Personal Data, Trust, and their Economic Impact.
On February 24, 2016, President Obama signed into law a much needed piece of privacy legislation known as the “Judicial Redress Act of 2015”. The act extends some of the privacy protection rights of the Privacy Act of 1974 to nationals of designated foreign countries, regional economic integration organizations, or member country of such organizations, which are defined by the United States as a “covered country”.
Since 2013, trust in the US government and many US technology companies, especially telecommunication providers; fell to an all-time low due to the revelations made public by Edward Snowden about the United States National Security Agency (NSA) mass surveillance program on US and foreign citizens. The effects of such disclosure couldn’t be more noticeable than the reaction from the European community to these revelations. It was the disclosure of such a program that ultimately led to the Court of Justice of the European Union to declare the US and European Union (EU) Safe Harbor Framework invalid on October 6, 2015. The Safe Harbor framework was originally established in 2000 to facilitate the open flow of data between the US and the EU.
For a moment, the invalidation of the Safe Harbor agreement turned the US –European economic relationship into a tornado of uncertainty. Even though there were other ways for US companies to transfer data from the EU and meet their privacy and legal requirements (e.g. binding corporate rules and model contracts), the Safe Harbor was used by thousands of companies that had already met EU data protection standards under the agreement. Companies that relied solely on it were now left operating on an inacceptable framework. A new solution had to be found.
Fortunately, after many months of negotiations, on February 2, 2016, the EU Commission announced the creation of a new framework for transatlantic data flows titled the “EU-US Privacy Shield”. The Privacy Shield will replace the Safe Harbor agreement. As president Obama declared during the signing of the Judicial Redress Act, the Privacy Shield “provides tough new protections to safeguard consumer data, and it gives certainty to thousands of businesses representing hundreds of billions of dollars in trade.” The Judicial Redress Act was supported by many technology companies, which viewed it as a way to gain that trust back worldwide.
One of the elements of the Privacy Shield addresses the “clear safeguards and transparency obligations on U.S. government access” by stating that “The US has ruled out indiscriminate mass surveillance on the personal data transferred to the US under the new arrangement.” This element clearly gives the EU written assurance that generalized access of individual’s information for national security purposes conducted by the US will be subject to clear limitations, safeguards, and oversight. The Judicial Redress Act undoubtedly supports this element.
As we all know, trust is easily lost, but very hard to gain. The Judicial Redress Act and the EU-US Privacy Shield are a breath of fresh air to the current privacy worries of nations and individuals in Europe and other nations all over the world. They both point in the right direction to gain back the US trust. A regained trust in our public and private institutions will ultimately continue to bring economic and political stability and prosperity to nations and individuals alike.