EU adopts new framework for data transfer to the US

Data transfer between Europe and the United States was deemed illegal back in 2020 by an EU Court. Now, almost three years later, the European Commission announced the adoption of a new adequacy decision, which essentially allows companies like Facebook, Google, and Apple to store data about European users on their American servers.

The EU-US Data Privacy Framework introduces new binding safeguards to address all the concerns raised by the European Court of Justice, read a press release issued by the Commission. US Intelligence services still won’t be allowed to access EU data, and there will be established a Data Protection Review Court accessible to all Europeans.

The framework effectively introduced improved mechanisms for protecting personal data, and the EU believes the United States will comply with a new detailed set of privacy obligations - for instance, the requirement to delete personal data when it is no longer necessary for the purpose for which it was collected.

The decision comes just months after Meta was fined €1.2 billion ($1.32 billion) by the EU over a similar issue - transferring data to third parties that did not meet safety requirements. It is important to note that this adequacy decision can still be appealed in front of the bloc’s top court (Court of Justice of EU) by privacy campaigners in the following months as it “lacks clarity” on fundamental privacy rights.

Source