skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view

Summary

On February 29, 2016 the EU Commissioner for Justice released details about the forthcoming Privacy Shield agreement between the EU and the US. These details suggest that the agreement, the replacement for Safe Harbor, will have more safeguards in place than its predecessor. However, the road to its approval will not be without obstacles, mainly because the documents released on the day of the announcement do not offer reassurances about the end of bulk collection of personal data by the US authorities.

The approval of the new agreement is likely to face obstacles within the EU

Following a promising but generic announcement from the EU Commissioner for Justice early in February 2016, we now have more detail about the Privacy Shield agreement. This is intended to replace the now-defunct Safe Harbor agreement and ensure that the transfer of personal data between the EU and the US remains relatively smooth. However, although the new agreement appears to have more safeguards in place and a long-awaited process of judicial redress for data breaches, only time will tell if the process will be as effective as EU institutions are hoping.

The Privacy Shield must overcome significant hurdles before it becomes valid. The text will have to be approved by a committee representing the 28 EU member states and by the Article 29 Working Party, which groups together EU countries’ Data Protection Authorities. It is by no means certain that these bodies will give their approval without any comment on the text – something that largely depends on the assurance that recent reforms passed in the US on surveillance are effective. Some of the documents released by the EC suggest that bulk collection of personal data by US institutions could still occur in certain circumstances, which is likely to be an obstacle to the approval of the Privacy Shield.

The recent conflict between Apple and the FBI could also play a role in fostering the perception that, despite the formal steps the US has taken with regard to privacy safeguards for non-US citizens, in practice little has changed. Companies can only wait and see how this unfolds and will have to accept that uncertainty over privacy and data transfer rules could remain for some time.

Appendix

Further reading

“The French privacy regulator’s move against Facebook shows DPAs will not wait for Privacy Shield,” TE0007-000991 (February 2016)

Data Protection Tracker: 4Q15, TE0007-000955 (December 2015)

Author

Luca Schiavoni, Senior Analyst, Regulation

luca.schiavoni@ovum.com

Recommended Articles

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now