Search in this section
Remember my password
Forgot password?
a member
<      Go back to list
ECTA Member’s Voice: Recap on the new EU-US Data Privacy Framework
By Delia Belciu, ECTA Data Committee Chair, DB Law Office, RO

The framework governing the transfer of data to and from the United States to EU is expected to change soon and the ECTA Data Committee is closely monitoring the developments.

Following the Court of Justice of the European Union decision as of July 16th, 2020, in the Schrems II case, the Privacy Shield framework which governed the data transfers between the EU - US was invalidated, with a big impact especially for the business sectors.

On March 25th 2022, the President of the European Commission, Ursula von der Leyen, and US President, Joe Biden, announced that they had reached an agreement in principle on a new EU-U.S. Data Privacy Framework. The framework is intended to foster trans-Atlantic data flows and to address the concerns raised in the Schrems II case. Following that, the EU and US teams worked for many months to finalise the details of this agreement and translate it into a legal framework.

On October 7th, 2022, US President, Joe Biden, signed an Executive Order on “Enhancing Safeguards for United States Signals Intelligence Activities”. The Executive Order introduces new binding safeguards to address all the points raised in the Schrems II case, limiting access to EU data by US intelligence services and establishing a Data Protection Review Court.

Along with the Regulations issued by the Attorney General on the same day, the Executive Order implements into US law the agreement in principle reached between the US Government and the European Commission.

The European Commission is to prepare a draft adequacy decision and then launch its adoption procedure.

Until then, model clauses, which companies can introduce in their commercial contracts, are the most used mechanism to transfer data from the EU. Last year, the Commission adopted “Standard Contractual Clauses” to facilitate their use, including in light of the requirements set by the Court of Justice in the Schrems II case.

All the safeguards that the European Commission has agreed with the US Government in the area of national security (including the redress mechanism) will be available for all transfers to the US under the GDPR, regardless of the transfer used tool.

The ECTA Data Committee will continue monitoring the developments on the agreement and will keep the ECTA community updated.

If you wish to join the Data or another ECTA Committee, General Committee Elections are coming up on 16 January 2023, check ECTA emails attentively in order not to miss your opportunity to apply!
<     PreviousNext     >