Home » Technology » Social networks can keep storing EU user data in the US under new agreement

Share This Post

Technology

Social networks can keep storing EU user data in the US under new agreement

Social networks can keep storing EU user data in the US under new agreement

/

The new EU-US Data Privacy Framework will lessen some of the pressure put on social media companies.

Share this story

An image showing a lock with the European Union’s flag

The European Union and the US have settled on a new transatlantic data-sharing pact. In an announcement on Monday, the European Commission says the new framework should allow information to flow freely between both locations, easing risks for social media companies that operate across them.

The decision comes three years after the EU’s top court struck down the Privacy Shield, a protocol that let companies based in the US collect and process data from EU citizens. At the time, the court said the Privacy Shield didn’t do enough to keep users’ data out of the hands of US intelligence agencies. This was a blow to companies like Meta and Amazon, as data collection is an essential part of their businesses.

When this policy was annulled, it left companies on the hook to comply with the EU’s data-transferring policies. Earlier this year, Ireland’s Data Protection Commission (DPC) hit Meta with a record $1.3 billion fine over its data transfers to the US, stating the company failed to “address the risks to the fundamental rights and freedoms” of citizens in the EU. In 2021, Luxembourg’s National Commission for Data Protection slapped Amazon with a $887 million fine for its handling of EU residents’ data.

The new EU-US Data Privacy Framework should protect companies from facing similar penalties so long as they commit to it. In addition to limiting the amount of overseas data that US intelligence can gain access to, the new framework establishes a Data Protection Review Court (DPRC) that can “independently investigate and resolve complaints” as well as order the deletion of data.

US companies will also need to follow a set of privacy obligations, including a requirement to delete personal data “when it is no longer necessary for the purpose for which it was collected.” They must also ensure these safeguards are in place when this data is shared with third parties.

“The new EU-U.S. Data Privacy Framework will ensure safe data flows for Europeans and bring legal certainty to companies on both sides of the Atlantic,” Ursula von der Leyen, the president of the European Commission, says in a statement. “Following the agreement in principle I reached with President Biden last year, the US has implemented unprecedented commitments to establish the new framework.”

Going forward, it’s not clear whether this policy will stand up to the EU’s court, as two previous attempts to establish a new framework were thrown out by judges. Nick Clegg, Meta’s president of global affairs, responded to the news on Twitter, stating that the company welcomes the new framework and noting that it “will safeguard the goods & services relied on by people and businesses on both sides of the Atlantic.”

Share This Post