European Union Court to Review EU-US Privacy Shield Framework

Laura BednarVulnerabilitiesLeave a Comment

european commission privacy shield

A three-year-old complaint against Privacy Shield will finally be reviewed by the EU general court in July of 2019. The complaint came from the French digital rights group, La Quadrature du Net, and claimed that the Privacy Shield framework allowed for privacy abuses by the United States.

Replacing Improper Safety With Questionable Privacy

Privacy Shield is a program that was designed by the U.S. Department of Commerce, European Commission, and Swiss Administration to provide a safe way for the transfer of personal data during transatlantic commerce. The European Commission approved the use of this transfer method in 2016. It was created as a replacement for what had previously been Safe Harbor.

Using Safe Harbor to transfer information was deemed invalid after whistleblower Edward Snowden exposed that the U.S. intelligence agencies had access to personal data within the system. The French digital rights group was still unsatisfied when the Commission allowed for Privacy Shield. The group responded, saying that the new system still allowed for U.S. mass surveillance and therefore violated the EU law.

They Fought the Law Hoping to Win

While Privacy Shield was created with the intent to function properly during the data transfer and was subject to annual review by the Commission, La Quadrature was not entirely convinced of its quality. They were not the only ones, as the American Civil Liberties Union (ACLU), as well as the French consumer protection organization, UFC Que Choisir, helped provide evidence of what La Quadrature calls a “U.S. surveillance regime.”

On the other side of the issue stood Germany, United Kingdom, the United States, and the Netherlands in addition to companies from the Google, Apple, Facebook, Amazon, and Microsoft group (GAFAM). They each produced arguments in support of Privacy Shield. After responding to arguments back and forth, the exchanges ended in April 2019.

The General Court of the EU found the complaint to be worthy of court proceedings and the hearing for the data transferring framework will be held in Luxembourg on July 1 and July 2. The main concern other than lack of privacy is that the system itself is too self-regulating and does not have proper legal protection.

Ensuring Privacy in All Digital Aspects

Whether it is international commerce or your individual data of photos and documents, having proper security is vital in the digital age. Secure Data is an SSAE 18 Type II Certified company and a General Services Administration Approved Contractor. Additionally, we offer hardware encrypted storage devices that can store your digital data and keep it completely safe from outside parties. The devices are HIPAA compliant and GDPR compliant and offer unique authentication methods to ensure the user is in complete control. To learn more about Secure Data’s security practices and how you can keep your data safe, call 1-800-388-1266.