Government authorities in the United States and European Union are negotiating new policies that could have a major impact on the way multinational companies share private user information.
The talks began following the European Court of Justice’s rejection last month of the “Safe Harbor” arrangement between the United States and the European Union. That deal allowed companies to transfer European citizens’ private data to servers based in the United States. The court found that the arrangement did not adequately protect user rights and online privacy.
European officials are seeking a “a bullet-proof solution” for protecting user privacy through the new negotiations, according to European Commission Vice President Andrus Ansip.
In particular, they hope to assuage concerns expressed by European citizens in the wake of the Snowden revelations that the United States government can gain access to private information stored on servers within the country.
So far, the parties have revealed few details about how they plan to enforce user privacy protections. It seems likely, however, that the solution will at least partially involve providing ways for European Union citizens to contest infringements of their digital privacy in United States courts.
It’s less clear that the deal will actually prevent authorities in the United States from snooping on private data that companies collect about individuals. Of course, even if it nominally did so, the clandestine surveillance program that Snowden reveals suggests that the United States would have few qualms about secretly accessing private data even if it violated a trade agreement.
Still, some sort of privacy protections can’t hurt. Even if there is no way to guarantee that they are respected, they can’t hurt when it comes to protecting the privacy not only of people who use major international digital platforms like Facebook, but anyone who uses websites, apps or services that choose to store user information in the United States.
The parties said they expect to reach an agreement on data privacy within three months.