Brussels, BELGIUM – Today, the European Commission presented an “adequacy decision” that clears the way for European and US businesses to transfer EU personal data to the United States. This comes after more than two years of legal uncertainty for transatlantic data flows.
The draft decision follows a recent US Executive Order providing new privacy safeguards for EU residents. President Biden’s Order also introduced a two-step redress mechanism, allowing Europeans to enforce those protections before US independent authorities.
With today’s announcement, the Commission recognises that the safeguards introduced by the United States provide a level of data protection to European citizens which is at least equivalent to those they already enjoy under EU law.
The Computer & Communications Industry Association (CCIA Europe) has long advocated for strengthened privacy protections and a durable legal framework for EU-US data flows.
Several of the new US safeguards are already in force. Yet, legal uncertainty will continue to persist for companies as long as today’s draft decision has not been formally approved by EU Member States, CCIA Europe warns. A vote on the new data transfer mechanism is expected in the coming months, but CCIA calls on EU Member States to end the two-year impasse as soon as possible.
Transatlantic data flows are essential to the €5.5 trillion annual EU-US economic relationship, which includes the busiest internet route in the world. Since an EU Court ruling invalidated the previous data transfer framework Privacy Shield in 2020, European and US companies have been without clear guidelines for data transfers.
The following can be attributed to CCIA Europe’s Public Policy Director, Alexandre Roure:
“CCIA Europe welcomes the European Commission’s draft decision, which recognises that the new safeguards provided under US law adequately protect European citizens’ data.”
“The US government has taken unprecedented steps to protect the privacy of Europeans in cases where its own national security is at stake. We urge EU Member States to approve the adequacy decision without delay, and restore legal certainty for businesses on both sides of the Atlantic.”
“CCIA commends the European Commission and the US government for their hard work to address the privacy concerns identified by the European Court of Justice.”