Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
A recent privacy agreement struck between the U.S. and EU has not gone down very well with privacy groups who are challenging the decision in the Luxembourg-based General Court.
The EU-U.S. pact – dubbed the ‘Privacy Shield’ – was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic the right to transfer personal data from the EU to the U.S.
This was apparently done in accordance with stringent EU data protection requirements. The aim of transferring data between the Atlantic is to support commerce and trade, but there are still data protection concerns.
The Privacy Shield agreement could be seen as a ‘consolation prize’, or others may say an alternative, as the EU courts ruled that the previous Safe Harbor Principles were found to be in breach of EU privacy rights. This is because the U.S. surveillance of online data was found to be too intrusive. There may be a greater justification for more intensive surveillance in the U.S. following a string of terrorist attacks. The Safe Harbor Principles permitted a transfer of EU citizens’ data to the U.S., however it’s no longer legally enforceable or recognised as complying with EU data protection laws.
Although the Privacy Shield Framework has been given the green light from the European Commission, there are still key concerns that remain.
It’s questionable as to why citizens of the EU were not properly consulted about the agreement prior to its enforcement. At the end of the day, it’s our data that both the EU and the U.S. are dealing with…
French privacy interest groups, including privacy advocacy group La Quadrature du Net (a non-profit internet service provider), French Data Network, and its Federation FDN industry association, have challenged the adoption of the agreement. These privacy groups seem to be following Digital Rights Ireland’s steps. The Irish privacy group successfully litigated against the EU Data Retention Directive which compelled all ISPs and telecom companies operating in Europe to collect and retain outgoing and incoming phone numbers, along with other sensitive data such as location data for a span of six months to two years.
This was found to be unconstitutional.
There are also concerns of cyber security. As our data is spread further and across many more organisations, there is a heightened responsibility of these companies to abide by data protection rules and to ensure that our data is secure. It’s reported that more than 500 companies – including Google, Facebook and Microsoft – have signed up to the new agreement.
Are there adequate protections?
There are advocates to suggest that the agreement strengthens privacy protections for EU citizens as they can seek redress through the Ombudsman in the State Department. However, I believe the agreement has caused potential risks for further data hacking. I cannot see how the U.S. Ombudsman are an effective means for redress. With cyber-attacks sharply rising in recent years, and data breaches costing organisations and businesses millions, everyone needs to be more proactive in securing personal data. This is even more the case now that our data is being passed across the Ocean!
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020