The European Commission and the US agreed on a new framework (EU-US Privacy Shield) for the transatlantic flow of data on the 2nd February 2016. So, what brought us to this point and what does it really mean for EU merchants?
The so-called “Safe Harbor” agreement was made by the European Commission in 2000 and allowed around 4,500 US companies to transfer data from the EU under specific data protection standards.
In 2013, a claim against Facebook was brought to the Irish Data Protection Commissioner (IDPC) by Austrian law student Max Schrems. He suggested, on the back of claims made by Edward Snowden regarding alleged access to certain private data by US intelligence authorities, that Facebook (Ireland Limited) was transferring personal data to the US under circumstances where the laws and practices in the US presented no real protection against the sharing of that data.
The IDPC decided it was a matter for the European Commission. The case was finally put to the European Court of Justice (ECJ). In October 2015, the ECJ found that “the existence of a Commission decision finding that a third country ensures an adequate level of protection of the personal data transferred cannot eliminate or even reduce the powers available to the national supervisory authorities.” In other words, the decisions made by (EU) national supervisory authorities on the adequacy of data protection measures by a third country to which their citizens’ data is transferred, override European Commission decisions made under the Safe Harbor agreement.
Once the ruling was made by the ECJ, the European Commission and US authorities set about to produce a relevant and working replacement for Safe Harbor.
EU Commissioner for Justice, Consumers and Gender Equality, Věra Jourová, gave a speech in Strasburg on February 2nd, where she announced the Commission had finalised negotiations with the US on a renewed and safe framework for transatlantic data flows.
Jourová promised a conclusion of “a strong and safe framework for the future of transatlantic data flows” with an arrangement that protects the fundamental rights of Europeans and ensures legal certainty. In her speech, Jourová outlined the key achievements of the negotiation:
1.
