The 28 EU member states have voted in support of the data sharing agreement between the EU and the United States.
EU member states have approved agreement on commercial data transfer – Photo credit: Fotolia
The Privacy Shield agreement sets out how consumer data can be transferred from the EU to the US and will come into effect tomorrow.
The deal was developed after the Safe Harbour framework – intended to help US companies legally access EU data – was scrapped in October last year for failing to provide proper protection for the transfer of personal data.
Related content
EU and US reach initial agreement over new Privacy Shield
EU data watchdog calls for ‘significant improvements to Privacy Shield
The European Commission vice-president Andrus Ansip and justice commissioner Vera Jourova said in a statement that the new deal was “fundamentally different” from its predecessor.
“It imposes clear and strong obligations on companies handling the data and makes sure that these rules are followed and enforced in practice,” the statement said.
“For the first time, the US has given the EU written assurance that the access of public authorities for law enforcement and national security will be subject to clear limitations, safeguards and oversight mechanisms and has ruled out indiscriminate mass surveillance of European citizens’ data.
And last but not least the Privacy Shield protects fundamental rights and provides for several accessible and affordable redress mechanisms.”
The negotiation process has been drawn out due to public concern around US surveillance, and in April the Article 29 Data Protection Working Party said that the framework lacked clarity and called for a more detailed analysis of many aspects of the agreement.
However, the Commission said that it had “consulted as broadly as possible” during this period and that consumers and companies “can have full confidence in the new arrangement”.
TechUK, which represents UK technology companies, said that the final text provided improved clarity on a number of areas, including data retention, onward transfers of data to third countries, bulk data collection and on the autonomy and activities of the Ombudsperson.
Charlotte Holloway, associate director of policy at TechUK, said the agreement was “a major step forward for restoring certainty and a stable legal footing for transatlantic data flows”.
She also highlighted questions over the UK’s data environment following the vote to leave the EU, saying that the agreement “underlines the importance of data flows to transatlantic trade”.
“We urge policymakers to continue to keep front of mind that data and trade go hand in hand in today’s global economy,” she said.
