The US President's new attempt at restricting immigration may be more forgiving to the EU-US Privacy Shield agreement than the previous iteration.
The new executive order actually omits any mention of the US Privacy Act, which provides certain data privacy protections to citizens and residents. The order was signed on 6 March as an update to a controversial order, colloquially known as a ‘muslim ban'.The previous order was signed in January and not long after that, US courts rejected it as unlawful.
The new order is entitled Protecting the Nation From Foreign Terrorist Entry Into The United States. While it restates the President's long stated desire to impede immigration into the United States, it has very little to say about privacy.
Previous executive orders banned travellers from a variety of Muslim countries around the world and sparked worldwide furore. One order, called Enhancing Public Safety in the Interior of the United States, intended to crack down on illegal immigrants already within the country and intended to deny federal money to areas which did not police immigration effectively. This particular order was of particular interest to privacy experts, particularly its prohibition on extending the provisions of the US Privacy Act to foreign legal residents and foreign citizens.The order quickly prompted a response from European privacy advocates and politicians. Jan Phillipp Albrecht, the European Parliament's chief negotiator on privacy rules, quickly called for the suspension of Privacy Shield.
The American Civil Liberties Union and Human Rights Watch wrote a letter to the EU Commission calling the executive order a threat to the fundamental basis of the nascent agreement.
As a result of the order, the letter stated, “People in the EU have diminished protections when it comes to limits on dissemination of their personal information, the right to access their private information held by the US government, and the right to request corrections to their information.”
While reassurance that Privacy Shield would be going ahead as planned was forthcoming from a variety of US offices, suspicion persisted. Vera Jourova, the European Union's Commissioner for justice, consumers and gender equality, told Bloomberg recently that she would “not hesitate”, to suspend Privacy Shield if she felt the EU-US agreement was in jeopardy.
The Privacy Shield data protection regime establishes rules for the transfer of European data to the US. It arose from the ashes of the decades-old Safe Harbour Principles, which were demolished in European courts after privacy activist Maximilian Schrems highlighted the fact that they did not account for US surveillance practices, like the kind revealed by Edward Snowden.
Privacy Shield came after a long and arduous revision of previous European data protection measures. Over 1700 companies currently rely on the framework to transfer data to the US.A recent article by law firm Squire Patton Boggs, noted that, “For the moment, the new executive order appears to be a positive sign in relation to the longevity of the Privacy Shield Framework”.