US expected to publish Privacy Shield executive order next week

EuroActiv Politico News

The White House is expected to publish its long-awaited executive order on transatlantic data transfers next week, according to three officials with knowledge of the matter.

The order is designed to address European concerns over surveillance practices in the United States and may be signed by President Joe Biden and then published as early as October 3, one of the officials said.

As part of the upcoming announcement, the White House declaration is expected to work in conjunction with new U.S. Department of Justice regulations used to oversee American national security agencies, according to Peter Swire, a former Bill Clinton administration chief counselor for privacy and current professor at Georgia Tech, whose work has formed part of the legal basis for the leading framework of the new Privacy Shield.

A White House official, who was not authorized to discuss the pending executive order, said a draft has been finalized.

Once made public next week, the executive order will kick off a ratification process by the European Commission, which is expected to take as long as six months. The new transatlantic data agreement would therefore be ready around March 2023.

While details on what’s in the upcoming executive order have yet to be published, four separate individuals who have been involved in the talks described a series of new legal protections to be granted to both European and American citizens over how U.S. national security agencies can access and use their data.

This includes new language that will outline what is “necessary and proportionate” for the agencies in their surveillance activities and will represent a significant change in how people’s data, on both sides of the Atlantic, can be used for national security purposes.

In March, Brussels and Washington agreed to a revamped so-called Privacy Shield agreement, in principle, which allows everything from payroll information to family pictures to be sent across the Atlantic. But progress on the details of how such a deal would work in practice had stalled until now, due to ongoing concerns from some within the Commission that any new deal with the U.S. may face immediate legal challenges.

Negotiations to repair the EU-U.S. data pact began in 2020 after EU judges struck down Privacy Shield over concerns that it did not sufficiently protect Europeans from U.S. surveillance.

Swire, the former Clinton official, said he expected the U.S. Department of Justice to create an independent court for addressing U.S. national security access to European data.

“Step one is independent adjudication with the Department of Justice, step two is the executive order requiring intelligence agencies to follow the decisions of those judges,” Swire said.

This article has been updated.

This article is part of POLITICO Pro

The one-stop-shop solution for policy professionals fusing the depth of POLITICO journalism with the power of technology

Exclusive, breaking scoops and insights

Customized policy intelligence platform

A high-level public affairs network