Commission Decision 2000/520/EC of 26 July 2000, pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection afforded by the Safe Harbour Privacy Principles and frequently asked questions by the US Department of Commerce – earlier Commission decision on data adequacy due to the absence of sufficient guarantees for the protection of data transmitted by the US government to the was raised. Intervention. Data Protection in microsoft Cloud – Learn about Microsoft`s privacy principles and standards and our approach to compliance. But a data protection lawyer questioned the deal, arguing that U.S. national security law did not protect EU citizens from state sniffing. On 25 January 2017, US President Donald Trump signed an implementing decree entitled “Improving Public Safety”, which states that the United States Data protection is not extended beyond US citizens or residents: in accordance with current legislation, authorities must ensure that their data protection policies exclude from the protection of personal data persons who are not U.S. citizens or lawful permanent residents.  It turns out that neither a “shield” nor a “port” were metaphors large enough to mask this fundamental conflict of legal priorities when a regional trading bloc, with long-standing privacy laws, opposes a foreign regime that characterizes digital intrusion on national security grounds without regard for privacy. In order to guarantee the transatlantic flow of data between the EU and the US after this cancellation, the European Commission and the US government reached a new political agreement on this subject, after which the “Privacy Shield” decision was adopted in July 2016. The Data Protection Agreement concluded in December 2016 between the EU and the US established high data protection safeguards for transatlantic police cooperation. It contains a comprehensive set of data protection rules that apply to all transatlantic law enforcement trade.
In this way, it also strengthens law enforcement cooperation by facilitating the exchange of information. It thus achieves the dual objective of working with our American partners to fight serious crime and terrorism, while promoting the level of protection of Europeans in accordance with their fundamental rights and EU data protection rules. A final decision of the ECJ was made public in Schrems II on 16 July 2020.   The EU-US Privacy Shield for data exchange has been repealed by the Court of Justice of the European Communities on the grounds that it does not provide EU citizens with adequate protection against state espionage.  The European Data Protection Board (EDPD), an EU organisation whose decisions bind national data protection supervisory authorities, has stated that “transfers on the basis of this legal framework are illegal”.  Max Schrems, the Austrian behind the case, called it a gain for privacy. The Court of Justice of the European Communities (ECJ) has annulled an important agreement on the transfer of EU citizens` data to the United States. What data is transferred from the EU or Switzerland to the United States under the Microsoft Privacy Shield agreement? It should be noted that data transfer agreements containing SCCs may be concluded. However, they will not be self-sufficient and an obligation to assess and determine on a case-by-case basis the “substantial equivalence” of protection in the third country must be respected. This may lead to the need to update the CPCs and/or define additional measures on the basis of the results of such an assessment. The need to implement additional measures will depend on the outcome of such an assessment, taking into account the circumstances of the transfer(s). .