The Effects Of GDPR On EU / US Relations
An important recent EU Court of Justice of the European Union (CJEU) decision in Schrems II found that the EU-US agreement on transatlantic data sharing known as Privacy Shield is invalid and its additional findings with respect to standard contractual clauses, closes off key mechanisms for transferring persona data from the EU to the US.
Now with important impacts on trade and the development of technologies such as cloud computing and artificial intelligence (AI) this will have significant effects on EU/US relations.
Many have also argued the EU’s General Data Protection Regulations (GDPR) should have stopped much of how the conjoined ad-tech and online industries operate. It should have removed the data of 700 million EU residents from the machine, just as it should have removed our data from most transatlantic data transfers.
The dawning age of Surveillance capitalism is underpinned by the value of our commoditised, collected, collated and analysed data, sold in marketing databases, gathered and shared internally by data giants across their own multiple-market platforms and properties, and externally to third parties. Your data, sifted and sorted into minute categories, is also traded in microsecond auctions between huge advertising entities in order to instantly serve you a specific targeted ad in the eye blink between when a web page’s cookies know it’s you, and that page’s many parts congeal on the screen.
What appears to you as just another ad, maybe eerily related to something you might have searched for or purchased recently, is the fleeting end result of these vast ad-tech data-gathering and marketing machinations.
The attempt by GDPR to extend EU privacy rights and obligations to countries and entities receiving EU personal data reflects a broad dynamic, which is that as the global free flow of data increases the scope for national security agencies to access the personal data of everyone, national privacy standards need to be globalised as well to be effective. Yet, governments often provide different levels of privacy protection and redress depending on whether a person is a citizen and where they are located.
Under the Fourth Amendment to the Constitution, the US provides different levels of legal redress to people in the US compared to those outside the US, including access to US courts.
GDPR in effect seeks to extend the full suite of rights and obligations available in the EU under GDPR, to any country receiving EU personal data. Given these risks and developments, what is needed is an international agreement on how to balance national security and access to data, with other key goals such as privacy.
EU Commission: Irish Times: Curia: Farrer: VoxEU:
You Might Also Read:
How Does The CCPA Compare To The GDPR?: