U.S. President Joe Biden signed an executive order Friday that would limit the ability of U.S. national security agencies to access people’s personal information as part of a transatlantic data-sharing agreement with the European Union.
The order follows lengthy negotiations between the U.S. and the European Union after ruling in 2020 that Washington was not sufficiently protecting European data when it was transferred across the Atlantic.
The order will create a new body within the U.S. Department of Justice that will oversee how U.S. national security agencies can access and use the information of European and American citizens.
It will also give new powers to civil liberties officials in the Office of the Director of National Intelligence, an agency that oversees the work of the agencies, to investigate possible violations of individuals’ privacy rights.
The European Commission, the European Union’s executive body, said the framework includes « significant improvements » over the original Privacy Shield and will now move forward with a final decision paving the way for the free flow of data between certified European and U.S. companies.
U.S. Commerce Secretary Gina Raimondo told reporters that the executive order « is the culmination of our joint efforts to restore trust and stability to transatlantic data flows » and « will ensure the privacy of EU personal data. »
While industry groups largely welcomed Biden’s executive order, European consumer rights and privacy advocates, including activist Max Schrems, who filed a lawsuit that sparked the legal battle a decade earlier, were skeptical about whether the order went far enough and whether it was likely to end up back in the European Union’s Supreme Court.