The European Union moved closer to a clinching a revamped deal over transatlantic data transfers aimed at resolving concerns about U.S. spying with a draft decision that confirms “comparable safeguards” to those in the EU, which has stringent privacy rules.
The EU’s executive Commission released its draft decision approving the pact Tuesday, which follows a breakthrough preliminary agreement in March between Brussels and Washington to resolve a yearslong battle over the privacy of EU citizens’ data that businesses routinely store in the U.S.
That breakthrough was hailed by business groups, which said it will provide certainty to thousands of companies, including tech giants like Google and Facebook, sending data between Europe, which has stricter data privacy regulations, and the comparatively lax U.S., which lacks a comprehensive federal privacy law.
Frictions over the transfers had raised the prospect that companies might need to keep European data out of the U.S.
“We are now confident to move to the next step of the adoption procedure. Our analysis has showed that strong safeguards are now in place in the U.S. to allow the safe transfers of personal data between the two sides of the Atlantic,” EU Justice Commissioner Didier Reynders said in a prepared statement. The framework “will help protect the citizens’ privacy, while providing legal certainty for businesses,” he said.
The reworked pact, confirmed by President Joe Biden in an executive order signed in October, includes limitations on the scope of U.S. intelligence gathering and provides creates a forum for legal challenges by European residents.
The deal still needs approval from a board of EU privacy regulators, the bloc’s 27 member states and the European Parliament.
Related: US, EU Sign Data Transfer Deal to Ease Privacy Concerns
Related: Brussels Okays EU-UK Personal Data Flows
Related: EU Hands Police Agency New Powers Over Personal Data
