Following twenty-seven EU and U.S. non-profit organizations in their letter of March 16, the Article 29 Working Party (WP29) in its opinion n° 01/2016 of April 13 and the EU Parliament in its resolution of May 26, it is now the turn of the European Data Protection Supervisor (EDPS) to express, in its opinion n°
EU-U.S. Privacy Shield
WP 29 Expresses Concerns About EU-U.S. Privacy Shield
This April 13, the Article 29 Working Party (WP 29, which includes the EU national data protection authorities) expressed its concerns regarding the Privacy Shield during a press conference. The WP 29 will publish its detailed written position at a future date. In short, WP 29 considers, among other things, that:
- the draft Privacy
…
EU-U.S. Privacy Shield Text Released
Yesterday the European Commission published the draft legal texts for the new data transfer agreement – the “EU-U.S. Privacy Shield” – that was reached at the beginning of February. The EU Commission also released a draft “adequacy decision” on the agreement, establishing that the safeguards provided when personal data is transferred under the…
EU-U.S. Privacy Shield: Better or Worse?
According to a tweet, Giovanni Buttarelli − the European Data Protection Supervisor (EDPS) − declared during the 2016 edition of the conference Computers, Privacy and Data held in Brussels: “Don’t do it again!” This declaration was addressed to the Privacy Shield negotiators.
On the one hand, the announcement of bilateral supervision measures and…
Advocate General Bot Proposes That CJEU Declare the Safe Harbor Invalid
On September 23, 2015, Advocate General Yves Bot delivered an opinion on the issue of the transfer of personal data from Facebook Ireland to Facebook USA, in light of the generalized access the National Security Agency (NSA) and other United States security agencies have to the data stored at Facebook USA.
The Advocate General states that the finding that a third country does or does not ensure an adequate level of protection is a shared competence between the EU Commission and EU Member States. As a consequence, the Advocate General takes the view that the existence of a decision adopted by the EU Commission cannot eliminate or even reduce the national supervisory authorities’ powers to form their own opinions on the general level of protection ensured by a third country. Indeed, he points out that the requirement that compliance with EU rules regarding protection of individuals’ personal data is subject to control by an independent authority, is also expressly stated in the Charter of fundamental rights of the EU.
Continue Reading Advocate General Bot Proposes That CJEU Declare the Safe Harbor Invalid
EU and U.S. Reach “Umbrella Agreement” on Data Transfers
The EU and U.S. reached an agreement on Tuesday (9 September) which will enable the two sides to exchange personal data during criminal and terrorism investigations.
The so-called “Umbrella Agreement” comes after four years of negotiations between the EU and U.S. and will protect personal data exchanged between police and judicial authorities in the course…