“For the first time ever, the United States has given the EU binging assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards and oversight mechanisms,” Europen Union commissioner for justice, consumers and gender equality Vera Jourova announced yesterday in light of the officiation of the EU-US Privacy Shield.
“The new EU-US Privacy Shield will protect the fundamental rights of Europeans when their personal data is transferred to U.S. companies.”
After the Safe Harbor act was decreed invalid by the European Court of Justice in October, American data storage companies were at a loss as to how to provide their services overseas without being liable.
The agreement was a compromise reached by the European Union in order to accommodate for the discrepancy between strong privacy protections in Europe and weaker ones in the United States. When leaks from Edward Snowden made it clear how much the U.S. was tolerating mass surveillance for the sake of national security, the courts decreed that the Safe Harbor agreement wasn’t strong enough to actually lessen the threat of American snooping.
“Also for the first time,” Jourova continued, “EU citizens will benefit from redress mechanisms in this area. In the context of the negotiations for this agreement, the U.S. has assured that it does not conduct mass or indiscriminate surveillance of Europeans. We have established an annual joint review in order to closely monitor the implementation of these commitments.”
Once the Safe Harbor agreement was stricken down, American data storage companies were in limbo as to how to best handle overseas data without making themselves potentially liable for their allowance of government snooping. Jourova references the way that US government agencies have been forced to agree not to snoop, and that there are now ways to hold individuals and agencies accountable if they are caught violating this agreement.
“Without a new Safe Harbor agreement to protect U.S. companies handling the data of European citizens from EU privacy restrictions, enforcement actions would have begun immediately,” explained Neil Stelzer regarding the importance of this 11th hour agreement.
“There’s not talking of a grace period or a deadline extension.”
That means European regulators could have pursued high-profile targets that handle huge amounts of data like Google and Facebook.
“Regulators have limited resources, so what they will do is go after big names that will make the papers and try to get big fines issued against them,” Steelier said. “Those fines in Europe are quite substantial, so they’re something you’re going to want to avoid.”
As for how data will continue to be kept secure in Europe, America, and globally, there’s know way of knowing for certain, but people have their suspicions.
“With deep learning, we can take huge amounts of unlabeled data and use a small number of labels to create labels for the whole data set,” offered senior technical director for machine learning at Symantec Andrew Gardner.
“I expect that in the future we will see more companies looking at adopting deep learning security data because I can’t think of any other way that they can feasibly process all the data that they collect.”