The U.S. government announced two initiatives in late June that seek to address European Union concerns over trans-Atlantic data flows and to secure Europe’s future commitment to the U.S.-EU Safe Harbor initiative, which provides a legal means for businesses to transfer personal data from the EU to the U.S.
On June 25, the Federal Trade Commission (FTC) approved final orders that settled charges with 14 companies that had falsely claimed their participation in the U.S.-EU Safe Harbor program. The companies represent a cross-section of industries – including retail, professional sports, laboratory science, data broker, debt collection, and information security – and they handle a variety of consumer information. Under the settlements, the companies are prohibited from misrepresenting the extent to which they participate in any privacy or data security program sponsored by the government or any other self-regulatory or standard-setting organization.
One day earlier, U.S. Attorney General Eric Holder announced that the Obama administration would ask Congress to enact legislation granting EU citizens the right to bring claims in U.S. courts under U.S. privacy laws if they believe their personal data had been misused. This measure is intended to resolve one of the major sticking points in the broader negotiations for the Data Protection Umbrella Agreement, a framework with the EU to enhance anti-terrorism efforts by providing U.S. law enforcement authorities access to the personal data of individuals living in Europe.
“Legislative action by the U.S. Congress establishing enforceable judicial redress rights for Europeans in the U.S. can open the door to closing the deal on the data protection umbrella agreement,” commented EU Vice-President Viviane Reding on the Holder announcement.
The two announcements are seen as active attempts to rebuild the EU’s trust in trans-Atlantic data flows and to ensure the EU’s further commitment to the Safe Harbor program, both of which had been badly shaken in the wake of the Edward Snowden leaks last year. In October 2013, the European Commission recommended 13 actions the U.S. should take to improve the Safe Harbor program, including addressing issues of transparency, redress through alternative dispute resolution, enforcement, and the degree to which data from Europe is accessible by U.S. authorities.