The rules are essentially a set of assurances that the personal data of European consumers held on the servers of U.S. companies will be reasonably safe from U.S. government surveillance. The EU College of Commissioners will almost surely vote to approve the rules July 11, allowing cross-Atlantic data transfers to continue, at least for now.
The old set of protections, known as the “Safe Harbor” agreement, was rejected by a European court last October, and some believe the new rules may meet the same fate. Privacy groups point out that the new rules still allow for bulk snooping by the U.S. government in some situations, a fact many Internet companies and some EU member states think will eventually doom them.
The agreement is the culmination of months of negotiations led by Věra Jourová, the EU commissioner for justice, consumers, and gender equality, and U.S. secretary of commerce Penny Pritzker. The two already have plans to meet July 12 to toast the new agreement. Jourová said in a statement that the new Privacy Shield differs from the old Safe Harbor agreement in that it “imposes clear and strong obligations on companies handling the data and makes sure that these rules are followed and enforced in practice.”