Privacy Shield should be suspended, say MEPs

Committee cites Cambridge Analytica scandal and CLOUD Act as obstacles

Privacy Shield, the agreement underpinning data transfers from Europe to America, must be suspended if the US does not fully meet its obligations come 1 September, MEPs voted last night.

The Civil Liberties (Libe) Committee's decision isn't binding, but puts pressure on the European Commission to ensure the data-transfer arrangement is being honoured by US authorities.

Drawn up to replace the abandoned Safe Harbor agreement in 2016 after that deal was brought down by a legal challenge, Privacy Shield now faces obstacles of its own.

Designed to extend EU-like data protection to European residents' data transferred to the US, now the Libe Committee believes the new agreement fails to provide that protection as well.

"While progress has been made to improve on the Safe Harbor agreement, the Privacy Shield in its current form does not provide the adequate level of protection required by EU data protection law and the EU Charter," said Libe Committee member Claude Moraes.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"It is therefore up to the US authorities to effectively follow the terms of the agreement and for the Commission to take measures to ensure that it will fully comply with the GDPR."

MEPs raised their concerns following the Cambridge Analytica scandal affecting Facebook, about which the social network's CEO, Mark Zuckerberg, gave evidence to the European Parliament recently.

While the incident pre-dates Privacy Shield, it was concerned about US authorities' ability to monitor US firms' compliance with the agreement, given both Cambridge Analytica's affiliate company, SCL Elections, and Facebook are both still listed on Privacy Shield.

SCL Elections still listed on Privacy Shield

MEPs also said they're concerned about a new US law called the CLOUD Act, which gives US authorities the right to access data stored in foreign locations, as long as the organisation storing it is American.

Advertisement - Article continues below

The Libe Committee said this could clash with EU law on data protection.

Picture: Bigstock

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020