation’s annual State of the Net conference on Monday in Washington, D.C.
Attendees heard first from Max Schrems, the Austrian man whose lawsuit challenging Facebook‘s U.S. storage of his personal data led the European Court of Justice to invalidate the first Safe Harbor agreement. The 15-year-old deal had allowed American companies to “self-certify” that their handling of user data met European regulators’ stringent privacy standards. But the ECJ ruled that, because U.S. companies were subject to the far-reaching mass surveillance programs revealed by Edward Snowden, they could not credibly claim to be keeping user data private and secure.
The U.S. Department of Commerce and the European Commission are hard at work on a new Safe Harbor deal, but privacy advocates, including Schrems, aren’t sure how it can possibly survive ECJ scrutiny without fundamentally reforming U.S. surveillance practices. The Foreign Intelligence Surveillance Act (FISA) requires “electronic communications service providers” to comply with many of the programs that Snowden revealed. Because FISA is not likely to change any time soon, Schrems said, “I don’t really see a solution.”
Google, Facebook, and other companies that store user communications have pressured the Commerce Department to quickly reach a deal that will preserve their ability to “self-certify” compliance with E.U. privacy standards. The data-protection regulators of many European nations have warned that they will begin to enforce their stringent privacy rules at the beginning of February. Without a new Safe Harbor, U.S. companies’ routine business operations could expose them to fines and other penalties under those rules.
At a panel discussion on Monday, Justin Antonipillai, the Department of Commerce’s deputy general counsel and a member of the U.S. negotiating team, expressed confidence that the two sides would reach an agreement. But he noted, “Time is not on our side.”
One of the key issues in the negotiations is how E.U. citizens will be able to challenge the American government over its handling of their private data. Antonipillai, who called the Obama administration’s latest proposal “one of our best offers,” added that any deal would have to acknowledge the role that the Federal Trade Commission plays in enforcing consumer-protection laws in the U.S.
In his response, Andrea Glorioso, a member of the E.U. delegation in Washington that is negotiating the deal, offered an indication of why this issue remains tricky for two sides with dramatically different regulatory structures.
While Glorioso said he had “deep respect” for the FTC‘s work, he noted that the commission’s status as an independent agency complicated things. Because the president cannot order the FTC to take up a particular complaint, European officials are not content to let the commission serve as the only cop on the beat. They want to be able to exert pressure on the White House to take their citizens’ complaints seriously.
Glorioso said that negotiators were considering how the U.S. government could redress Europeans’ complaints outside of the FTC, possibly through the Commerce Department, but he emphasized that the E.U. delegation has “not asked for legislative changes” to the way the U.S. handles such complaints.
Both Schrems and members of the panel that followed his talk agreed that the new Safe Harbor deal could not and would not resolve the broader debate over the proper extent of government surveillance.
Schrems said that he wanted to see the European Court of Human Rights settle the issue eventually; the privacy of citizens’ personal data is considered a fundamental right in Europe. The high courts of E.U. member states will have to address that matter first, though. In the meantime, Glorioso called the larger surveillance debate “a conversation that needs to happen.”
Photos by Eric Geller
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.