EU data protection agencies remain apprehensive about Privacy Shield

Written by Rebecca Hill on 28 July 2016 in News
News

The influential group of European Union data controllers has said it is still concerned about the final version of the Privacy Shield agreement between the EU and US, but will allow it to run unchallenged for one year.

Agreement eases data transfer between EU and US but concerns remain about security - Photo credit: Fotolia

The agreement – which sets out rules for the sharing of data with US companies – is the successor to the ill-fated Safe Harbour agreement that was scrapped last year.

It was approved by the European Commission on 11 July and came into action a day later.

In its first statement on the final version of the agreement, the Article 29 Working Party commended the European Commission for taking into consideration the concerns that the group set out in April.

However, it said, “a number of these concerns remain regarding both the commercial aspects and the access by US public authorities to data transferred from the EU”.


Related content

EU data watchdog calls for 'significant improvements' to Privacy Shield
Earning public trust in the age of cyber threats


Crucially, the working party said that it “would have expected stricter guarantees concerning the independence and the powers of the Ombudsperson mechanism”. This role – which will look into complaints – was created in an attempt to allay fears about the US government’s use of the public’s data.

In addition, the working party said that there were no “concrete assurances” that bulk collection of data would not take place, despite the commitment made by the US Office of the Director of National Intelligence not to do this.

Concerns around bulk data collection have been raised repeatedly during the negotiations, with the EU's data watchdog, the European Data Protection Supervisor Giovanni Buttarelli, calling for "significant improvements" to the terms in May this year.

He said it was crucial that the agreement provide "adequate protection against indiscriminate surveillance as well as obligations on oversight, transparency, redress and data protection rights”.

In light of these concerns, the Article 29 Working Party group said in its most recent statement that the first joint annual review of the agreement – due in July 2017 – would be a “key moment for the robustness and efficiency of the Privacy Shield mechanism”.

It also set out a number of requirement for that review, which are aimed at making sure the process is transparent and effective.

This included that the terms of the review be clearly defined, and that all members of the review team be allowed access to all the information necessary for the review, including elements that allow a “proper evaluation of the necessity and proportionality of the collection and access to data transferred by public authorities”.

It said that, during that review, the national representatives of the working party would assess not only if the remaining issues have been solved but also if the safeguards provided are “workable and effective”.

Meanwhile, there remain questions over whether the UK will have to sign a similar, separate agreement with the US once it exits the EU, following the results of the referendum in June this year.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Lanarkshire trials video GP consultations
22 August 2019

Patients in Scotland given option of virtual appointments via PC or mobile device

Can the GDS innovation strategy deliver a lasting legacy for government?
14 August 2019

Government's new Innovation Strategy set out ambitious proposals to update processes, eliminate ageing kit, and embrace emerging technologies. PublicTechnology caught up with...

'Designating services as digital is increasingly a hindrance' – DfE's Emma Stace on working across organisational boundaries
18 September 2019

As the Department for Education refashions itself as a delivery department, its chief digital officer Emma Stace tells PublicTechnology she is determined to make digital ‘just...

Related Sponsored Articles

The age of virtualisation
17 September 2019

After more than 20 years of stability, networks are going through a period of dramatic transformation. BT looks beyond the hype at the real benefits of virtualisation.

Digital Transformation: Connecting and protecting with perfect predictability
10 September 2019

How can you stay ahead in the fast-paced world of digital technology? BT describes how it's a matter of focus... 

How to stay ahead of a changing threat landscape
3 September 2019

The security threat landscape is confusing and changing rapidly – there’s so much out there, how do you understand where the true risks are? BT offers insight from their own experience

The cyber security skills challenge: Hiring for tomorrow
27 August 2019

Organisations must alter their approach to cyber security recruitment in order to combat the global shortage of security professionals, writes BT