ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.By Maximilian Baur and Paul Melot de Beauregard
After over four years of negotiations, the European Union and the United States have agreed on a framework data protection agreement on 8 September 2015 (Umbrella Agreement). The Umbrella Agreement covers all personal data exchanged between the European Union and the United States for the purpose of prevention, detection, investigation and prosecution of criminal offences, including terrorism. According to the Q&A’s posted on the EU Commission’s website, the Umbrella Agreement shall “provide safeguards and guarantees of lawfulness for data transfers.”
During the negotiations, the Umbrella Agreement was widely criticized throughout the EU because EU citizens could not file lawsuits in the United States to enforce their data protection rights. The U.S. Privacy Act allows only U.S. residents to obtain redress for data privacy and protection violations. As part of the Umbrella Agreement, the U.S. Congress introduced an amendment to the U.S. Privacy Act known as the “Judicial Redress Bill.” If adopted, the Judicial Redress Bill will permit an EU citizen to use U.S. courts to (for example) have his or her name deleted from U.S. blacklists if the name was mistakenly included.