New trans-Atlantic data deal welcomed on Capitol Hill

Shutterstock image: global data concept art rendered in binary.

After months of wrangling, U.S. and European officials arrived at a new set of privacy rules for personal data moving across the Atlantic. The rules, hammered out in the wake of surveillance revelations by former National Security Agency contractor Edward Snowden, spell out limits on access to information for law enforcement and security purposes.

The new agreement, dubbed the EU-US Privacy Shield, is in line with European countries' stricter data-protection rules and provides for redress for individuals who feel their data has been improperly used.

"For the first time ever, the United States has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards and oversight mechanisms," EU Commissioner VÄ›ra Jourová said in a statement. "Also for the first time, EU citizens will benefit from redress mechanisms in this area."

The news was welcomed on Capitol Hill, where lawmakers had been concerned about roadblocks to trans-Atlantic commerce arising from the lack of an agreement that protected national security and personal privacy.

"I think those are always a balancing act," Sen. John Cornyn (R-Texas), a member of the Senate Judiciary Committee, told FCW. "What we tried to do in the Judiciary Committee and now with the Safe Harbor provision is to try to address both of those, and I think we've made some important progress."

Sen. John Thune (R-S.D.), chairman of the Commerce, Science and Transportation Committee, agreed. He led efforts by 50 other lawmakers last year to put pressure on Commerce Secretary Penny Pritzker and Federal Trade Commission Chairwoman Edith Ramirez to finalize the framework.

"This agreement is a needed victory for job-creation efforts in an already turbulent global economic situation," Thune said in a statement urging officials to implement the agreement without delay.

The framework also imposes an annual review to make sure U.S. intelligence agencies are not given access to the data of EU citizens, unless deemed critical.

Carl Schonander, senior director for international public policy at the Software and Information Industry Association, told FCW that he welcomes the new framework.

"For us, the most important thing is that countries [have] what we call interoperability mechanisms that allow for cross-border data transfers," he said. "The privacy shield is one such mechanism."

He also praised officials for negotiating a "living" agreement that will undergo an annual review process. "We will have to see once the system is put in place how that works," he said.

He added that "there needs to be a transition period so that companies adopt whatever new rules are contained in the privacy shield and implement them."

The rules could be implemented by early April. Meanwhile, the Senate is still considering the Judicial Redress Act, which extends benefits of U.S. privacy law to EU citizens so that they can challenge American companies in U.S. court if they feel their personal data has been misused.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected