Advertisement

Big tech blackout set to be averted with EU-U.S. data pact

European Commission President Ursula von der Leyen
European Commission President Ursula von der Leyen announced a new data-transfer agreement with the U.S. “balancing security, the right to privacy and data protection.”
(Julien Warnand / Associated Press)
Share via

The European Union and U.S. broke the deadlock on a new data-transfer pact, potentially avoiding a doomsday scenario for tech giants such as Meta Platforms and thousands of other firms that rely on free flows of information across the Atlantic.

The EU and U.S. said Friday they agreed in principle to a new accord after a previous arrangement was struck down because of concerns over the power of American agencies to snoop on the information without adequate privacy safeguards.

This new pact will “enable predictable and trustworthy data flows, balancing security, the right to privacy and data protection,” European Commission President Ursula von der Leyen said in a tweet.

Advertisement

While negotiators will still need to work out the finer details, the result could signal an end to the uncertainty over data flows that led Facebook owner Meta to warn of a potential withdrawal from the EU if the legal vacuum persisted.

The legal fears escalated when the EU Court of Justice, the bloc’s top court, in a surprise 2020 ruling toppled the so-called Privacy Shield, a transatlantic transfer accord, over long-standing fears that citizens’ data weren’t safe from American surveillance.

Even though judges upheld a separate contract-based system to keep transferring data, the doubts they expressed about American data protection made this a shaky alternative.

Advertisement

With concern growing about the global internet fragmenting, this agreement will help keep people connected and services running. It will provide invaluable certainty for American and European companies of all sizes, including Meta, which rely on transferring data quickly and safely.

The political agreement on Friday follows a visit by President Biden to Brussels, where he also joined back-to-back summits Thursday with NATO, the Group of 7 and the EU.

The breakthrough was aimed at ensuring data privacy and security and to protect data traffic “which formed the foundation of a $7.1 trillion economic relationship between the U.S. and the EU,” White House national security advisor Jake Sullivan told reporters on Air Force One after the session in Brussels.

Advertisement

In their own words, former Tesla employees describe what they call a racist work environment that led California to file a civil rights lawsuit against the company.

The accord “really puts us in a position to ensure that American technology firms — big firms, yes, but especially small and medium-sized firms — will be protected as we go forward and can fully and safely operate within the context of the U.S.-EU economic transatlantic economic relationship,” Sullivan said.

The EU court’s 2020 ruling forced regulators on both sides of the Atlantic and EU data protection authorities back to the drawing board, grappling with the ramifications amid doubts about the safety of EU user data once they have been shipped to the U.S. The ruling meant thousands of businesses that ship commercial data to the U.S. had to figure out alternative ways to keep their data flowing.

Data transfers have been fraught with difficulty for years, with EU judges unafraid to weigh in. The EU top court in 2015 struck down an earlier transatlantic data-transfer system, called Safe Harbor, over concerns U.S. spies could get unfettered access to EU data.

This time, the U.S. said it’s made “unprecedented commitments,” addressing the EU court’s concerns, including:

  • Strengthening the privacy and civil liberties safeguards governing U.S. signals intelligence actions.
  • Creating a new redress mechanism for EU citizens that acts independently and has binding authority.
  • Enhancing U.S. oversight of its communications gathering intelligence activities.
  • Requiring U.S. intelligence agencies to adopt ways to better oversee new privacy and civil liberties standards.

The controversy goes back to 2013, when former contractor Edward Snowden exposed the extent of spying by the U.S. National Security Agency. Privacy advocate Max Schrems has been challenging Facebook in the Irish courts — where the social media company has its European base — arguing that EU citizens’ data are are at risk upon transfer to the U.S.

Schrems said on Friday he’s not convinced that the new draft accord would solve the problems of the previous ones and questioned the timing of the announcement.

Advertisement

“The deal was apparently a symbol that Von der Leyen wanted, but does not have support among experts in Brussels, as the U.S. did not move,” he said in an emailed statement. “It is especially appalling that the U.S. has allegedly used the war on Ukraine to push the EU on this economic matter.”

Bloomberg writers Jordan Fabian and Josh Wingrove contributed to this report.

Advertisement