A security breach in the US could keep non-Americans private data at risk

A security breach in the US could keep non-Americans private data at risk
Image from Pixabay

The Court of Justice of the European Union (CJEU) considers that the regulations of the United States are not strict enough in terms of privacy since it allows the National Security Agency (NSA) to collect information belonging to non-Americans outside the country, through spying on data stored electronically on sites like Facebook, Apple or Google.

The CJEU has invalidated the 2016 ‘Privacy Shield’ agreement between the European Union and the US, by which North American companies can use the data of European users, as it considers that an adequate level of protection is not guaranteed.

In this way, Europe believes that there is a US security gap and that Europeans’ private data are not protected at the same level as Community law does ensure.

The now-invalidated agreement allowed more than 5,300 U.S. companies to collect data from Europeans that could subsequently reach the Hands of the US Government through the laws of that country.

The European Court has stated in the judgment of invalidity of the agreement that the “general character, the exception […] thus possible interference, based on demands concerning national security, public interest and compliance with U.S. law.”

The text continues, noting that “such interference may occur as a result of access to personal data transferred from the Union to the United States and the use of such data by us public authorities, within the framework of the PRISM and Upstream surveillance programmes”.

The US authorities have reacted to this nullity by merely mentioning, through their Secretary of Commerce, Wilbur Ross, a possible negative economic impact on “the $ 7.1 billion transatlantic economic relationships that is so vital to our respective citizens, companies and governments.”