The US and EU have hailed a breakthrough in an ongoing battle over data protection standards, during a visit by President Joe Biden to Europe to build transatlantic unity over the Russian invasion of Ukraine.
For years the transfer of European citizens’ data to the US has been a topic of contention particularly in the light of allegations about US intelligence agencies accessing foreign persons’ data.
But the Russian invasion of Ukraine appears to have reset discussions between Washington and Brussels.
Ukraine news live: Ukrainian forces take back towns around Kyiv
Please use Chrome browser for a more accessible video player
In a joint announcement on Friday morning, Mr Biden and Ursula von der Leyen, president of the European Commission, said they had “found an agreement in principle on a new framework for transatlantic data flows”.
“This is another step in strengthening our partnership,” said Ms von der Leyen.
The announcement was made as the two powers agreed a new partnership that would reduce Europe’s dependence on energy supplied by Russia.
Ukraine war: Why the EU is nervous about imposing a ban on Russian oil and gas
Russian oligarch calls for end to war but stops short of Putin criticism
Ukraine invasion: EU to close airspace to all Russian planes and ban Kremlin-backed media
President Biden alleged this dependence was being exploited by Russian President Vladimir Putin to “coerce and manipulate his neighbours” and that the funds it provided were used to “drive his war machine”.
Politico, which reported on the looming data breakthrough before the announcement, said several EU and US officials dismissed the link between the agreement and the invasion of Ukraine.
One of the officials stressed “the fundamental problems of getting a deal done don’t go away because of the war in Ukraine”.
What is the issue?
Court cases (notably two led by Austrian activist Max Schrems) have found the American and European data protection regimes to be incompatible, with a particular complaint being the alleged mass surveillance conducted by the US security services as described in the revelations by former National Security Agency contractor Edward Snowden.
The issue is whether European citizens who believe their data has been improperly accessed by the American intelligence services have a legitimate route to bring a legal challenge.
A previous agreement to facilitate these transfers was invalidated in 2020. While enforcement around this ban has not been consistent across the bloc, it has been increasing.
Responding to the news, Caitlin Fennessy of the International Association of Privacy Professionals, said that people working in data protection “can finally exhale”.
“They have been holding their breath for months given the lack of water-tight data transfer compliance options, the borderless nature of internet-based services and escalating enforcement,” she said.
“While we have yet to see the details, it seems both sides were working toward a lasting solution. If they wanted a temporary fix, they could have wrapped up talks months ago. Time will tell whether they got there.”
With concern growing about the global internet fragmenting, this agreement will help keep people connected and services running. It will provide invaluable certainty for American & European companies of all sizes, including Meta, who rely on transferring data quickly and safely. https://t.co/KYfqUM9XbH
The move was also welcomed by Nick Clegg, the president of global affairs at Meta, whose advertising business is dependent on collecting an enormous amount of data.
Sir Nick tweeted: “With concern growing about the global internet fragmenting, this agreement will help keep people connected and services running.
“It will provide invaluable certainty for American and European companies of all sizes, including Meta, who rely on transferring data quickly and safely.”