17 July 2020
The top court for the European Union (EU) has cancelled a data-sharing agreement between the EU and the United States.
The Court of Justice of the European Union announced the ruling Thursday.
Thousands of companies share data with U.S. computers under the agreement, called Privacy Shield. The court noted that the U.S. government is able to use the agreement to collect personal information.
The Associated Press reports the ruling will complicate business for about 5,000 companies. It could require government agencies to carefully examine any new data transfers. The goal would be to make sure Europeans' personal information remains protected under the EU's data protection rules.
The ruling means that EU and U.S. officials will likely have to negotiate a new agreement. The new one will have to guarantee that Europeans' data gets the same privacy protection in the U.S. as it does in the EU.
Privacy activists praised the court ruling as a major victory. But business groups are worried about its effects. Companies like Facebook move personal data between their servers around the world. These transfers underpin billions of dollars in business activity.
Max Schrems is an Austrian activist whose criticism of how Facebook data is processed led to the court case. He said, "It is clear that the U.S. will have to seriously change their surveillance laws."
Schrems first brought the case to court in 2013. He did so after former U.S. National Security Agency worker Edward Snowden reported that the U.S. government was spying on people's online data and communications. The revelations included details on how Facebook gave U.S. security agencies the personal data of Europeans.
Although the court case resulted from concerns over Facebook, it could affect technology companies, finance and even the automobile industry.
Experts say the ruling would not affect things like email and flight and hotel plans at this time. Cloud computing services by providers like Microsoft would also continue unless government officials intervene.
Companies use legal methods, called standard contractual clauses, that require businesses to follow EU privacy rules when transferring messages, pictures, and other information. The clauses — which are terms and conditions — are used to ensure that EU rules are obeyed when data leaves the European Union.
The Court of Justice of the EU ruled that, as a general rule, those clauses are still valid. However, it cancelled the Privacy Shield agreement on data transfers because the U.S. government can demand personal data for national security reasons.
The court said that in cases where there are concerns about data privacy, EU officials should vet, and if needed block, the transfer of information. That means EU officials could block Facebook, for example, from transferring any more European data to the U.S.
Government surveillance of personal data is one of the issues in the dispute between the U.S. and the Chinese telecommunications company Huawei. Data is extremely important to many of the world's biggest companies, like Facebook, Google, Alibaba and Amazon. National security officials also want personal data to help them guard against extremist attacks. Mining large amounts of people's data has also become important to winning elections.
Alexandre Roure is a top official at the Computer & Communications Industry Association, a not-for-profit group. He said the decision "creates legal uncertainty for the thousands of large and small companies on both sides of the Atlantic."
He said all sides hope that EU and U.S. officials can find an answer "...in line with EU law, to ensure the continuation of data flows which underpins the trans-Atlantic economy."
I'm Mario Ritter Jr.
Mario Ritter Jr. adapted this Associated Press story for VOA Learning English. George Grow was the editor.
________________________________________________________________
Words in This Story
invalidate –v. to make something invalid or to cancel its effect
vet –v. to investigate to find out if someone or something meets certain requirements
surveillance –n. observing someone or something, especially for security purposes
revelations –n. something that is made known that was surprising or secret before
valid –adj. something that meets legal requirements
underpin –n. to support something from below, to provide a basis