The European Union and the United States agree in principle to a new data protection agreement

The European Court of Justice scrapped the “Privacy Shield” for data transmission from Europe across the Atlantic in July 2020 on the grounds that the level of data protection in the United States did not comply with EU standards. Above all, the judges criticized the US intelligence services’ far-reaching access to Europeans’ data.

In a joint statement, the two sides said the new rules and safeguards would limit US intelligence’s access to data to what is “necessary and proportionate to the pursuit of specific national security objectives.” In addition, there should be an independent legal protection mechanism that can investigate complaints from Europeans about US secret services access to data and order remedial measures.

For companies, the European Court of Justice ruling has created a great deal of legal uncertainty when transferring data between the USA and the EU. The Facebook Meta group has warned since the fall that the online network and Instagram will likely be shut down in Europe if there is no subsequent plan. Accordingly, the Business Software Alliance welcomed the basic agreement, as it would create legal certainty.

‘Privacy Shield’ was created in 2016 after the European Court of Justice struck down the previous ‘Safe Harbor’ regulation. In both cases, Austrian lawyer Max Schramms complained.

Data protection organization Noyb complained on Friday that it was initially just a political advertisement and that a concrete text is still pending. If the new agreement is not in line with EU law, it is likely that Noeb or another group will challenge that as well.