EU-US commercial data transfer pact clears final hurdle

It should end legal uncertainty for companies such as Google, Facebook and MasterCard

Facebook CEO Mark Zuckerberg:  after the EU’s top court struck down the previous data transfer framework, Safe Harbour, due to concerns about intrusive US surveillance, companies such as Google, Facebook and MasterCard were left with legal uncertainty. File photograph: Stephen Lam/Reuters
Facebook CEO Mark Zuckerberg: after the EU’s top court struck down the previous data transfer framework, Safe Harbour, due to concerns about intrusive US surveillance, companies such as Google, Facebook and MasterCard were left with legal uncertainty. File photograph: Stephen Lam/Reuters

A commercial data transfer pact provisionally agreed by the EU executive and the United States in February received the green light from EU governments yesterday, the European Commission said, paving the way for it to come into effect on Tuesday.

Its introduction should end months of legal uncertainty for companies such as Google, Facebook and MasterCard after the EU's top court struck down the previous data transfer framework, Safe Harbour, due to concerns about intrusive US surveillance.

Representatives of EU member states mostly voted in favour of the EU-US Privacy Shield, but there were abstentions from Austria, Slovenia, Bulgaria and Croatia, sources said. Austria and Slovenia said the pact does not go far enough to secure citizens' privacy.

The Privacy Shield seeks to strengthen the protection of Europeans whose data is moved to US servers by giving EU citizens greater means to seek redress in disputes.

READ MORE

For 15 years Safe Harbour allowed US and European firms to get around EU data transferral rules by stating they complied with European privacy standards when storing information on US servers.

Online advertising

Cross-border data transfers by businesses include payroll and human resources information, plus lucrative data used for targeted online advertising.

Brussels and Washington intensified negotiations to hammer out a replacement for Safe Harbour after the Court of Justice of the European Union in October declared it invalid because it did not sufficiently protect Europeans' data from US snooping.

“It (the Privacy Shield) is fundamentally different from the old Safe Harbour: It imposes clear and strong obligations on companies handling the data and makes sure that these rules are followed and enforced in practice,” commission vice-president Andrus Ansip and justice commissioner Vera Jourova said in a statement. – (Reuters)