Android updates

Transfer of data between Europe and the United States: Joe Biden signs a decree

Joe Biden has signed today a decree aimed at providing guarantees to Europeans for the transfer of their personal data from the European Union to the United States in a new legal framework, crucial for the digital economy.

A decree for the transfer of data between EU and USA

European Commissioner for Justice Didier Reynders welcomed a “very important step”, paving the way for a procedure on the EU side which could be concluded next spring. The man who led negotiations with Washington for a year and a half welcomed the new American guarantees provided for the protection of privacy.

The tech sector also welcomed this measure. The two systems previously put in place to allow companies to transfer data from European nationals to the United States for processing or hosting there had been invalidated by European justice due to fears about American surveillance programs. In March, Joe Biden and the President of the European Commission Ursula von der Leyen announced that they had reached an agreement in principle on this new framework.

Guardrails in place

The text provides additional safeguards so that access by American intelligence agencies, in the name of national security, to data collected in Europe and transferred or hosted across the Atlantic, is limited to what is necessary and proportionate. . Above all, it opens up the possibility for European nationals to act if they believe that their personal data has been illegally collected by American intelligence and to obtain its deletion or correction if necessary.

Two levels of appeal are provided. One with an officer in charge of the protection of civil liberties at the American intelligence directorate. In the event of a challenge to this first instance decision, it is possible to appeal to an independent tribunal, formed by the Ministry of Justice.

On the EU side, the adequacy decision which will govern these transfers will notably require an opinion from the European data protection policeman and the approval of the Member States.

In July 2020, the Court had estimated that the Privacy Shield, used by 5,000 American companies, including Google or Amazon, did not protect possible “interferences in the fundamental rights of the persons whose data were transferred”. The case was launched by a complaint against Facebook by Max Schrems, already at the origin of the 2015 judgment on the ancestor of the Privacy Shield, namely the Safe Harbor.

Leave a Reply

Your email address will not be published. Required fields are marked *