Enact Privacy Law to Resolve PS Issues: DelBene
Pass consumer data privacy legislation this term, Rep. Suzan DelBene, D-Wash., told a Friday Brookings Institute webinar. Data flows are "critical to our shared economic future" and nowhere more important than EU-U.S., she said. The European Court of Justice (ECJ)…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
ruling in Schrems II (see 2007160002) left thousands of smaller companies that relied on trans-Atlantic data transfer mechanism Privacy Shield scrambling, she said: The growing patchwork of state privacy laws won't work and won't lead to a PS alternative. Current tools such as standard contractual clauses, binding corporate rules and recent European Data Protection Board guidance are helpful but don't "take away the need for a successor framework," said Workday Chief Privacy Officer Barbara Cosgrove. Talks on a PS replacement are ongoing, said Sharon Bradford Franklin, a director of the Center for Democracy and Technology security and surveillance project: CDT has heard that one is the extent to which the U.S. government can enact measures by the executive branch or Congress to address ECJ concerns. A comprehensive U.S. consumer data privacy law would be helpful, but surveillance laws must change to benefit Europeans and Americans, she said. The big issue is individual redress, said lawyer Peter Swire. There's frustration on the U.S. side about the issue because the U.S. has a good system via Foreign Intelligence Surveillance Act courts, Swire said: "Get over it." He and other panelists said it might be possible to give Europeans an independent review and some pathway to redress in federal courts administratively, via an executive order on surveillance law. Most agreed any solution must ultimately become law. The U.S. looks "really different" from the rest of the world with regard to privacy protection, and it’s hard to make the case that it's a safe place for data, said Swire. The U.S. and EU are considering whether they can align on tech issues such as data governance and AI, and must get a handle on privacy law first because it underpins those areas, said Cameron Kerry, Brookings distinguished visiting fellow-Center for Technology Innovation. The idea of the recently created Tech and Trade Council is to bring like-minded democratic countries together, he said: The U.S. is "the outlier" because it lacks a privacy regime.