Biden Signs EU / US Data Privacy Framework

Uploaded on 2022-10-25 in FREE TO VIEW

President Biden has finally signed an executive order to implement a long-delayed data transfer framework with the European Union that adopts new American intelligence gathering privacy safeguards.

Privacy Shield is a European Union-United States data transfer framework that aims to ease European concerns regarding US surveillance practices. The order will create a new body within the US Department of Justice that will oversee how American national security agencies are able to access and use information from both European and US citizens.

The framework is expected to end the limbo in which thousands of companies found themselves after the Court of Justice of the European Union (CJEU) struck down the two previous pacts over doubts regarding the safety of EU citizens’ data that tech companies store in the US. It will also give new powers to the civil liberties protection officials within the US Office of the Director of National Intelligence, a body that oversees agencies' work, to investigate possible breaches of people's privacy rights.

The agreement is set to end disagreement between the European Union’s stringent data privacy rules and the comparatively lax regime in the US, which lacks a federal privacy law.

“Transatlantic data flows are critical to enabling the $7.1 trillion EU-US economic relationship.  The EU-US. DPF will restore an important legal basis for transatlantic data flows by addressing concerns that the Court of Justice of the European Union raised in striking down the prior EU-US Privacy Shield framework as a valid data transfer mechanism under EU law,” says the White House statement.

“The Executive Order bolsters an already rigorous array of privacy and civil liberties safeguards for US signals intelligence activities. It also creates an independent and binding mechanism enabling individuals in qualifying states and regional economic integration organisations, as designated under the Executive Order, to seek redress if they believe their personal data was collected through US signals intelligence in a manner that violated applicable US law.”

Facebook just avoided a threatened shutdown of its EU-US data flows this summer, after objections were raised to a draft regulatory decision ordering them to be suspended, adding months more to the process.

Under the executive order, the US intelligence community has been ordered to implement policy and procedure updates to adhere to new privacy protections, while the Privacy and Civil Liberties Oversight Board has been directed to evaluate such updates.

EU-based individuals will be permitted to seek redress via an independent Data Protection Review Court, with an Office of the Director of National Intelligence civil liberties protection officer tasked to perform an initial complaint investigation. "The EU-US Data Privacy Framework includes robust commitment to strengthen the privacy and civil liberties safeguards for signals intelligence, which will ensure the privacy of EU personal data," said US Commerce Secretary Gina Raimondo.

While the measure has gained the support of US tech firms and industry groups as an effort that would ease cross-border data flows, domestic consumer and data privacy organisations have criticised inadequate data protections laid out in the framework.

White House:      TEISS:    SC Magazine:      IET:     Politico:     Reuters:   

You Might Also Read: 

European Union  Agrees New Cyber Security Legislation:

 

« New EU Cyber Security Legislation Targets Cyber Crime
Costs Of The Cyber Attack On Gloucester City Keeps Going Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

Center for a New American Security (CNAS)

Center for a New American Security (CNAS)

CNAS is the nation's leading research institution focused on defense and national security policy. Cyber security issues are an intrinsic element of the national security debate.

Usenix

Usenix

Usenix brings together the community of engineers, system administrators, scientists, and technicians working on the cutting edge of computing.

Forter

Forter

Forter provides new generation fraud prevention to meet the challenges faced by modern enterprise e-commerce.

Bolt Learning

Bolt Learning

Bolt's Cyber Security eLearning module provides users with an in-depth understanding of cybercrime, how it can occur and what everyone can contribute to preventing it.

Tyler Technologies

Tyler Technologies

Tyler Technologies is a leading provider of end-to-end information management solutions and services for local governments.

Arkphire

Arkphire

Arkphire provide solutions across every aspect of IT to help your business perform better.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

ZX Security

ZX Security

ZX Security is a New Zealand owned and operated cyber security consultancy.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.

Codezero Technologies

Codezero Technologies

Codezero is at the forefront of microservices development, employing an identity-aware overlay network that delivers zero-trust security to DevOps.

Cyber Grant

Cyber Grant

Cyber Grant excel in designing cybersecurity solutions for data protection. Our approach and vision, centered on ease-of-use, establish us as a benchmark in the industry for safeguarding information.