EU AND US OFFICIALS have finally agreed on a new mechanism for transferring data across the Atlantic which will be known as the EU-US Privacy Shield.
The deal was announced by Andrus Ansip, vice president of the European Commission, on Tuesday, and replaces the 15-year-old Safe Harbour agreement which was canned last year after concerns that it helped US intelligence agencies gain access to citizens' personal data.
The EC claimed that the new framework will provide stronger obligations on companies in the US to protect Europeans' personal data, and will require better monitoring enforced by the US Department of Commerce and the Federal Trade Commission.
Second, any data accessed by US law enforcement agencies must be done within an agreed system of “limitations, safeguards and oversight mechanisms”.
The woefully named EU-US Privacy Shield will also require that companies respond on a strict deadline if a citizen has concerns that their data has been misused under the arrangement.
An annual joint review will keep an eye on this, which will also include the issue of national security access.
"We have agreed on a new strong framework on data flows with the US. Our people can be sure that their personal data is fully protected. Our businesses, especially the smallest ones, have the legal certainty they need to develop their activities across the Atlantic. We have a duty to check and we will closely monitor the new arrangement to make sure it keeps delivering," said Ansip.
"Today's decision helps us build a digital single market in the EU, and a trusted and dynamic online environment. It further strengthens our close partnership with the US. We will work now to put it in place as soon as possible."
The deal has been welcomed by the Information Technology and Innovation Foundation, which said that the agreement is crucial and represents the first step in a number of privacy reforms between the US and Europe.
"Free flow of data across borders is essential to global trade and commerce, and this renewed agreement marks an important step forward for US-EU cooperation," the organisation said in a statement.
"In the wake of the Snowden disclosures, European citizens and policymakers are understandably concerned about privacy safeguards in US law. But abruptly revoking the Safe Harbour agreement was the wrong way to address those concerns.
"We are pleased that US and European policymakers have resolved this issue and support the free flow of data between these two markets. We hope the new agreement signifies a line of thinking that will shape future EU policy decisions as well.
"The US and EU should make a number of much-needed privacy reforms to continue rebuilding trust and cooperation and ensure the world’s most critical economic relationship continues to endure in the digital age."
However, the news wasn't greeted so kindly by all. Phil Lee, data protection partner at European law firm Fieldfisher, said that the agreement is likely to be challenged by privacy advocates.
"Today's announcement will undoubtedly be welcomed by many. But keeping in mind that this new Safe Harbour will almost certainly be challenged by civil liberties groups (and possibly even some data protection authorities) pretty much immediately, only the foolhardy would place want to place their trust in a new Safe Harbour right now. Whether legal or not, its reputation is already shot to pieces," he said. µ
It's the week in Google news
Erik Estrada wouldn't have stood for this
Hacks in support of WikiLeaks founder target gov websites