US President Joe Biden signed an executive order implementing a data-sharing arrangement between the United States and the European Union that implements new American privacy standards for intelligence collection on Friday.
The agreement aims to put an end to the uncertainty that thousands of firms experienced when Europe’s highest court annulled two earlier agreements on worries about US eavesdropping.
According to US Commerce Secretary Gina Raimondo, the executive order “will safeguard the privacy of EU personal data” and “is the climax of our cooperative work to restore trust and stability to transatlantic data flows.”
The framework resolves the issues raised by the European Court of Justice, which invalidated the previous EU-US Privacy Shield system as a legal data transfer mechanism under EU law.
According to the White House, the framework “would reestablish a crucial legal underpinning for transatlantic data transfers,” which are “necessary to allowing the $7.1 trillion (roughly Rs. 5,86,18,300 crore) EU-US economic partnership.”
The White House claimed that Biden’s order strengthened the country’s existing “privacy and civil liberties safeguards” for intelligence gathering and established a multi-tiered, independent redress process for people who feel their personal information was improperly obtained by US intelligence agencies.
According to EU officials, the lengthy clearance procedure would take roughly six months to complete. They said that the previous approach, which the EU court rejected, merely provided recourse to an ombudsperson inside the US administration.
The US Justice Department is establishing a Data Protection Review Court to independently review CLPO’s decisions. Judges with experience in data privacy and national security will be appointed from outside the US government.
European privacy activists have threatened to challenge the framework if they did not think it adequately protects privacy.
According to the directive, the US Office of the Director of National Intelligence’s Civil Liberties Protection Officer (CLPO) will look into complaints and render judgments.
A Data Protection Examine Court will be established by the US Justice Department to independently review CLPO judgments. Judges with knowledge of national security and data privacy will be chosen from outside the US government.
European privacy campaigners have warned to challenge the framework if they believe it does not provide sufficient privacy protection.