A US-EU data privacy order signed in Washington. It’s the EU’s turn now

Call it mending fences or acknowledging political reality, the United States last week budged on its desire for less-fettered access to the private data of people in the European Union.

President Joe Biden signed an executive order agreeing to new rules for the interception of the private information of EU citizens by U.S. spy agencies. A summary of the order can be found here.

It is no small consideration that the data involved is biometric, including face scans. The same is true with the conflicting politics of the effort to protect – or not – cross-Atlantic personal data.

European political leaders and courts rejected a previous data-transfer agreement as inadequate for their citizens. They have for years wanted equal treatment of an individual’s private data in the face of the United States’ intelligence community’s ravenous appetite for digital information.

The proposed framework must still be reviewed by multiple EU agencies, including a final decision by the European Commission. That could happen next year, according to reporting by tech-business publication TechCrunch. An agreement in principle was announced in March.

It will not have gone unnoticed on either side of the Atlantic that presidential executive orders can be like the curtains in the Oval Office – they can be removed with ease by the next occupant of the White House.

The EU two years ago unilaterally revoked the previous data-transfer agreement, with the United States referred to as the Privacy Shield. It was struck down by the so-called Schrems II decision rendered by the EU’s Court of Justice.

That decision and a previous one, Schrems I, were reactions to the 2013 illegal public distribution of state and private secrets by Edward Snowden.

Pam Dixon, executive director of the World Privacy Forum and a noted biometrics expert, has broken down the order’s guidelines and highly bureaucratic processes in an analysis of the situation.

A list of legitimate eavesdropping objectives will become the standard against which any individual missive will be measured in the agreement.

If the surveillance is deemed illegitimate, as judged by U.S. officials, including a civil liberties protection officer in the Office of the Director of National Intelligence, the surveillance can be ordered halted. People can be fired, writes Dixon, if they do not act in the interests of the order.

Article Topics

biometric data  |  biometric identifiers  |  biometrics  |  data privacy  |  data sharing  |  EU  |  Europe  |  surveillance  |  United States  |  World Privacy Forum