After three months of uncertainty, there’s finally an update on the new Safe Harbour and it’s…interesting. The new agreement is called Privacy Shield and it sounds like it should be moonlighting in an Avengers movie, not dictating the privacy rights of millions. It seems several others would agree with me here because for many, it’s not really solving the issue.
The Safe Harbour agreement was put in place to allow unlimited transfer of data between the EU and the US. Many felt that it wasn’t doing a good enough job vetting the data security credentials of US companies so, in October last year, it got the boot. Ever since then the US and EU have been trying to come to an agreement, and this is the provisional suggestion.
So, what does Privacy Shield offer?
Europe’s Commissioner for Justice, Consumer and Gender Equality Vera Jourova has been working alongside the US Commerce Secretary on the new deal. She has promised that the deal will be “fundamentally different to Safe Harbour” in order to withstand another legal challenge, guarantee citizens their fundamental right to protection of personal data and “ensure legal certainty for business”.
In human speak, it’s designed to do a few key things, including safeguarding the data of EU citizens against authorities (like the NSA), give citizens the right to take legal action against companies using their data, create an independent ombudsperson to oversee that it’s not taking liberties (literally), and have an annual review procedure.
The agreement also promises that a top US official will send a letter promising that the US will avoid “indiscriminate mass surveillance” of EU citizens.
The details will be hammered out over the next few days and will probably take around three months to come into effect. The Commissioner’s also assured the rules will be suitable when the new data protection regulations arrive in 2018.
Problem is, several Members of the European Parliament are worried this still doesn’t have any legal clout, and will be ignored by politicians later down the line. The language has also been described as ‘woolly at best’ and privacy experts still seem to think it doesn’t offer enough protection in the cold, hard language of the agreement. There are also still legal loopholes that would mean the data of millions of Europeans could still potentially be up for grabs more than you’d probably want.
Essentially, they were digging around in our data before, what’s to stop them doing it now? Not this, by the looks of it.
The fact is that, the same questions still remain: is your data safe outside the EU? Do you have control over your data?
To find out more about the Safe Harbour situation and the questions you need to ask to guarantee data sovereignty, download our whitepaper.