What is it and why it matters

Businesses can continue to transfer data from the EU to the US as usual after the two superpowers reached a landmark data-sharing deal this week.

The framework, which replaces a previous agreement that lapsed in 2020, is a major development that has implications for U.S. tech giants, which rely on it to transfer European users’ data back to the United States.

If not in place, these companies risk costly processing and storing user data locally, or withdrawing operations from the EU altogether.So the agreement of the new rules will give us some relief Yuan and other U.S. companies that share vast amounts of user data around the world.

However, the rules are already under threat of legal challenges from privacy activists who are dissatisfied with the level of protection the measures offer European citizens. They say this is no different from the earlier Privacy Shield framework.

CNBC brings you all there is to know about the new EU-US privacy framework, why it matters, and its chances of success.

The new data sharing agreement is called EU-US Data Privacy Frameworkdesigned to ensure that data can flow safely between the EU and the US without additional data protection measures.

in a statement On Monday, the European Commission, the EU’s executive arm, said it had concluded that U.S. data protection laws provided an “adequate level of protection” for European citizens and introduced new safeguards that would limit U.S. intelligence agencies to Get EU data under “. “

A new data protection review court will be created for Europeans to lodge privacy complaints. It will have the power to order companies to delete user data if it finds that the information collected violates the new safeguards.

The data privacy framework replaces a previous agreement called Privacy Shield, which allowed companies to share Europeans’ data to the US to be stored and processed locally in their domestic data centers.

This is In July 2020, the EU’s highest court, the European Court of Justice, sided with Austrian privacy activist Max Schrems, who claimed that US law did not provide sufficient protection against surveillance by public authorities, and the bill was rejected.

It reached the European Court of Justice, which ruled in 2015 that the then Safe Harbor agreement (the mechanism that previously allowed European users’ data to be transferred to the US) was invalid, and European citizens are not adequately protected.

It was replaced by Privacy Shield, but then also abandoned.

Meanwhile, companies rely on separate mechanisms known as standard contractual clauses to ensure they can still transfer data across the Atlantic.

These tools are also under threat.

The Irish DPC ruled in May that Meta’s use of the SCC to transfer personal data to the US violated the European Union’s General Data Protection Regulation. The US tech giant was fined a record $1.3 billion.

Multinational companies operating in different jurisdictions need to move customer data across borders in a secure manner that complies with data protection regulations.

US tech giants have been sharing data on their European users. It is an important part of the Internet and an open and interconnected platform.

But the way these tech companies handle data has come under intense scrutiny from regulators and privacy activists.

Yuan, Google, amazon Others collect reams of user data, which they use to inform content-recommendation algorithms and personalize ads.

Without a deal, some companies could be forced to close operations in Europe.indeed, yuan February 2022 warned it was a risk.