The USA has reached a deal with the European Union on how to better protect the privacy of data belonging to EU residents when their information flows to the U.S. This is important because Meta, Google and other tech companies have been in a legal limbo for several years:
The decision adopted by the European Commission is the final step in a yearslong process and resolves — at least for now — a dispute about American intelligence agencies’ ability to gain access to data about European Union residents. The debate pitted U.S. national security concerns against European privacy rights.
The accord, known as the E.U.-U.S. Data Privacy Framework, gives Europeans the ability to object when they believe their personal information has been collected improperly by American intelligence agencies. An independent review body made up of American judges, called the Data Protection Review Court, will be created to hear such appeals.
Didier Reynders, the European commissioner who helped negotiate the agreement with the U.S. attorney general, Merrick B. Garland, and Commerce Secretary Gina Raimondo, called it a “robust solution.” The deal sets out more clearly when intelligence agencies are able to retrieve personal information about people in the European Union and outlines how Europeans can appeal such collection, he said.
“It’s a real change,” Mr. Reynders said in an interview. “Protection is traveling with the data.”
Ani Chaudhuri, CEO, Dasera had this to say:
This EU-US Data Privacy Framework, the product of years of negotiation, attempts to balance national security and personal privacy. This feat is as complex as it is critical.
On the surface, it’s a commendable step. It provides a mechanism for EU residents to challenge perceived infringements on their data by US intelligence agencies and aims to ensure that protections are ‘traveling with the data.’ Yet, Max Schrems, a leading privacy activist, is already planning to sue, questioning the legality and practicality of the Framework. The situation underscores a fundamental question – is it possible to simultaneously maintain privacy and security in a data-driven world?
Firstly, let’s agree on this: data is the backbone of the modern economy. The absence of this agreement would have created a tumultuous environment for multinational businesses that rely heavily on data flows. However, this pact is a band-aid on a festering wound. It replaces the invalidated Privacy Shield but maintains many of its predecessor’s shortcomings.
Why? Because, at its core, the Framework assumes trust between EU citizens and American intelligence agencies. It assumes a complaint-based system backed by an independent review body would provide adequate redress. But let’s be real: how many Europeans would feel comfortable voicing their concerns, let alone feel confident that their complaint would be handled fairly and impartially? The primary question, as Schrems rightfully posits, is whether changes in US surveillance law can genuinely ensure Europeans’ privacy rights. I would argue that the answer is, as it stands, “no.”
The issues run deeper than policy alone. The EU-US Data Privacy Framework marks a step forward but doesn’t necessarily solve the problem. The elephant in the room remains the balance between privacy rights and national security concerns.
The current paradigm involves mass data collection, necessitating uncomfortable compromises on personal privacy for security. But should we not aspire for a system that allows us to achieve both? Technology, after all, is a great enabler.
I’m pretty sure that this isn’t going to make everybody happy. And by everybody I mean Meta. But this is a start to ensuring the privacy of users while using online services and products from tech companies.
Related
This entry was posted on July 11, 2023 at 12:30 pm and is filed under Commentary with tags Privacy. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
EU-US Data Privacy Framework Announced
The USA has reached a deal with the European Union on how to better protect the privacy of data belonging to EU residents when their information flows to the U.S. This is important because Meta, Google and other tech companies have been in a legal limbo for several years:
The decision adopted by the European Commission is the final step in a yearslong process and resolves — at least for now — a dispute about American intelligence agencies’ ability to gain access to data about European Union residents. The debate pitted U.S. national security concerns against European privacy rights.
The accord, known as the E.U.-U.S. Data Privacy Framework, gives Europeans the ability to object when they believe their personal information has been collected improperly by American intelligence agencies. An independent review body made up of American judges, called the Data Protection Review Court, will be created to hear such appeals.
Didier Reynders, the European commissioner who helped negotiate the agreement with the U.S. attorney general, Merrick B. Garland, and Commerce Secretary Gina Raimondo, called it a “robust solution.” The deal sets out more clearly when intelligence agencies are able to retrieve personal information about people in the European Union and outlines how Europeans can appeal such collection, he said.
“It’s a real change,” Mr. Reynders said in an interview. “Protection is traveling with the data.”
Ani Chaudhuri, CEO, Dasera had this to say:
This EU-US Data Privacy Framework, the product of years of negotiation, attempts to balance national security and personal privacy. This feat is as complex as it is critical.
On the surface, it’s a commendable step. It provides a mechanism for EU residents to challenge perceived infringements on their data by US intelligence agencies and aims to ensure that protections are ‘traveling with the data.’ Yet, Max Schrems, a leading privacy activist, is already planning to sue, questioning the legality and practicality of the Framework. The situation underscores a fundamental question – is it possible to simultaneously maintain privacy and security in a data-driven world?
Firstly, let’s agree on this: data is the backbone of the modern economy. The absence of this agreement would have created a tumultuous environment for multinational businesses that rely heavily on data flows. However, this pact is a band-aid on a festering wound. It replaces the invalidated Privacy Shield but maintains many of its predecessor’s shortcomings.
Why? Because, at its core, the Framework assumes trust between EU citizens and American intelligence agencies. It assumes a complaint-based system backed by an independent review body would provide adequate redress. But let’s be real: how many Europeans would feel comfortable voicing their concerns, let alone feel confident that their complaint would be handled fairly and impartially? The primary question, as Schrems rightfully posits, is whether changes in US surveillance law can genuinely ensure Europeans’ privacy rights. I would argue that the answer is, as it stands, “no.”
The issues run deeper than policy alone. The EU-US Data Privacy Framework marks a step forward but doesn’t necessarily solve the problem. The elephant in the room remains the balance between privacy rights and national security concerns.
The current paradigm involves mass data collection, necessitating uncomfortable compromises on personal privacy for security. But should we not aspire for a system that allows us to achieve both? Technology, after all, is a great enabler.
I’m pretty sure that this isn’t going to make everybody happy. And by everybody I mean Meta. But this is a start to ensuring the privacy of users while using online services and products from tech companies.
Share this:
Like this:
Related
This entry was posted on July 11, 2023 at 12:30 pm and is filed under Commentary with tags Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.