The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more
Predicting the future is by definition complicated. One can look for historical facts, make some analogies, anticipate reactions and come up with more or less informed guesses. But time travellers aside, no one has been to the future to tell us exactly how things are going to turn out. Yet, human nature is indeed predictable and in the same way it was possible to accurately anticipate the effect of the Snowden disclosures on the developing European data privacy framework, it is certainly possible to guess how the approach to transatlantic dataflows between the EU and the US will be influenced by Donald Trump’s election.
Part of the reason why we can see the EU’s direction of travel on this issue is a direct result of Trump’s campaign to become the next US President. Supporters and detractors alike will probably agree that Mr Trump’s expressed views on national security matters were fairly uncompromising. This has led to a well-publicised perception that the defence of civil liberties is not his top priority or at least not as far as those liberties benefit non-US nationals. Or to put it in a slightly different way, Trump’s recent speeches and statements are not seen in the EU as aligned with the European goal of balancing the need for both surveillance and privacy.
Rightly or wrongly, this has already generated a significant degree of scepticism regarding the robustness of existing or planned controls on Government access to data. Frankly, not the best position to be in at a time when the EU-US Privacy Shield framework has just started to operate and is facing two legal challenges in the Court of Justice of the European Union (‘CJEU’) that question its compatibility with EU law principles and fundamental rights. When in October 2015, the CJEU dramatically invalidated Safe Harbor, it also put the European Commission (‘Commission’) on notice that from that moment onwards, any assessment regarding a country’s adequate level of protection for European data would need to consider the ability of that country to control its own access to data by the state. With that in mind, the Commission embarked on an ambitious mission to get the US Government to tick all of the CJEU’s boxes - not an easy task by any standards.