ALERT: Art.29 Working Group says Privacy Shield falls short, doesn't address bulk data collection
The Privacy Shield forged earlier this year to replace Safe Harbor still needs work, a group of European data privacy regulators said Wednesday.
The Privacy Shield forged by the EU and the U.S. earlier this year shows progress but still doesn't adequately address the issue that got Safe Harbor tossed by a European Court of Justice – the bulk collection of data on private citizens, a group of data privacy regulators known as the Article 29 Working Party said in an much-anticipated opinion handed down Wednesday.
“It's not a surprise because I believe Privacy Shield [somehow] is lacking, but [rather] I'm not surprised because of the way it has been playing out in public,” Aaron Tantleff, intellectual property partner at law firm Foley & Lardner LLP, told SCMagazine.com. “Look at why Safe Harbor was rejected,” he said, noting that mass surveillance was the “cornerstone” of the European court's rejection and if that concern is still not addressed by Privacy Shield then groups like Art.29 WG are going to take issue with it.
Criticism of the agreement hammered out in response to a European Court of Justice's rebuff of Safe Harbor came as no surprise, since excerpts from the Art.29 WP opinion leaked late last week clearly indicated that the group wasn't prepared to embrace Privacy Shield without some significant modifications.
The regulators put forth a number of recommendations that they would like to see in the final version of Privacy Shield, including, Tantleff said, a review in two years to see how the pact gibes with the General Data Protection Regulation (GDPR) set to be in effect by then and clarification of the role of an ombudsman to be appointed by the U.S.
Stay tuned to SCMagazine.com for additional details and analysis.