On Oct. 7 of this year, President Biden signed an Executive Order that could impact the security of companies and billions of people across the Atlantic in both the U.S. and European Union (EU). Biden reached an agreement with the EU’s president, Ursula von der Leyen, and signed off on the revised EU-U.S. Data Privacy Framework.
This was not the first time the two countries had met in regards to establishing an EU and U.S. privacy agreement in 2022.
Biden and von der Leyen originally met in March to come up with a privacy agreement between the two bodies.
During that meeting, the EU addressed their frustration when it came to the American surveillance program and how they felt that there was not enough safeguard on the sharing and protection of European citizen’s personal information. This meeting was to address the Schrems II case in July 2020 that got rid of the previous transatlantic agreement between Europe and the U.S. that increased the ease with which companies could transfer personal data across the world.
The case opened after European native Max Schrems filed a lawsuit as he felt that his personal privacy was infringed upon by Facebook since they could share his — and the information of millions of other Europeans — to U.S intelligence agencies.
The new framework not only puts more emphasis on protecting the privacy of current European citizens, it also gives citizens the right to redress when they feel as though there is a violation of their privacy. Concerns and cases of data infringement will be reviewed in a newly established Data Protection Review Court.
The improved implementation of citizen redress from the current frameworks could have a huge impact on platforms such as Google Analytics. The tool’s use of IP addresses and user web data might be deemed a privacy invasion for some European countries, making it hard for the platform as well as companies that rely on Google Analytics to market their products and form suggestions based on user statistics.
“It’s a serious risk to transoceanic trade if these privacy rules are so strict that companies can’t transfer data back to the United States,” said Peter Swire, professor in the Scheller College of Business and former member of President Obama’s Review Group on Intelligence and Communications Technology.
Swire mentioned that at one point in 2020, companies such as Facebook considered withdrawing from the European market due to the strictness of its privacy laws.
Although the current Executive Order has made it easier for Facebook and other companies to navigate in the current market, they are still susceptible to experience change, as the EU might feel that the current framework should enforce stricter privacy restrictions as they did in 2020.
In large, the U.S. appeared more than willing to work with the EU to address and agree with their concerns on data privacy.
During a White House press release on Mar. 25, President Biden stated that the new framework would “knit our economies and our people closer together,” exemplifying the effort from the U.S. to meet the desires of the EU.
The EU and the U.S. are allies; not coming to a mutual privacy agreement could lead to an “enormous range of digital services being cut off,” said Swire. This would hurt both sides as Europe and the U.S. both lose an economic benefit by not trading with one another. That is why a common agreement for the framework is so important because not doing so could have led to the cutoff of Atlantic trade, according to Swire. Whether or not the U.S. has met the EU’s privacy expectations is hard to determine, but it is safe to assume that the U.S. has made great efforts to “create legal protection the European Union has called for,” said Swire.
This new framework could possibly lead to a stronger consideration of privacy laws on the state level. In 2004, the California Online Privacy Protection Act was passed, which protected residents’ privacy data on online websites.
Since then, Congress and the United States legislature have been working on passing a bill similar to California’s pioneering law. With the new EU and U.S. privacy framework being signed, Congress could be motivated to pass other privacy bills on the national level.
With a plethora of changing policies regarding data privacy and government oversight, only time will tell how this new framework will manifest in the lives of U.S. and EU citizens.
More information regarding the data privacy framework can be found on whitehouse.gov/briefing-room/statements-releases/2022/10/07/fact-sheet-president-biden-signs-executive-order-to-implement-the-european-union-u-s-data-privacy-framework/.