MEPs call for suspension of Privacy Shield unless US complies with data-protection agreement

Written by Sam Trendall on 12 June 2018 in News
News

Cambridge Analytica revelations show need for ‘better monitoring’ of data-protection measures

Members of the European Parliament’s Civil Liberties Committee have called on legislators to suspend the Privacy Shield agreement that governs US firms’ handling of EU citizens’ data.

MEPs on the committee passed a resolution to call for the suspension of the agreement from 1 September, if the “US fails to comply” with its terms. 

Privacy Shield came into force in July 2016, and required the US to commit to not engaging in “indiscriminate mass surveillance” of European data. 

It replaced the Safe Harbor agreement, which was in effect for 15 years, but was invalidated by the European Court of Justice in 2015. This followed a series of complaints and legal challenges from Austrian citizen Max Schrems, who argued that the agreement did not sufficiently safeguard the privacy of EU citizens. His campaign was prompted by and centred on his belief that the way in which Facebook processed European data infringed on privacy rights.

Under Privacy Shield, all US firms processing EU citizens’ data are required to self-certify that they will adhere to all relevant regulations, with failure to comply being punishable under US law. The agreement also requires firms to respond to complaints from citizens who believe their data has been misused.

Privacy Shield is subject to annual review by authorities on both sides of the Atlantic. 


Related content


But MEPs have claimed that the recent revelations about Facebook and Cambridge Analytica “emphasise the need for better monitoring of the agreement, given that both companies are certified under the Privacy Shield”.

“MEPs call on the US authorities to act upon such revelations without delay and, if needed, to remove companies that have misused personal data from the Privacy Shield list,” the committee added. “EU authorities should also investigate such cases and, if appropriate, suspend or ban data transfers under the Privacy Shield.”

The committee also expressed concerns about the Clarifying Lawful Overseas Use of Data Act, a new piece of US legislation that MEPs claim “grants the US and foreign police access to personal data across borders”. This law “could have serious implications for the EU and it could conflict [with] EU data-protection laws”, the committee added.

The resolution to call for a wholesale of suspension of Privacy Shield from 1 September – if the US does not demonstrate compliance – was passed by the committee by 29 votes to 25, with three abstentions. 

Committee chair Claude Moraes said: "The committee today adopted a clear position on the EU US Privacy Shield agreement. While progress has been made to improve on the Safe Harbor agreement, the Privacy Shield in its current form does not provide the adequate level of protection required by EU data protection law and the EU Charter. It is therefore up to the US authorities to effectively follow the terms of the agreement and for the commission to take measures to ensure that it will fully comply with the GDPR.”

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

‘GDS’s future mission needs clarifying’
18 October 2018

A House of Commons inquiry into the work of GDS to data and the state of digital government has begun publishing its findings. PublicTechnology looks at what a range of experts have had...

Making Tax Digital VAT pilot goes live
17 October 2018

HMRC director says that new digital ways to pay tax will give businesses more control over their finances

US senators introduce legislation to boost government’s use of AI
2 October 2018

Although ‘C-3PO isn’t yet a reality’, cross-party quartet wants to make it easier for federal agencies to adopt new technologies

A vision for a Digital Scotland
19 September 2018

Neil McEvoy of Digital Scotland explains how the country could learn from the low-cost and replicable systems implemented by Estonia, and why GovTech is huge opportunity for the Scottish...

Related Sponsored Articles

GDPR already isn’t working
15 October 2018

The policies may be in place, but is it happening in practice? BT's Bas de Graaf looks at the reality of GDPR today

Simplicity in a complex world
8 October 2018

Cisco's Dominic Elliott shows how global organisations can embrace the benefits of SD-WAN without adding complexity

Make more of your digital transformation with Intelligent Connectivity
25 September 2018

When it comes to digital transformation, you want your organisation to lead from the front

Government begins to "rightsize"​ its estate
17 September 2018

BT's Simon Godfrey on how government is fundamentally rethinking its strategy for both people and places