A new ‘Privacy Shield’ agreement will once again grant American tech companies legal cover to transfer data from the EU to their servers in the US. This replaces the previous Safe Harbour privacy agreement, in force since 2000, which regulated how US companies handled data of EU citizens – but was otherwise quite lenient on data transferal. After Edward Snowden exposed the extent of US surveillance operations, the EU struck down Safe Harbour, a move which had left US companies exposed to law suits.
Now the new EU-US Privacy Shield Framework grants legal protection for data transfers once more – as long as companies meet criteria under a self-certifying process. Privacy advocates are sceptical about the efficacy of this self-certifying agreement, questioning whether it will do anything to curb the mass surveillance of EU citizens or indeed keep their personal information secure.