Trends

Article 29 WP sceptical on the EU/US Privacy Shield

Article 29 WP sceptical on the EU/US Privacy Shield

Article 29 WP sceptical on the EU/US Privacy Shield

14.04.2016

On 6 October 2015, the CJEU invalidated the U.S. Safe Harbor.

The EU Commission then published a draft adequacy decision on 29 February, putting in place a new legal framework for transatlantic transfers of personal data (the “Privacy Shield”).

Yesterday, the WP29, a body composed of all the EU DPAs, issued its opinion on the Privacy Shield. It welcomes the “significant improvements brought by the Privacy Shield compared to the Safe Harbour decision”. However, it expresses several concerns and urges the Commission to resolve them. The main points of criticism are:

  1. the Privacy Shield package lacks clarity, both in terms of structure and language;
  2. some key EU data protection principles are not reflected, barring a finding of “essential equivalence”; and
  3. within the context of surveillance, there is no clear limitation on massive and indiscriminate collection of personal data originating from the EU.

Although this opinion is not legally binding, it is an important step as regards the ultimate final approval of the Privacy Shield by EU countries. You can find the opinion here.
 

Team

Related news

05.11.2021 EU law
European Strategy for Data: short analyse of the proposed regulation of data governance (Data Governance Act)

Articles - On 25 November 2020, the European Commission published a proposal for a regulation on data governance  and a related Q&A. On 1st October 2021, the Council of the European Union agreed position on Data Governance Act. That will allow the Council presidency to start negotiations with the European Parliament. Both the Council and the European Parliament will need to agree on the final text. This blog briefly present the proposal of the European Commission.

Read more