The Effects Of GDPR On EU / US Relations

An important recent EU Court of Justice of the European Union (CJEU) decision in Schrems II found  that the EU-US agreement on transatlantic data sharing known as Privacy Shield is invalid and its additional findings with respect to standard contractual clauses, closes off key mechanisms for transferring persona data from the EU to the US. 

Now with important impacts on trade and the development of technologies such as cloud computing and artificial intelligence (AI) this will have significant effects on EU/US relations.

Many have also argued the EU’s General Data Protection Regulations (GDPR) should have stopped much of how the conjoined ad-tech and online industries operate.  It should have removed the data of 700 million EU residents from the machine, just as it should have removed our data from most transatlantic data transfers.

The dawning age of Surveillance capitalism is underpinned by the value of our commoditised, collected, collated and analysed data, sold in marketing databases, gathered and shared internally by data giants across their own multiple-market platforms and properties, and externally to third parties. Your data, sifted and sorted into minute categories, is also traded in microsecond auctions between huge advertising entities in order to instantly serve you a specific targeted ad in the eye blink between when a web page’s cookies know it’s you, and that page’s many parts congeal on the screen.

What appears to you as just another ad, maybe eerily related to something you might have searched for or purchased recently, is the fleeting end result of these vast ad-tech data-gathering and marketing machinations.

The attempt by GDPR to extend EU privacy rights and obligations to countries and entities receiving EU personal data reflects a broad dynamic, which is that as the global free flow of data increases the scope for national security agencies to access the personal data of everyone, national privacy standards need to be globalised as well to be effective. Yet, governments often provide different levels of privacy protection and redress depending on whether a person is a citizen and where they are located. 

Under the Fourth Amendment to the Constitution, the US provides different levels of legal redress to people in the US compared to those outside the US, including access to US courts. 

GDPR in effect seeks to extend the full suite of rights and obligations available in the EU under GDPR, to any country receiving EU personal data.  Given these risks and developments, what is needed is an international agreement on how to balance national security and access to data, with other key goals such as privacy. 

EU Commission:         Irish Times:     Curia:      Farrer:        VoxEU

You Might Also Read:

How Does The CCPA Compare To The GDPR?:

 

« What Is A Cyber Security Audit?
Cyber Security Teams Worry Most About Phishing & Ransomware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

UL Solutions

UL Solutions

UL Solutions is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

QuintessenceLabs

QuintessenceLabs

QuintessenceLabs offers a suite of Data Security technology, products and solutions to secure digital information in-transit, at-rest or in-use.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

Bellvista Capital

Bellvista Capital

Bellvista Capital connects entrepreneurs with capital and unmatched business expertise in the technology areas of Cloud Computing, Cyber Security and Data Analytics.

Brimondo

Brimondo

At Brimondo we help you to maximize and protect your brand value by being a proactive and strategic partner within brand protection with experts within intellectual property and digital assets.

Lewis Brisbois

Lewis Brisbois

Lewis Brisbois offers legal practice in more than 40 specialties, and a multitude of sub-specialties including Data Privacy & Cybersecurity.

Information & Communications Technology Association of Jordan (int@j)

Information & Communications Technology Association of Jordan (int@j)

The Information & Communications Technology Association of Jordan is a membership based ICT and IT Enabled Services (ITES) industry advocacy, support and networking association.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

CyberSecureRIA

CyberSecureRIA

We founded CyberSecureRIA specifically to secure and support RIAs. We exist to secure SEC-registered RIAs, and keep them compliant with cybersecurity regulations.

Aliro Security

Aliro Security

AliroNet is the world’s first entanglement Advanced Secure Network solution.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.

Sphinx

Sphinx

Sphinx provide advanced security consulting services and cyber solutions to federal and private industry.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.