Privacy Shield: US does not offer adequate level of protection, finds European Parliament
The European Parliament voted today in favour of a resolution , pointing out the inadequacy of the protection afforded by the EU-US Privacy Shield. Via this arrangement, the European Commission (EC) authorises the transfer of personal data to a third country, if that country guarantees an adequate level of protection.
In October 2017, the EC presented the first annual review of the functioning of the Privacy Shield framework, identifying several shortcomings. Today, nearly two years after the adoption of the mechanism, serious concerns remain about the lack of compliance by the US authorities. MEPs found that the current arrangements do not provide the adequate level of protection required by Union data protection law (GDPR) and that data transfer by companies from Europe to the US should be suspended until the US fully complies with the rules.
Sophie in 't Veld MEP, First Vice President of ALDE commented:
"It is quite clear that the US has no intention of complying with the agreements. European data subjects need a solution that is legally watertight. The Commission must demand that the US comply with the agreements immediately, and if not, permission for data transfer must be withdrawn from 1 September.
I understand the concerns of businesses who fear losing the legal basis for their data transfers. But the solution cannot be the pretence of compliance. In the current situation Privacy Shield gives legal protection to businesses, but zero data protection for citizens."
Nathalie Griesbeck MEP, LIBE Coordinator for ALDE added:
"The EU must protect the data of European citizens. The Privacy Shield - as an important framework for transferring personal data from the EU to the United States - must be secured by legal guarantees in order to be fully functional. That is why today we are calling on the United States to address our concerns about the lack of legal safeguards and potential remedy mechanisms.''
- ENDS -