Legal Business Blogs

‘A little upgrade’: Privacy Shield in force but legal challenge still expected

Posted on |
Cyber security

Despite the European Commission’s new data privacy framework coming into force this week, City lawyers still believe a legal challenge is likely.

The framework now called Privacy Shield, was adopted by the European Commission yesterday (12 July) and makes it easier for organisations to transfer data across the Atlantic. The framework replaces invalidated ‘Safe Harbour’ scheme.

Under the new rules, US organisations will have to apply for certification under the new Privacy Shield from August to import data from EU.

The European Commission said the Privacy Shield puts stronger obligations on companies handling data and safeguards on US government access to data. It also offers the possibility of free dispute resolution and the chance for EU citizens to bring complaints to a US intelligence ombudsman reporting to the Secretary of State.

But the new privacy shield has come under scrutiny from City data protection lawyers. Taylor Wessing head of UK data protection Vinod Bange said it was ‘not the end of the story on EU-US data transfers’.

Bange (pictured) said: ‘EU organisations transferring personal data to the USA should have the comfort of knowing that there will be no barriers to data transfers where a US organisation has signed up to the Privacy Shield and complies with its requirements.’

However, Bange added new framework was likely to face a legal challenge from Schrems and other privacy activists.

Related  Welcome to the hurricane – Latam GCs struggle with corruption clampdown

Dentons co-chair of data privacy Nick Graham told Legal Business: ‘Privacy Shield is a substantial improvement on Safe Harbour with much more robust redress mechanisms and a proper assessment of US privacy adequacy. Inherently there could be a challenge because there remains a question on essential equivalence [between US and European privacy laws].’

Graham said some firms would sign up to Privacy Shield to keep data flowing, but others were likely to wait until after the expected legal challenge.

He said: ‘We need to find a way to transfer data internationally, we can’t simply pull up the digital drawbridge. Shutting down the options is no realistic solution.’

Schrems said the new regulation was very likely to fail again and was a ‘little upgrade’ from Safe Harbour.

He added: ‘This deal is bad for users, which will not enjoy proper privacy protections, and bad for businesses, which have to deal with a legally unstable solution.’

European Commission Digital Single Market vice president Andrus Ansip said in a statement: ‘Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions.’

matthew.field@legalease.co.uk

Share
Tweet
Share
Reddit
WhatsApp
Email

Related Content

Mishcon boosts fledgling cyber security consultancy serviceMishcon boosts fledgling cyber security consultancy service
No more weak links – elite law firms unite to fight cyber security threat
Sponsored briefing: As data breach becomes a battleground for class action litigation, companies need to take a risk-based approach to cyber securitySponsored briefing: As data breach becomes a battleground for class action litigation, companies need to take a risk-based approach to cyber security

More in Blogs

‘We’ll continue to look for talent’: Sidley’s London growth streak continues with double-digit revenue hike ‘We’ll continue to look for talent’: Sidley’s London growth streak continues with double-digit revenue hike
Allen & Overy returns to Milbank for City restructuring hire Allen & Overy returns to Milbank for City restructuring hire
‘I had strong support and people wanted me to continue’: Bakers’ Poulton seals second term as head of London office ‘I had strong support and people wanted me to continue’: Bakers’ Poulton seals second term as head of London office