US-Europe privacy agreement passes its yearly review
If you haven’t ever heard of Privacy Shield, it’s an agreement between the US and the EU. It allows companies that store personal data of people who reside in the EU (such as Facebook) on servers in the US, all while adhering to European standards for privacy protection. It replaced Safe Harbor last year, and the EU has been keeping an eye on it since mid-2016. Now, the first review of Privacy Shield has taken place. Despite behind-the-scenes dissatisfaction, both EU and US officials have stated their support for the framework in a joint statement. They also hope to further improve the agreement based on what the review found.
Criticisms for Privacy Shield have been broad. Safe Harbor was struck down back in 2015 by the European Court of Justice after Edward Snowden’s leak of classified NSA data. Companies like Twitter had to either store data locally or prove that they were adhering to EU privacy standards on US servers in regard to data protection. Critics have maintained that Privacy Shield has many of the same problems as Safe Harbor. And reportedly, EU officials were unhappy with the draft agreement.
That’s why the positivity of the official statement is surprising. According to The Register, the US has been stalling on provisions that would prohibit secretly sharing this user data with intelligence agencies. Additionally, its safeguard mechanisms are weak.
Privacy Shield does allow those whose data originates in the EU (not just its citizens) to complain if they feel their information isn’t being adequately protected. And now that the one-year review is over, you can bet that privacy groups will be keeping a close eye on what happens with the agreement. Despite the statement’s emphasis on the program’s success, it’s clear there’s still a long way to go.
Source: The Register, European Commission