BRUSSELS -- The European Union and the United States struck a deal Tuesday over data-sharing that will allow the likes of Facebook and Apple to continue sending people's information across the Atlantic.
The sides had been trying to forge an agreement since October, when Europe's top court struck down the previous pact -- known as Safe Harbor -- because of concerns that Europeans' personal data stored by companies in the U.S. might be exposed to spying by U.S. intelligence agencies.
The new deal, once put in place, potentially brings an end to the prospect of legal challenges by individuals across the 28-country EU worried about privacy.
"Our people can be sure that their personal data is fully protected," said Andrus Ansip, the European Commissioner responsible for the digital single market, the EU's Internet trade bloc. "Our businesses, especially the smallest ones, have the legal certainty they need to develop their activities across the Atlantic."
Ansip said the new framework, which will be known as EU-US Privacy Shield, will ensure the "right checks and balances" for European citizens and added that it "offers significant improvements" to the previous deal, which had been struck at the turn of the century.
"This solution is much better than the one we had in the year 2000," he said.
Under the new deal, there will be an annual joint review of the data-sharing pact, with the first expected sometime next year. The U.S. has also promised to appoint a new official -- a so-called ombudsman based at the State Department -- responsible for following up on complaints upon referral from EU data protection officers.
"It's Safe Harbor with teeth," said Dyann Heward-Mills, head of data protection at London-based legal firm Baker & McKenzie. "I think this is good for business certainty and consumer trust."
In its October decision, the European Court of Justice declared the Safe Harbor pact was invalid because it did not adequately protect consumers' data stored in the U.S., in light of the spying revelations made by Edward Snowden, a former contractor at the U.S National Security Agency. Snowden's revelations had prompted the complaint to the court from an Austrian law student, Max Schrems.
The pact, which had been used by around 4,500 companies, had allowed the easy transfer of data from the EU by having U.S. companies promise to provide privacy protections equivalent to those in the EU.
Industry groups heralded the new deal, which they called critical because of the role cross-border data flows play in the modern economy.
"We welcome the agreement, which will provide strong privacy safeguards for consumers and legal certainty for the thousands of companies that depend on trans-Atlantic data flows," said Christian Borggreen, international policy director at the U.S.-based Computer & Communications Industry Association.
Others were a bit more cautious.
Sophie in't Veld, spokesman for data protection for the ALDE alliance of liberals in the European Parliament, said a legal appraisal of the safeguards offered by the U.S. is needed.
"It is highly doubtful that they offer meaningful protection to European citizens, or if they meet the standards set by the European Court of Justice," she said.
She noted that the assurances seem to rely exclusively on political commitment, instead of legal acts, so "any change in the political constellation in the U.S. may undo the whole thing."
Information for this article was contributed by Tami Abdollah of the Associated Press.
Business on 02/03/2016