ARTICLE
7 March 2023

European Data Protection Board Expresses Concerns Over Non-Binding Adequacy Decision For EU-U.S. Data Privacy Framework

FL
Foley & Lardner

Contributor

Foley & Lardner LLP looks beyond the law to focus on the constantly evolving demands facing our clients and their industries. With over 1,100 lawyers in 24 offices across the United States, Mexico, Europe and Asia, Foley approaches client service by first understanding our clients’ priorities, objectives and challenges. We work hard to understand our clients’ issues and forge long-term relationships with them to help achieve successful outcomes and solve their legal issues through practical business advice and cutting-edge legal insight. Our clients view us as trusted business advisors because we understand that great legal service is only valuable if it is relevant, practical and beneficial to their businesses.
The proposed EU-U.S. Data Privacy Framework (DPF) has hit yet another stumbling block on its road
Worldwide Privacy

The proposed EU-U.S. Data Privacy Framework (DPF) has hit yet another stumbling block on its road to an adequacy decision and toward opening back up the free flow of personal data from the EU to the United States without the need for standard contractual clauses or other mechanisms.

While the European Data Protection Board (EDPB) recognized the steps taken by the United States toward proportionality and necessity in U.S. intelligence gathering and the new redress mechanism set forth in President Biden's executive order, the EDPB expressed additional concerns that the DPF did not go far enough. They recommended that clarifications be made and concerns addressed so that the adequacy decision (if there is one) will endure. They also recommended that the adequacy decision be subject to review at least every three years.

All this comes on top of the Biden administration urging the U.S. Congress to renew the Foreign Intelligence Surveillance Act (FISA) Section 702, which is often pointed at as compromising the privacy rights of European data subjects.

The European Data Protection Board released its nonbinding opinion on the draft adequacy decision based on the EU-U.S. Data Privacy Framework, welcoming what it called "substantial improvements" while expressing concern and requesting clarification on several points. However, the EDPB has concerns relating to "certain rights of data subjects, onward transfers, the scope of exemptions, temporary bulk collection of data and the practical functioning of the redress mechanism."

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More