Back in July 2023, the United States and European Union (EU) agreed on this framework called the Data Privacy Framework. This is an extremely important framework for both the US and the EU’s economies.
The International Safe Harbor program, which was started in 2000, allowed EU and US businesses to exchange data. This was a very important program as the European Union generally is very protective of its citizens’ data, only allowing data transfers between member states and states with adequate protections. This program allowed for there to be closer business relations between the US and the EU. This came under fire with the Maximillian Schrems v Data Protection Commissioner case in the European Court. Maximillian Schrems is a data privacy activist and wanted his data taken off of Facebook, which at the time was not possible as Facebook was registered with the International Safe Harbor. The European Court decided that the United States did not provide enough protection for its data to justify keeping the program around.
The Privacy Shield was the program that succeeded the Safe Harbor Program, which the US negotiated with the EU in the aftermath of the Schrems case. The Privacy Shield accomplished the same goals as the Safe Harbor. The main differences addressed some of the grievances brought up by the Schrems case, most notably including stricter accountability. In July 2020, the Privacy Shield was invalidated after Maximillian Schrems filed another lawsuit alleging that the United States still does not have adequate protections.
The story of US-EU data transfer ends for now with the United States negotiating the Data Privacy Framework to ensure strong business relations. This history brings up many questions regarding the United States and the protections it currently has in place regarding data protection.
Comments