June 12, 2018 : MEPs call to suspend Privacy Shield framework

MEPs are calling on the European Commission to suspend the Privacy Shield framework. The Civil Liberties committee has voiced concerns over firms that have misused people’s personal data, following the Facebook-Cambridge Analytica data breach.  Ministers have drawn attention to the need for improvements in the monitoring of the agreement, particularly as both companies are certified under the EU-US framework. Cambridge Analytica has since gone into administration.

In a recent statement, MEPs called on US authorities to:

…act upon such revalations without delay and if needed, to remove companies that have misused Personal Data from the Privacy Shield list.  EU authorities should also investigate such cases and if appropriate, suspend or ban data transfers under the Privacy Shield.

MEPs call to suspend Privacy Shield framework

MEPs call to suspend Privacy Shield framework following the Facebook-Cambridge Analytica data scandal

MEPs have also expressed concern about the recent adoption of the Clarifying Lawful Overseas Use of Data Act – a US law that grants the US and overseas police agencies access to Personal Data across borders. They stated that the US law could have serious consequences for the EU and could potentially conflict with GDPR laws.

Claude Moraes, the Civil Liberties Committee chairperson said:

The LIBE committee today adopted a clear position on the EU US Privacy Shield agreement. While progress has been made to improve on the Safe Harbor agreement, the Privacy Shield in its current form does not provide the adequate level of protection required by EU data protection law and the EU Charter.

Privacy Shield is an agreement between the European Union and United States allowing american organisations, which are considered to have an apprpriate level of data protection, to transfer Personal Data from EU to the US.  It succeeds the Safe Harbour framework, which was invalidated by the Court of Justice of the European Union in October 2015, because it failed to provide adequate protection for the Personal Data of EU citizens.

Following this, the EU Commission negotiated the Privacy Shield deal, to ensure adequate protection of Personal Data being transferred and stored by companies in the US.

More data breach cases

Leave a Reply