Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsTrans-Atlantic Data Privacy Framework Targeted by NOYB
Instrumental in the destruction of the Safe Harbour Framework and the EU-US Privacy Shield was Max Schrems. Now his organization, NOYB – European Center for Digital Rights is taking aim at the Trans-Atlantic Data Privacy Framework.
NOYB, originates from the phrase “none of your business” and is a non-profit organization based in Austria which launches strategic court cases and media initiatives to enforce the General Data Protection Regulation (GDPR) as well as other European Union data privacy laws and standards.
Max Schrems, in his capacity as the honorary chairman of NOYB, has written an open letter to European Commission Commissioner Didier Reynders, United States Secretary of Commerce Gina Raimondo, Justice Advisor Pauline Dubarry, European Data Protection Board Chair Andrea Jelinek, and LIBE Chair Juan Fernando López Aguilar pointing out his concerns about the Trans-Atlantic Data Privacy Framework.
So far, the Trans-Atlantic Data Privacy Framework is merely agreed in principle, with lots of work left to do before it becomes effective and accordingly, there aren’t many details for Max to pick apart and criticize. Even in its current state, Max has some concerns. He suspects that the US will not provide material protections for non-US persons.
Another concern he highlighted is that the Framework will probably rely heavily on executive orders, which he believes are insufficient to meet the requirements of the Court of Justice of the European Union (CJEU).
As for specific guidance, he recommends that they use an appropriate proportionality test when permitting US surveillance. If the agreement relies on “necessary and proportionate” language to justify signals intelligence surveillance activities, that will likely be inadequate as the CJEU has twice previously found that US surveillance laws and practices are not “necessary and proportionate.”
Max Schrems also wants to see the creation of a meaningful judicial redress under Article 47 CFR and updated commercial privacy protections.
The Trans-Atlantic Data Privacy Framework has the potential to make doing business in the US and EU much easier, but only if they get it right. In the meantime, companies should keep abiding by the applicability data privacy laws, such as GDPR and CCPA. Clarip can help with that compliance, whether it be automated data mapping, data subject request fulfillment, consent management, vendor management, website scanning, or many other data privacy compliance functions. Visit our site, www.clarip.com or call us at 1-888-252-5653 to learn more.
Email Now:
Mike Mango, VP of Sales
mmango@clarip.com
Other Articles on this Topic:
The European Data Protection Board Weighs in on the Trans-Atlantic Data Privacy Framework
The Trans-Atlantic Data Privacy Framework
Data Transfers and Adequacy between Non-EU Countries
Cookies & Data Transfers: The Google Analytics decision
The Schrems Decisions: Cross-border Data Transfers
