The future of the EU-US Privacy Shield was dealt another blow this week when the European Data Protection Supervisor (EDPS) announced that, in his view, the Privacy Shield still needs improving. This echoes the recent sentiments of the Article 29 Working Party, which is concerned about the bulk collection of EU citizens' data. The European Parliament also last week asked the Commission to renegotiate the Privacy Shield to address serious flaws.
The Privacy Shield was negotiated as a replacement means to protect the trans-Atlantic flow of information after the Safe Harbour scheme was ruled invalid by the European Court of Justice. The European Commission was aiming to have the Privacy Shield up and running by the end of June, however pressure is evidently mounting against it. And with the Irish Data Protection Commissioner recently announcing that it will be asking the European courts to opine on the validity of the EU Model Clauses as part of the ongoing Schrems saga, the future of cross-border data transfers remains uncertain.
The agreement was designed to replace the Safe Harbour pact, which the EU Court of Justice ruled invalid in 2015. But the EDPS Giovanni Buttarelli warned Privacy Shield was "not robust enough".