The “new” Safe Harbour – Shield without protection: On 2 February, the European Commission proudly announced an agreement on the new EU-US Privacy Shield. For now, it is a list of “assurances”, but no document has been seen.
Safe Harbour: Negotiators are unlikely to meet the end-of-January deadline for a new agreement on data transfers from the EU to the US. “Even if some agreement was reached, it would be a political agreement”, EDPS Buttarelli said. Stumbling blocks include judicial redress, guarantees for data and security requests to be necessary and proportional, and a system to monitor and enforce rules for EU citizens in the US. The Article 29 Working Party, the grouping of European Data Protection Authorities (DPAs), which is set to meet on 2 February, is currently analysing how the annulation of safe harbour impacts also alternative mechanisms. They will be the one responsible for enforcement if talks fail and it remains to be seen if they agree to give negotiators more time. Eyes are also on the ongoing Microsoft case, where the company refused to follow a request by the US Department of Justice to hand over data stored in Ireland. In a letter dated 15 January, US-EU trade groups warned leaders about the risks of failing to reach an agreement.