European Parliament questions adequacy of EU-U.S. Privacy Shield
On 11 June, the European Parliament’s Civil Liberties (LIBE) Committee adopted a motion for a Resolution on the adequacy of the protection afforded by the EU-US Privacy Shield.
Context of political tension
This motion for a resolution is a direct response to the Facebook-Cambridge Analytica data breach, and MEPs are calling on the US authorities to act upon such revelations without delay and (if need be) remove companies that have misused personal data from the Privacy Shield list.
Content of the Resolution
- calls for the EU Commission to take the necessary measures to ensure that the Privacy Shield fully complies with the obligations laid down in the GDPR.
- calls for the EU Commission and US competent authorities to address deficiencies within the Privacy Shield.
- considers that unless the USA is fully compliant by 1 September 2018, the EU Commission will have failed to act in accordance with Article 45(5) GDPR, and would therefore call on the Commission to suspend the Privacy Shield until the US authorities comply with its terms.
- The motion for a Resolution is expected to be voted in the European Parliament’s July Plenary session (2-5 July). If adopted, it will become a Resolution of the European Parliament and will be sent to the EU Commission.
- The next annual review of the EU-US Privacy Shield will take place in Autumn 2018, which creates momentum for the European institutions to raise concerns.