On July 5, 2018, the European Parliament issued a nonbinding resolution for European Commission to suspend the EU-U.S. Privacy Shield unless U.S. authorities can fully comply with the framework by September 1, 2018. The resolution states that the data transfer mechanism does not provide the adequate level of protection for personal data as required by EU data protection law.

The Resolution takes particular aim at potential access to EU residents’ personal data by U.S. national security agencies and law enforcement,  as it is far-reaching and creates a potential conflict with the EU data protection laws. The Resolution also cites recent revelations surrounding Facebook and Cambridge Analytica which were Privacy Shield-certified companies as highlighting the need for proactive oversight and enforcement actions including systematic checks of compliance of privacy policies with the Privacy Shield principles and calls on EU data protection authorities to suspend data transfers for non-compliant companies. Therefore this resolution cast into the doubt the future effectiveness of the EU-U.S. Privacy Shield in allowing U.S. companies to transfer and process European data in or through the U.S. in order to comply with the EU General Data Protection Regulation (EU GDPR)

Contributed by Magdalena A K Muir

Source:

http://www.europarl.europa.eu/sides/getDoc.do?type=MOTION&reference=B8-2018-0305&language=EN