European Parliament: US does not protect data European citizens enough

The European Parliament calls on the European Commission to suspend the Privacy Shield agreement with the US. The United States must comply with rules to protect the data of European citizens by September 1.

The resolution calling for it was passed Thursday with 303 votes in favour, 223 against and 29 abstentions. The US must do more to protect the data of European citizens, according to the European Parliament. It refers to the Cambridge Analytica and Facebook scandal. These are just two of the thousands of companies that processed data of European citizens under Privacy Shield. The abuse for influencing political opinions and elections showed, according to MEPs, that the agreement needs to be watched more closely. Parliament points out that, according to Facebook, data from 2.7 million Europeans has been incorrectly used by Cambridge Analytica.

In the future, the US government should act faster and stricter in case of abuse and remove companies that cross the line from the Privacy Shield list. Parliament is also concerned about the Cloud Act, or Clarifying Lawful Overseas Use of Data Act, which came into effect in March. This gives American authorities the authority to collect data stored abroad in criminal cases without the intervention of a court, for example if it is stored in a data center of an American company. The person whose data belongs to does not need to be informed.

The Privacy Shield agreement was concluded in 2016 and is the successor to the Safe Harbor framework. Companies such as Google, Microsoft and Facebook are allowed to process the data of European citizens on the basis of the Privacy Shield. The safeguards laid down in the agreement must guarantee that the data is sufficiently protected.