Biden Signs EU / US Data Privacy Framework

Uploaded on 2022-10-25 in FREE TO VIEW

President Biden has finally signed an executive order to implement a long-delayed data transfer framework with the European Union that adopts new American intelligence gathering privacy safeguards.

Privacy Shield is a European Union-United States data transfer framework that aims to ease European concerns regarding US surveillance practices. The order will create a new body within the US Department of Justice that will oversee how American national security agencies are able to access and use information from both European and US citizens.

The framework is expected to end the limbo in which thousands of companies found themselves after the Court of Justice of the European Union (CJEU) struck down the two previous pacts over doubts regarding the safety of EU citizens’ data that tech companies store in the US. It will also give new powers to the civil liberties protection officials within the US Office of the Director of National Intelligence, a body that oversees agencies' work, to investigate possible breaches of people's privacy rights.

The agreement is set to end disagreement between the European Union’s stringent data privacy rules and the comparatively lax regime in the US, which lacks a federal privacy law.

“Transatlantic data flows are critical to enabling the $7.1 trillion EU-US economic relationship.  The EU-US. DPF will restore an important legal basis for transatlantic data flows by addressing concerns that the Court of Justice of the European Union raised in striking down the prior EU-US Privacy Shield framework as a valid data transfer mechanism under EU law,” says the White House statement.

“The Executive Order bolsters an already rigorous array of privacy and civil liberties safeguards for US signals intelligence activities. It also creates an independent and binding mechanism enabling individuals in qualifying states and regional economic integration organisations, as designated under the Executive Order, to seek redress if they believe their personal data was collected through US signals intelligence in a manner that violated applicable US law.”

Facebook just avoided a threatened shutdown of its EU-US data flows this summer, after objections were raised to a draft regulatory decision ordering them to be suspended, adding months more to the process.

Under the executive order, the US intelligence community has been ordered to implement policy and procedure updates to adhere to new privacy protections, while the Privacy and Civil Liberties Oversight Board has been directed to evaluate such updates.

EU-based individuals will be permitted to seek redress via an independent Data Protection Review Court, with an Office of the Director of National Intelligence civil liberties protection officer tasked to perform an initial complaint investigation. "The EU-US Data Privacy Framework includes robust commitment to strengthen the privacy and civil liberties safeguards for signals intelligence, which will ensure the privacy of EU personal data," said US Commerce Secretary Gina Raimondo.

While the measure has gained the support of US tech firms and industry groups as an effort that would ease cross-border data flows, domestic consumer and data privacy organisations have criticised inadequate data protections laid out in the framework.

White House:      TEISS:    SC Magazine:      IET:     Politico:     Reuters:   

You Might Also Read: 

European Union  Agrees New Cyber Security Legislation:

 

« New EU Cyber Security Legislation Targets Cyber Crime
Costs Of The Cyber Attack On Gloucester City Keeps Going Up »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Foundation for Strategic Research (FRS)

Foundation for Strategic Research (FRS)

The Foundation for Strategic Research is France's main independent think tank on strategic, defense and security issues. Cyber security is covered as part of the study areas.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Mocana

Mocana

Mocana provides a software platform that allows you to develop, test and distribute more secure IoT devices and services.

Teramind

Teramind

Teramind provides a user-centric security approach to monitor employee behavior in order to identify suspicious activity, detect possible threats, monitor efficiency, and ensure industry compliance.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Xage Security

Xage Security

Xage is the world’s first blockchain-protected security platform for Industrial IoT.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Department of Justice - Office of Cybercrime (DOJ-OOC)

Department of Justice - Office of Cybercrime (DOJ-OOC)

The Office of Cybercrime within the Philippines Department of Justice is the Central Authority in all matters relating to international mutual assistance and extradition for cybercrime.

2Keys

2Keys

2Keys designs, deploys and operates Digital Identity Platforms and Cyber Security Platforms through Managed Service and Professional Service engagements.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

SpecterOps

SpecterOps

SpecterOps has unique insight into the cyber adversary mindset and brings the highest caliber, most experienced resources to assess your organizations defenses.

Resolvo Systems

Resolvo Systems

Resolvo is provides comprehensive security assessment and testing services in Asia.

AWARE7

AWARE7

IT security for human and machine. With the help of our products and services, we work with you to increase the IT security level of your organization.

Core4ce

Core4ce

Core4ce is a mission-oriented company that serves as a trusted partner to the national security community.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.