© AFP/File | Austrian Max Schrems waits for a verdict at the European Court of Justice in Luxembourg on October 6, 2015 over claims that his privacy data was allegedly violated by Facebook within the scope of NSA mass surveillance programs
Top US companies including Facebook and Google rely on such transatlantic agreements to give legal cover for them to transfer data from their European subsidiaries to their headquarters in the United States.
Brussels and Washington announced the new EU-US “Privacy Shield” deal on February 2, replacing a previous agreement that was thrown out by the European Court of Justice last year.
The new steps include commitments from President Barack Obama to limit the use of bulk-collected intelligence, the appointment of a US ombudsman to deal with complaints by European citizens, and fines for firms that do not comply.
EU Justice Commissioner Vera Jourova said the agreement was a “strong new framework” with easier redress for individuals”.
But Austrian Internet activist Max Schrems — who brought a case against Facebook in Ireland that led to the EU court judgment last year — said the new deal amounts to putting “ten layers of lipstick on a pig.”
“There will be a number of people that will challenge this decision if it ever comes out this way ? and I may very will be one of them,” Schrems said in a document on his Twitter account.
He said that the deal includes too many areas under which “bulk” data collection is allowed.
The old Safe Harbor agreement effectively meant that Europe treated the United States a safe destination for Internet data on the basis that Brussels and Washington adhered to similar standards.
But the EU court declared Safe Harbor “invalid” in October because of US snooping practices exposed by Edward Snowden, the former intelligence contractor who leaked a hoard of National Security Agency documents.
Brussels said the new agreement meant EU member states’ national authorities will be able to fine firms up to 20 million euros, or up to four percent of total worldwide annual turnover, if they break EU rules.
EU authorities will also be able suspend data transfers to recipients in third countries or to international obligations.
Washington has also agreed to set up an ombudsman within the US State Department to assess complaints by EU citizens.
Europeans will further be able to seek redress for breaches through several channels including an arbitration system.
The deal will also be subject to an annual review.