Extract from Linda A. Thompson’s article “Is the Third Try the Charm? EU Officials Say This Time the New Data Deal Is Legally Sound; Privacy Advocates Disagree”
The European Commission has adopted a new agreement allowing companies to resume the transfer of users’ personal data across the Atlantic without needing to put in place special safeguards to keep that data safe. But privacy advocates say the new agreement—the third attempt at making data transfers GDPR-compliant—still violates European law.
Once again, they plan to challenge the new agreement in the European Court of Justice, they say.
EU officials say the new deal, reached after long negotiations, offers a “durable and reliable legal basis” for the trans-Atlantic data flows that are worth billions of euros in cross-border commerce.
By adopting a so-called adequacy decision for the new EU-U.S. Data Privacy Framework, Brussels officials have essentially declared that the personal data of EU consumers is as safe inside the bloc as it is in the U.S. The decision allows tech giants like Meta and Google to send personal data across the Atlantic without needing to put in place special or additional measures to ensure this data stays safe once it leaves the EU.
“Following the agreement in principle I reached with President Biden last year, the U.S. has implemented unprecedented commitments to establish the new framework,” European Commission President Ursula von der Leyen said in a statement announcing the decision. “Today we take an important step to provide trust to citizens that their data is safe, to deepen our economic ties between the EU and the U.S., and at the same time to reaffirm our shared values.
