President Joe Biden signed an executive order on Friday aimed at allaying concerns among Europeans that US intelligence agencies are illegally spying on them. It promises enhanced safeguards against data collection abuses and creates a forum for legal challenges.

The order is based on a Biden announced a preliminary agreement in March with European Commission President Ursula von der Leyen in an attempt to end a years-long battle over the security of EU citizens’ data that tech companies store in the US

However, the European privacy campaigner who initiated the battle did not think it had resolved the underlying issues and warned of further legal disputes. American privacy advocates, including the American Civil Liberties Union, were not happy either.

The revised Privacy Shield “includes a strong commitment to strengthen privacy and civil liberties safeguards for signals intelligence, which should ensure the privacy of EU personal data,” Commerce Secretary Gina Raimondo told reporters.

“It also requires the creation of a tiered redress mechanism with independent and binding powers for EU individuals to seek redress if they believe they have been unlawfully targeted by US intelligence,” she added.

Washington and Brussels have long been at loggerheads over friction between the European Union’s strict privacy rules and the relatively lax regime in the US, which lacks a federal privacy law. This has created uncertainty for tech giants including Google and Facebook parent Meta, raising the prospect that US tech companies may need to keep European data out of the US.

Industry groups largely welcomed Biden’s order, but European consumer rights and privacy campaigners, including activist Max Schrems, whose complaint sparked the court battle a decade ago, were skeptical about whether it went far enough and could once again find itself in block high court.

Friday’s order narrows the scope of intelligence gathering — regardless of the subject’s nationality — to “vetted intelligence priorities,” strengthens the mandate of a civil liberties officer in the office of the director of national intelligence and directs the attorney general to create an independent court to review related activities.

Europeans can appeal to a data protection watchdog court, which must be made up of judges appointed from outside the US government.

The next step: Raymond’s office was to send a series of letters to the EU’s 27 members, which his officials can assess as the basis for the new structure.

Executive body of the European Union European Commissionsaid the framework has “significant improvements” over the original Privacy Shield program and will now work on a final decision that clears the way for data to flow freely between EU and US companies certified under the framework.

Raimondo said the new obligations would address European Union legal concerns covering the transfer of personal data to the US as well as corporate contracts. The renewed framework “will enable the seamless flow of data that underpins more than $1 trillion in cross-border trade and investment each year,” Raimondo said.

Twice, in 2015 and again in 2020, the highest court of the European Union canceled the data privacy framework agreements between Washington and Brussels. The first legal challenge was filed by Austrian lawyer and privacy activist Schrems, who was concerned about how Facebook processed his data in light of the 2013 revelations about US government cyber surveillance by former US National Security Agency employee Edward Snowden.

European consumer group BEUC said that despite the extra safeguards, the fundamental differences between US and European privacy and data protection standards are too great to overcome. “No matter how hard the US authorities try to hide the cracks in the original Privacy Shield, the reality is that the EU and the US still have different approaches to data protection that cannot be overturned by executive order,” said the group’s deputy director. General, Ursula Pahl. “Once the data of EU citizens crosses the Atlantic, it will not be afforded the same protection as in the EU.”

The American Civil Liberties Union said Biden’s order was a “step in the right direction” but lacked adequate safeguards for Europeans and Americans. Ashley Gorsky, a senior staff attorney for the ACLU, said that “this does not ensure that people whose privacy has been violated will have their claims resolved by a fully independent decision maker.”

Additionally, the ACLU tweeted, “The order still allows our government to engage in the bulk collection of aggregated data.”

Schrems said that while his Vienna-based NOYB group will need time to study the ruling, he initially believes it “doesn’t seem to meet” some key requirements, including the necessity and proportionality of surveillance under the Charter of Fundamental Rights EU to avoid indiscriminate bulk data collection.

While the US included the two words, Schrems said the two sides did not seem to agree that they had the same legal meaning.

If that were to happen, “the US would have to significantly limit its mass surveillance systems to comply with the EU’s understanding of ‘proportionate’ surveillance,” Schrems said.


Chan contributed to this report from London.

Copyright 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, copied or distributed without permission.

https://www.wfmz.com/online_features/tech_talk_and_innovation/biden-order-promises-eu-citizens-better-data-privacy/article_95f38f5f-bfd8-5841-8693-3a1d6a56e312.html

Previous articleThe post-impact images of the DART mission did not disappoint
Next articleSuspect in Vegas stabbing to face two counts of murder – NBC10 Philadelphia