The new move coming from the other side of the Ocean (and yes I mean the USA) is aligned with Mr. Trump approach to international agreements.
After the Paris climate agreement, Donald Trump’s presidency is shining again in its confrontation with old Europe.
The target now is the Privacy Shield Agreement, the agreement that has been reached between the USA and EU in order to protect the privacy of EU citizens whose data are collected by the USA company.
It should not comes out as a surprise, historically the two sides of the ocean have had a deep different approach to personal data protection.
Now according to section 14 of the just signed Trump’s executive order “Executive Order on Public Safety”, USA law enforcement agencies have to explicitly strip out from their privacy policies all non-US citizen and Resident.
In other words, no protection is assured to the data associated with EU citizens stored in USA datacenters.
Under the Privacy Shield, EU citizens have rights to redress – including judicial redress – for improper disclosure of their data. The Judicial Redress Act (JRA) of 2015, which extended to EU citizens the protections of the Privacy Act of 1974, was critical to European acceptance of the Privacy Shield.
Last month, with a stroke of the pen that could unsettle EU privacy watchdogs, President Trump issued an executive order directing that federal agencies craft their privacy policies to exclude non-US citizens from Privacy Act protections.
This clearly broke the Privacy Shield agreement. For the few of you that remember the story, this agreement comes out after the crashing of the previous safe harbor agreement.
Safe Harbor was declared ineffective by the European supreme court of justice after the Prism activity from the USA government was exposed. Now while Europe is moving towards GDPR adoption and a strict set of rules in order to protect the privacy of EU citizens and residents, the USA has loosened once again the rules exposing, as a matter of fact, EU citizen’s data to risk.
Considering the amount of data (from Facebook to Google, from Microsoft to Apple) that are under this protection act the magnitude of this is enormous, basically this unilateral USA decision put at stake most of the digital economy.
And just to be clear Privacy Shield was not perfect even from a European point of view: in September, an advocacy group known as Digital Rights Ireland asked the second-highest European Court to annul the agreement on the grounds that it doesn’t provide enough privacy protection for EU data. Shortly thereafter, a French civil liberties group filed a similar suit. So the new Trump administration moves hardly will encounter an easy acceptance in the EU.
Now to be fair the impact of the new Executive Order against the Privacy Shield is not clear, someone in Trump administration is suggesting that eventual access to EU citizen data would be not due to mass surveillance and therefore the agreement is not in jeopardy, but considering precedents and the current relationships between USA and EU those sound more like empty words to address the internal USA electoral base (see us EU fault, we’re doing right) than a clear and honest analysis.
Some legal experts, however, have downplayed that concern by pointing out that the order seems to include an exception for Privacy Shield. But given the recent skittishness of European regulators about U.S. surveillance, calls are mounting for the White House to publicly reassure Europeans the order doesn’t affect their data.
We will see what will happen.
For sure the distance between the USA and the EU has not been bigger, and at the moment (but I am on the EU side) we are on the side to protect our planet from climate change, protect privacy and freedom of citizens from unwanted access.
Dataprotection #EU-U.S. #Privacy Shield #TrumpPrivacyAct #GDPR
Nessun commento:
Posta un commento