Push intensifies for personal data rules change

Calls for a change to international rules on data transfers intensified Monday when two leading trade associations called on U.S. and European Union decision-makers to take action.

The American Chamber of Commerce to the European Union (AmCham EU) and the International Chamber of Commerce (ICC) “urgently call upon decision-makers on both sides of the Atlantic to deliver real progress on international transfers of personal data, a matter of growing concern for businesses worldwide,” the trade groups said in a statement.

The call for action comes as more and more companies face legal uncertainty sparked by the very different approach to data privacy in the U.S. and Europe.

In recent weeks SWIFT, a Belgian financial data transfer company, has been found guilty of handing over personal data to U.S. authorities in breach of European data protection laws. SWIFT was forced to hand over the data by U.S. officials investigating terrorist financing.

Meanwhile, European airlines are being forced by the U.S. to break European data protection laws by handing over personal details about passengers flying to the U.S. Failure to hand over the information, including passengers’ names, addresses and credit card details, would result in them losing landing rights at U.S. airports, or being fined up to US$6,000 per passenger.

AmCham EU and the ICC said companies are increasingly faced with the challenge of how to manage efficiently the growing number of complexities of their employee and customer data.

“This is every bit as true for European businesses operating in the U.S., for U.S. companies doing business in Europe and for companies operating in other parts of the world,” the groups said in a statement issued at the beginning of a two-day conference in Brussels about international transfers of personal data. The conference was organized by the European Commission and the U.S. Department of Commerce.

The legal framework in the E.U. has not effectively eliminated national data protection, forcing companies to comply with rules from 25 different sets of laws when processing data, the groups found. “Companies operating outside the E.U., notably in the U.S., are especially hard-hit by this massive set of requirements,” they said.

Exemptions from some of the more onerous requirements of Europe’s tougher data protection rules include the Safe Harbor Agreement, signed in 2000, which lays out seven principles of data privacy. Companies that sign the agreement get immunity from some of the European laws, allowing them to transfer data to the U.S.

AmCham EU and the ICC were involved in drafting alternative standard contractual clauses for data transfers by companies. They are also promoting the use of Binding Corporate Rules, another legal tool to get around the problem of differing rules on data protection.

“Closer cooperation between the E.U., the U.S. government, global business and other international institutions will lead to data protection mechanisms that will protect the rights of individuals and take business realities into account,” AmCham EU and the ICC said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now