Last October, the European Court of Justice struck down the Safe Harbor agreement, a 15-year-old transatlantic arrangement that permitted U.S. companies to transfer data, such as people’s Google-search histories, outside the EU. In invalidating the agreement, the ECJ found that the blurry relationship between private-sector data collection and national security in the United States violates the privacy rights of EU citizens whose data travel overseas. The decision leaves U.S. technology companies with extensive international operations on shaky legal ground.
Although some informed American observers anticipated the decision, most were caught flat-footed; some seemed downright bewildered. Myron Brilliant, the executive vice president of the U.S. Chamber of Commerce, said, “It is particularly alarming that this long-standing agreement has been invalidated with no discussion of a transition period or guidance regarding how companies should comply with the law.” Critics of the decision, including U.S. Commerce Secretary Penny Pritzker, argue that it will jeopardize the transatlantic digital economy, costing U.S. firms billions of dollars. Without a new agreement, there is a significant risk that personal data will have to be quarantined within Europe, creating what Eric Schmidt, the executive chair of Alphabet (previously Google), called “per-country Internets.” If that occurred, he continued, it could risk destroying “one of the greatest achievements of humanity.” Critics also charge that the EU is acting unilaterally to protect its businesses against foreign competition, damaging the open, democratic nature of the Internet.
Read the full article at Foreign Affairs.