MEPs call for suspension of Privacy Shield unless US complies with data-protection agreement
Cambridge Analytica revelations show need for ‘better monitoring’ of data-protection measures
Members of the European Parliament’s Civil Liberties Committee have called on legislators to suspend the Privacy Shield agreement that governs US firms’ handling of EU citizens’ data.
MEPs on the committee passed a resolution to call for the suspension of the agreement from 1 September, if the “US fails to comply” with its terms.
Privacy Shield came into force in July 2016, and required the US to commit to not engaging in “indiscriminate mass surveillance” of European data.
It replaced the Safe Harbor agreement, which was in effect for 15 years, but was invalidated by the European Court of Justice in 2015. This followed a series of complaints and legal challenges from Austrian citizen Max Schrems, who argued that the agreement did not sufficiently safeguard the privacy of EU citizens. His campaign was prompted by and centred on his belief that the way in which Facebook processed European data infringed on privacy rights.
Under Privacy Shield, all US firms processing EU citizens’ data are required to self-certify that they will adhere to all relevant regulations, with failure to comply being punishable under US law. The agreement also requires firms to respond to complaints from citizens who believe their data has been misused.
Privacy Shield is subject to annual review by authorities on both sides of the Atlantic.
- Government advises that NHS data can be safely hosted in the US and other countries
- EU data watchdog calls for ‘significant improvements’ to Privacy Shield
- MEPs criticise safe harbour deal
But MEPs have claimed that the recent revelations about Facebook and Cambridge Analytica “emphasise the need for better monitoring of the agreement, given that both companies are certified under the Privacy Shield”.
“MEPs call on the US authorities to act upon such revelations without delay and, if needed, to remove companies that have misused personal data from the Privacy Shield list,” the committee added. “EU authorities should also investigate such cases and, if appropriate, suspend or ban data transfers under the Privacy Shield.”
The committee also expressed concerns about the Clarifying Lawful Overseas Use of Data Act, a new piece of US legislation that MEPs claim “grants the US and foreign police access to personal data across borders”. This law “could have serious implications for the EU and it could conflict [with] EU data-protection laws”, the committee added.
The resolution to call for a wholesale of suspension of Privacy Shield from 1 September – if the US does not demonstrate compliance – was passed by the committee by 29 votes to 25, with three abstentions.
Committee chair Claude Moraes said: "The committee today adopted a clear position on the EU US Privacy Shield agreement. While progress has been made to improve on the Safe Harbor agreement, the Privacy Shield in its current form does not provide the adequate level of protection required by EU data protection law and the EU Charter. It is therefore up to the US authorities to effectively follow the terms of the agreement and for the commission to take measures to ensure that it will fully comply with the GDPR.”
A House of Commons inquiry into the work of GDS to data and the state of digital government has begun publishing its findings. PublicTechnology looks at what a range of experts have had...
HMRC director says that new digital ways to pay tax will give businesses more control over their finances
Although ‘C-3PO isn’t yet a reality’, cross-party quartet wants to make it easier for federal agencies to adopt new technologies
Neil McEvoy of Digital Scotland explains how the country could learn from the low-cost and replicable systems implemented by Estonia, and why GovTech is huge opportunity for the Scottish...
The policies may be in place, but is it happening in practice? BT's Bas de Graaf looks at the reality of GDPR today
Cisco's Dominic Elliott shows how global organisations can embrace the benefits of SD-WAN without adding complexity
When it comes to digital transformation, you want your organisation to lead from the front
BT's Simon Godfrey on how government is fundamentally rethinking its strategy for both people and places