• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » News » The end of Privacy Shield: what next?

The end of Privacy Shield: what next?

by Emma Woollacott
22 July 2020
in News
0
The end of Privacy Shield: what next?

data security concept, mobile application access, login and password

0
SHARES

A European Court of Justice (ECJ) ruling invalidating the Privacy Shield agreement leaves the future of EU-US data transfers up in the air.

Late last week, the ECJ concluded that Privacy Shield failed to protect the privacy of people whose data was being transferred to the US. US surveillance programs, it said, were not limited to what was strictly necessary, and data subjects didn’t have legal recourse in the US in the event of complaints.

The ruling’s been welcomed by privacy campaigners. “This should be a wake-up call to US policy-makers and tech companies,” says executive director of Article 19 Quinn McKew. 

“The lack of data protection and pervasive mass surveillance that has been normalized in the US needs urgent reform if the country is going to remain competitive globally and truly defend privacy and free expression.”  

However, the ruling means that companies that have relied on Privacy Shield to legitimize their transatlantic data transfers can no longer do so. They will be able to rely on Standards Contractual Clauses (SSCs) – but with extra safeguards that may not always be possible.

“Parties using Standard Contractual Clauses to transfer personal data from the EEA to countries outside must not do so if, in their assessment, the recipient country doesn’t provide an adequate level of protection,” explains Adam Rose, a partner at law firm Mishcon de Reya. 

“There must now be serious questions as to whether any transfers to the US can be valid.”

Other legal mechanisms

Where companies are transferring data to the US within their own organization, they can use Binding Corporate Rules (BCRs) – but there are problems. 

“BCRs are complex to set up, especially in a joint venture or fractional ownership environment, and require entities to accept liability for litigation by data subjects,” says Ben Rapp, founder and principal of data privacy consultancy Securys. 

“Critically, BCRs have to be formally approved by the organization’s local EU regulator, which may be difficult to achieve in this new context and will certainly introduce significant delay.”

And while Article 49 derogations can cover commercial dealings, these are not to be used for repetitive transfers, though they could facilitate occasional sales from the US to the EU.

So far, there’s not been much response from the US, apart from a rather pointed statement from the Secretary of Commerce Wilbur Ross.

“While the Department of Commerce is deeply disappointed that the court appears to have invalidated the European Commission’s adequacy decision underlying the EU-US Privacy Shield, we are still studying the decision to fully understand its practical impacts,” he says.

“We have been and will remain in close contact with the European Commission and European Data Protection Board on this matter and hope to be able to limit the negative consequences to the $7.1-trillion Transatlantic economic relationship that is so vital to our respective citizens, companies, and governments.”

Presumably, some sort of new deal will be thrashed out – though it’s hard to see how it can be done in any reasonable timeframe.

As Rapp points out, “It’s bound to take some time, since cobbling Privacy Shield quickly was the mistake that led to today’s decision, and in the meantime, existing data flows to the US are likely to be unlawful in many cases.”

ShareTweetShareShare

Related Posts

Is PayPal’s crypto move a game-changer for bitcoin?

Cryptocurrency crime drops in 2020 but ‘DeFi’ breaches rise, study finds

28 January 2021
The U.S. flag is seen on a building on Wall St.

Costly short squeeze makes Reddit required reading on Wall Street

28 January 2021
Huawei logo display

White House vows to protect U.S. telecoms network from Huawei security threat

28 January 2021
The Apple Inc. logo is seen hanging at the entrance to the Apple store on 5th Avenue in Manhattan

Apple says new privacy notifications to roll out in ‘early spring’

28 January 2021
Next Post
Cautious welcome for UK Huawei decision

Cautious welcome for UK Huawei decision

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83059 shares
    Share 83049 Tweet 0
  • 8 best cybersecurity podcasts for 2021

    56 shares
    Share 56 Tweet 0
  • Walmart-exclusive router and others sold on Amazon & eBay contain hidden backdoors to control devices

    13365 shares
    Share 13361 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Network Attached Storage

    0 shares
    Share 0 Tweet 0
Europol building

Europol distributes anti-malware code via the Emotet botnet

28 January 2021
Is PayPal’s crypto move a game-changer for bitcoin?

Cryptocurrency crime drops in 2020 but ‘DeFi’ breaches rise, study finds

28 January 2021
Privacy is an illusion. But that‘s a good thing

Privacy is an illusion. But that‘s a good thing

28 January 2021
Will quantum cryptography break classical encryption?

Will quantum cryptography break classical encryption?

28 January 2021
TikTok logo

Potentially massive TikTok vulnerability patched

28 January 2021
The U.S. flag is seen on a building on Wall St.

Costly short squeeze makes Reddit required reading on Wall Street

28 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!