Cybersecurity

Tech groups hit back at EU privacy regulators

Technology groups on Wednesday quickly pushed back on Europe’s data privacy regulators for failing to affirm a pending data transfer deal between the U.S. and the EU.

“We are disappointed that the Article 29 Working Party has not affirmed the adequacy of the EU-US Privacy Shield Framework,” said Daniel Castro, vice president of the Information Technology and Innovation Foundation, a technology think tank. 

{mosads}“While members of the Article 29 Working Party should continue to offer suggestions on how to strengthen this agreement — and there are opportunities for improvement — the opportunity for improvement should not preclude official approval of the agreement,” he said.

In a tensely awaited opinion issued Wednesday, the working party of data protection authorities argued that the carve-out for national security purposes in the Privacy Shield is too broad, leaving EU citizens’ privacy unprotected in the U.S. 

BSA The Software Alliance, a software industry group, pushed back on the critique, noting that it “does not fully share” the views put forth by the working party. 

“In particular, we believe the new privacy safeguards that were recently introduced into US law as well as in the Privacy Shield itself allow for a finding of essential equivalence between the EU and US regimes,” the organization said in a statement.

The agreement is intended to replace a 2000 agreement that allowed U.S. firms to legally handle European citizens’ data. It was struck down in October over privacy concerns, leaving negotiators racing to craft the new arrangement.

The working party’s opinion is not binding, but pact must clear other hurdles — including a resolution by the European Parliament — before it can be finalized by the two governments.

In the meantime, supporters of the deal say, businesses on both sides of the Atlantic have been left in legal uncertainty.

If the deal is not finalized, businesses fear a chilling of transatlantic trade, valued at $1 trillion in 2014.

Critics of the working party’s decision see Wednesday’s opinion as exacerbating that uncertainty.

“Given the crucial importance of transatlantic data flows to the global digital economy, the national data protection authorities should not try to hold the digital economy hostage to extract further tweaks to the agreement,” Castro said.