Surveillance an Obstacle to Revised PS: EU, US Officials
Any new EU-US data transfer scheme must avoid a "Schrems III" rejection by the European Court of Justice, European Commission Values and Transparency Vice President Vera Jourova told a Tuesday webinar on Privacy Shield. Given her discussions with Commerce Secretary…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Gina Raimondo, "I remain pretty much confident" a new data-sharing regime is possible because of new momentum between like-minded partners. Asked what the EU's strategy is, Jourova said it's to achieve a common understanding of pillars on which a new pact might be built. The essential vision is to remake PS for legal certainty, and to work through problematic issues, mostly on the U.S. side. A federal privacy law "would help," said Jourova. Surveillance issues must be addressed by resolving the conflict between national security and privacy principles, and imposing tougher safeguards against mass surveillance, she said. Europeans need more certainty they will get redress for abuse of their personal data. Asked when a new PS might emerge, Jourova said talks have resumed but will take time: Quality is more important than speed. Negotiations are taking place in a different context from when the ECJ annulled safe harbor, said Commerce Department Privacy Shield Director Alex Greenstein: The stakes are higher now because the world has become more digital. He said Schrems II addressed standard contractual clauses (SCCs) and other data transfer mechanisms, so the situation is about all transfers "writ large," resulting in a "significant impact on trans-Atlantic commerce." Asked whether it will be possible to find a new outcome without fundamental changes on the U.S. side, Greenstein said the U.S. issued a white paper about surveillance practices to help companies make the required risk assessment for SCCs, but that's an imperfect solution. U.S. domestic privacy legislation would probably not affect the negotiations because it probably wouldn't address ECJ requirements, which is why talks are focused on surveillance. No one believes a federal privacy bill can address mass surveillance because it's focused on the commercial side, said Bruno Gencarelli, deputy director-head of unit, international data flows and protection, EC Directorate-General for Justice and Consumers. Such a law would strengthen the basis on which any new PS would be grounded, he added.