The European Union has approved a new deal that allows companies to freely transfer data between the EU and the United States. This deal, known as the EU-U.S. Data Privacy Framework, potentially ends three years of legal uncertainty for tech giants like Facebook and Google. The European Commission has recognized the U.S. as a country with sufficient protection for Europeans’ personal data. The agreement clears the way for transatlantic data exchanges after the previous data agreement, Privacy Shield, was struck down by the EU’s top court in 2020. Despite some concerns, the deal has been welcomed by tech companies and is expected to hold up to the court’s scrutiny.
| Signal | Change | 10y horizon | Driving force |
|---|---|---|---|
| EU approves new data deal with the US | Transfer of data between EU and US | More trust in data privacy, deeper economic ties | Economic benefits and shared values |
| Deal potentially ends legal limbo for tech giants | Tech companies can freely transfer data | Tech companies can continue transatlantic data exchanges | Economic activities and business operations |
| EU recognizes US as having sufficient data protection | Adoption of adequacy decision under GDPR | Freely transfer data between EU and US | Protecting Europeans’ personal data |
| Previous data agreement (Privacy Shield) struck down | US intelligence agencies restricted from accessing data | Better redress for Europeans, independent from US intelligence | Concerns of US intelligence agencies snooping on data |
| New Data Protection Review Court established | European residents can bring claims against US agencies | Legal recourse for Europeans regarding data collection | Ensuring data gathering is necessary and proportionate |
| Privacy activist likely to challenge the new deal in court | Complaint expected to go to European Court of Justice | Potential legal scrutiny for the new data deal | Insufficient protections for Europeans’ privacy |
| Tech companies welcome the new data deal | Safeguards goods and services for people and businesses | Continued flow of data to American servers | Ensuring uninterrupted services for users |
| European Parliament opposes the new pact | Argues that it still allows bulk-collection and lacks privacy | Concerns over bulk-collection and privacy protections | Protecting Europeans’ privacy |
| European Commission to review the data deal periodically | Assess the effectiveness of US privacy safeguards for Europeans | Regular evaluation of US privacy practices | Ensuring ongoing protection of Europeans’ personal data |
| Reform to US law and practices for surveillance safeguards | Improved privacy safeguards under the new data deal | Increased focus on privacy protections | Evolving privacy regulations and practices |