The Safe Harbour pact struck down after a battle with Facebook Ireland has just gotten a successor
A new deal covering data transfer protection between the EU and US will come into effect next week.
EU MEMBER STATES have given the all clear to the commercial data transfer pact that will cover data shared between the EU and US.
The news will be music to the ears of big corporations such as Google, Facebook and Mastercard that were left in a legal no man’s land after last year’s decision to rule the previous data agreement known as Safe Harbour null and void.
The announcement that EU governments have chosen to accept the terms of the new framework called the EU-US Privacy Shield was made by EU commissioners Andrus Ansip and Vera Jourova.
The new data transfer arrangement will come into effect on Tuesday and will strengthen the regulations that help protect European data sent across the Atlantic.
Under the EU-US Privacy Shield pact, EU citizens will have greater powers and ownership over their data and the US has committed to not carrying out “indiscriminate mass surveillance of European citizens’ data”.
The new rules in place will tighten regulations around the sharing of payroll details, personal information and data used for targeted advertising on the internet.
Background
The Safe Habour agreement was a pact between the US and the EU under which the American government was required to do its utmost to protect EU citizens’ data that was transferred by American companies in the EU to the States.
In 2012, Austrian student Max Schrems lodged a complaint with the Irish Data Protection Commissioner and claimed that Facebook Ireland was making his personal data available to US intelligence agencies via its US operations.
The case was escalated to the European Court of Justice, which ruled that the trans-Atlantic data protection pact, known as Safe Harbour that was put in place in 2000, was invalid and could not protect consumer data from the snooping practices exposed by NSA whistleblower Edward Snowden in 2013.
The ruling forced the US and the EU back to the drawing table to hammer out a new data protection agreement, which was struck last February and ratified today by the EU member states.
Falling short
When the Privacy Shield deal was first announced five months ago, Schrems criticised the new agreement and said it amounted to putting “ten layers of lipstick on a pig.”
“There will be a number of people that will challenge this decision if it ever comes out this way – and I may very will be one of them,” Schrems said in a document on his Twitter account.
He said that the deal includes too many areas under which “bulk” data collection is allowed.
- With additional reporting from AFP