Latest Update on EU-US Privacy Shield

Posted by Holger Dyroff – 13. April 2017

In February I published a blog “Threats to your Data in the Trump Age” outlining the ramifications President Trump’s administration will have on the newly implemented EU-US Privacy Shield and the concerns for the safety of private data following a January executive order. While much of these concerns still hold true, last week European Parliament adopted a resolution on the “adequacy of the protection afforded by the EU-US Privacy Shield.”

Ann J. LaFrance published an article on Lexology outlining the resolution. LaFrance writes:

The resolution states that there has been a lack of clarity in terms of the commitment of the new US administration to the Privacy Shield arrangements due to various Executive Orders having been issued by the new US President Trump. One example is the Executive Order on ‘Enhancing public safety in the Interior of the US,” issued on 25th January 2017, which excludes foreign citizens from the protections of the US Privacy Act. The resolution considers that this Executive Order contradicts the written assurances that judicial redress mechanisms will be available to individuals whose personal data is accessed by the US authorities. The resolution calls for the EU Commission to carry out a detailed legal analysis of the consequences of the President’s Executive Order and its impact on the right of EU citizens to seek judicial redress in relation to US government agencies’ use of their personal data when it is transferred to the US under the Privacy Shield.

This first step of the resolution is a great stepping stone to ensure that the current agreement stays strong. However, the EU Parliament still has its concerns about how the Trump Administration will affect the outcome of the present deal. According to Natasha Lomas of TechCrunch, “it could take just a single stroke of Trump’s pen to bring the entire arrangement toppling down.” Lomas continues by stating:

…EU parliament also debated the adequacy of the protection offered by the mechanism, with further warnings being voiced — including concerns about new rules that allow the NSA to share private data with other US agencies without court oversight; and about the recent dismantling of broadband privacy reform — signed by Trump

The EU seems adamant to keeping the Privacy Shield agreement intact and will, therefore, hold its first review this coming September. LeFrance outlines the review:

As part of this first joint EU-US annual review of the Privacy Shield, the EU Parliament calls on the EU Commission to: (1) review the necessity and proportionality of these bulk collection programmes; (2) monitor compliance with the requirement that EU personal data be deleted when no longer necessary for the purpose for which it was originally collected, including by law enforcement agencies; and (3) to ensure the Privacy Shield is amended in line with the EU General Data Protection Regulation, which will become enforceable in May 2018.

ownCloud is a great advocate for data privacy and we hope for the best resolution for this scary situation, however, we are also advocates to self-preservation. We believe that the best way to truly keep your data safe is to remain 100% in control.

ownCloud offers customers the software and support to create their very own private, on-premises cloud. No more wondering where your data is stored or who may have unauthorized access to your sensitive information. With ownCloud, IT is able to maintain full control over all of your company’s confidential documents, knowing exactly where the data is at all times and deciding who may or may not have access to certain documents and folders. Learn more about why a private cloud is the only way to go to ensure security and how ownCloud is the perfect solution: https://owncloud.com/private-cloud/