What Congress can do to maintain trans-Atlantic data flow

computers and globe_data sharing

A recent European Union court ruling rewrote the rules governing the trans-Atlantic movement of 15TB of data per second. Trillions of dollars in trade are potentially in jeopardy, said U.S. Chamber of Commerce global regulation head Adam Schlosser.

The European Court of Justice ruling struck down the longstanding "Safe Harbor" international agreement that had governed data transfers between the U.S. and the European Union since 2000. The ruling means that companies that can't afford separate European infrastructure for data storage could potentially run afoul of EU standards when moving personal customer data back and forth between the U.S. and Europe.

What's Congress to do?

Passing the Judicial Redress Act, would be a start, several panelists said at a panel discussion convened by the Chamber's Center for Global Regulatory Cooperation International. But even that legislation, aimed at giving some protection to foreign nationals under the Privacy Act of 1974, would be subject to U.S. authorities.

Digital freedom group Access' Amie Stepanovich warned that in the Senate, the legislation was being proposed as an amendment to the controversial Cybersecurity Information Sharing Act. Stepanovich said the pairing tied "one small step forward" with "a huge step backward" on digital privacy rights.

Four key lawmakers sent a letter to Commerce Secretary Penny Pritzker and Federal Trade Commission head Edith Ramirez urging regulators to update the Safe Harbor agreement. Stepanovich warned that a regulatory agreement" may be the wrong path to take."

She called, instead, for Congress to seriously reevaluate the scope of the American government's surveillance powers.

"At its heart, this is a surveillance decision," she said of the ECJ decision, which is widely seen as a consequence of the revelations of far-reaching Internet and telephone surveillance conducted by the National Security Agency.

Commercial data practices are relevant to the discussion, panelists noted, but what Uncle Sam does will have the biggest impact. Of course, the work to be done doesn't all lie on the American side.

"People in glass houses shouldn't throw stones," said Abigail Slater, VP, Legal and Regulatory Policy at the Internet Association. She noted that the European decision didn't compare U.S. surveillance practices of European nations, many of which she suspected were as far-reaching as those of the United States. And the court also didn't analyze legal changes since the 2013 revelations, which Slater said may paint a more favorable picture of how the U.S. handles foreigners' data.

Damien Levie, head of the Delegation of the European Union to the United States' trade section, offered words of comfort.

"We are reading too much into the judgment," he noted. The European court was "only answering a question from the [Irish] High Court," he noted, saying that the full impact of Safe Harbor's demise – and the future of the trans-Atlantic data flow – remains to be seen.

About the Author

Zach Noble is a former FCW staff writer.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected