Posted in EU–U.S. Safe Harbor

Opinion

European Court Gives a Boost to EU Data Protection Reform

On April 8, the Court of Justice of the European Union invalidated the EU Data Retention Directive 2006/24. Beyond its significance for data retention, this judgment has important implications for EU data protection law in general and the proposed General Data Protection Regulation (GDPR) in particular.

More from Christopher Kuner

Opinion

Legal Reform Is Needed on Both Sides of the Atlantic, Not Just in Europe

I recall that in the 1990s and early 2000s, it was often a struggle to get people outside of Europe to take EU data protection law seriously. The perceived lack of enforcement in the EU, and the dynamic legislative climate in the U.S., meant that more attention was given to U.S. developments.

The situation is now reversed, and there has been intense interest in the European Commission’s proposal for a General Data Protection Regulation published in January 2012, and in related developments such as calls for reform of the EU-U.S. Safe Harbor. U.S.-based lobbyists have descended in hordes on the EU institutions; U.S. government representatives travel to Brussels to lobby the EU, and U.S. authors publish articles and papers on complex issues of EU law. Brussels has become the center of the global privacy world.

This causes us in Europe to wonder: Why doesn’t the U.S. work as hard to improve its own privacy law as it does to lobby for changes in the EU?

More from Christopher Kuner

Opinion

The Plain Truth About Safe Harbor

By Eduardo Ustaran, CIPP/E
The European Commission

The stance adopted by the European Commission in the report on the functioning of Safe Harbor published today was probably one of the worst kept secrets of the privacy world. It was patently obvious to anyone close enough to the controversy around the ability of Safe Harbor to live up to the expectations of EU policy makers and regulators that the Commission would be critical about it but would stop short of delivering a fatal blow to the scheme.

More from Eduardo Ustaran

Opinion

Has the LIBE Committee Torpedoed the Safe Harbor?

The committee of the European Parliament charged with shepherding the proposed EU Data Protection Regulation—the LIBE Committee—finally has reported out an amended version of the Regulation. And despite the fact that a Commission-initiated review of the EU-U.S. Safe Harbor is pending, it appears the LIBE Committee effectively has called for the end of the Safe Harbor.

More from Christopher Wolf

Opinion

Galileo’s Problem and How Legislation Won’t Stop the Orbit of Technology

Like the Catholic Church’s Congregation of the Index of 1616, which outlawed the movement of the Earth around the sun, so too will the European Parliament restrict transborder data flows by legislative fiat this week.

Of course, the flow of data across borders will not cease or even diminish. Individuals will continue to carry iPhones on cross-Atlantic flights, “transferring data” (whatever that means) about their employers’ customers to “non-adequate” countries; and European individuals and businesses will access non-EU based websites and services, including banking, telecom, retail and cloud. Lawyers will be paid to produce paperwork, which bureaucrats will read; businesses continue to operate as before.

As Galileo said, “And yet it moves”.

More from Omer Tene

EU-U.S. Relations

The Brussels and Warsaw Privacy Peace Talks

Next month, FTC Commissioner Julie Brill and Danny Sepulveda, Deputy Assistant Secretary of State, will travel to Brussels to discuss privacy with EU officials. Later in the month, Poland will host the 35th Conference of Data Protection of Data Protection and Privacy Commissioners, a meeting that will be attended by privacy officials and stakeholders from around the world.  Both gatherings provide an opportunity to declare a cease fire in the war of words—a war in which most of the “incoming” has originated on the European side of the Atlantic in the wake of the Snowden NSA revelations, and a war that threatens progress in international cooperation on privacy.

More from Christopher Wolf

Opinion

Parallel Privacy Universes and PRISM

The U.S. and Europe seem locked in their own separate, parallel universes in the way they view PRISM and other recent revelations concerning law enforcement data access, as demonstrated by differences in transatlantic media coverage.

Here in Europe, discussion of law enforcement surveillance of electronic communications has dominated the major news media for the last few weeks. By contrast,...

More from Christopher Kuner

Opinion

The Impact of PRISM on International Data Flows

By Eduardo Ustaran, CIPP/E

An exasperatingly awkward challenge affecting the current data globalisation process is the prohibition on exports of data that is present in a number of the world’s data privacy laws.  This is something that European organisations have had to live with since the mid-90s, and frustratingly, the trend is being extended to other jurisdictions. Disregarding the reality of Internet and mobile communications, some policy-makers and regulators insist on building some sort of physical or at least digital fortress around the data within their jurisdiction with the aim of preventing unwanted interferences. In the most extreme cases, international data flows are only allowed under the express authorisation of a national regulator that will seek to scrutinise the safeguards in place to the finest detail.

More from Eduardo Ustaran