News Stream Books Videos Web Conferences Subscriptions Advertise About IAPP Publications
Daily Dashboard Daily Dashboard

The day’s top stories from around the world

 AI Governance Dashboard – New AI Governance Dashboard – New

Stay on top of the latest AI governance news and developments of the profession.

 The Privacy Advisor The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

 Privacy Perspectives Privacy Perspectives

Where the real conversations in privacy happen

 Privacy Tech Privacy Tech

Exploring the technology of privacy

 Canada Dashboard Digest Canada Dashboard Digest

A roundup of the top Canadian privacy news

 Europe Data Protection Digest Europe Data Protection Digest

A roundup of the top European data protection news

 Asia-Pacific Dashboard Digest Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

 Latin America Dashboard Digest Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

 U.S. Privacy Digest U.S. Privacy Digest

A roundup of US privacy news
Overview KnowledgeNet Chapters Sections Affinity Groups Volunteer Annual Awards Member Directory Career Central
Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

 IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

 IAPP Calendar

Review a filterable list of conferences, KnowledgeNets, LinkedIn Live broadcasts, networking events, web conferences and more.
Overview Online Training Live Online Training In-Person Training Books Practice Exams Train Your Staff Official Training Partners Web Conferences
Artificial Intelligence Governance Professional Artificial Intelligence Governance Professional

Learn how to surround AI with policies and procedures that make the most of its potential by reducing its risks.

 European Data Protection (CIPP/E)

Understand Europe’s framework of laws, regulations and policies, most significantly the GDPR.

 U.S. Private-Sector Privacy (CIPP/US)

Steer a course through the interconnected web of federal and state laws governing U.S. data privacy.

 Canadian Privacy (CIPP/C)

Learn the intricacies of Canada’s distinctive federal/provincial/territorial data privacy governance systems.

 Privacy Program Management (CIPM)

Develop the skills to design, build and operate a comprehensive data protection program.

Privacy in Technology (CIPT)

Add to your tech knowledge with deep training in privacy-enhancing technologies and how to deploy them.

 Foundations of Privacy and Data Protection

Introductory training that builds organizations of professionals with working privacy knowledge.

 Privacy Law Specialist Training (PLS)

Meet the stringent requirements to earn this American Bar Association-certified designation.
Overview Certification Programs Get Certified How to Prepare Continuing Privacy Education (CPE) Fees Certify Your Staff Verify a Certification
CIPP Certification CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

 CIPM Certification CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

 CIPT Certification CIPT Certification

As technology professionals take on greater privacy responsibilities, our updated certification is keeping pace with 50% new content covering the latest developments.

 FIP Designation FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

 Privacy Law Specialist Privacy Law Specialist

The first title to verify you meet stringent requirements for knowledge, skill, proficiency and ethics in privacy law, and one of the ABA’s newest accredited specialties.

 AIGP Certification AIGP Certification

Ensures individuals responsible for AI systems can reduce the risks associated with this technology.

 Certificação CDPO/BR Certificação CDPO/BR

Mostre seus conhecimentos na gestão do programa de privacidade e na legislação brasileira sobre privacidade.

 Certification CDPO/FR Certification CDPO/FR

Certification des compétences du DPO fondée sur la législation et règlementation française et européenne, agréée par la CNIL.
Tools and Trackers Research Glossary Global Privacy Directory Enforcement Database Westin Research Center Web Conferences Jobs Privacy Vendor Marketplace
Global Privacy Directory

This tool identifies global data protection authorities and privacy legislation.
US State Privacy Legislation Tracker

The IAPP’s US State Privacy Legislation Tracker consists of proposed and enacted comprehensive state privacy bills from across the U.S.
Reports and Surveys

Access all reports and surveys published by the IAPP.
Privacy Governance Report

This report shines a light on the location, performance and significance of privacy governance within organizations.
Privacy Risk Study

This year’s Privacy Risk Study represents the most comprehensive study of privacy risk undertaken by the IAPP in collaboration with KPMG.
Artificial Intelligence

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources covering AI connections to the privacy space.
CCPA and CPRA

IAPP members can get up-to-date information here on the California Consumer Privacy Act and the California Privacy Rights Act.
EU General Data Protection Regulation

The IAPP's EU General Data Protection Regulation page collects the guidance, analysis, tools and resources you need to make sure you're meeting your obligations.
Data Protection Intensive: UK Data Protection Intensive: UK

Explore the full range of U.K. data protection issues, from global policy to daily operational details.

Global Privacy Summit Global Privacy Summit

Expand your network and expertise at the world’s top privacy event featuring A-list keynotes and high-profile experts.

AI Governance Global AI Governance Global

A new event in Brussels for business leaders, tech and privacy pros who work with AI to learn about practical AI governance, accountability, the EU AI Act and more.

 Canada Privacy Symposium Canada Privacy Symposium

Leaders from across the Canadian privacy field deliver insights, discuss trends, offer predictions and share best practices.

Asia Privacy Forum Asia Privacy Forum

Hear top experts discuss global privacy issues and regulations affecting business across Asia.

 Privacy. Security. Risk. (P.S.R.) Privacy. Security. Risk. (P.S.R.)

P.S.R. focuses on the intersection of privacy and technology. The call for proposals to speak at the 2024 event is open. Submit your ideas today.

 Europe Data Protection Congress Europe Data Protection Congress

Europe’s top experts offer pragmatic insights into the evolving landscape and share knowledge on best practices for your data protection operation.

 ANZ Summit ANZ Summit

Gain exclusive insights about how privacy affects business in Australia and Aotearoa New Zealand.

 Speak at an IAPP Event

View our open calls and submission instructions.

 Sponsor an Event

Increase visibility for your organization — check out sponsorship opportunities today.

Individual Membership Corporate Membership Group Membership Student Membership
Become a Member

Start taking advantage of the many IAPP member benefits today

 Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

 Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits
{[product.name]} {[ product.name ]}
clear
mode_editEdit
remove_circle_outline {[ getCartItemQuantity(product.id) ]} add_circle_outline
{[ product.price | currencyFilter ]}
TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

The Privacy Advisor | Judicial Redress Bill Passes U.S. House; Does It Solve the Problem? Related reading: Will the EU and U.S. Open a Transatlantic Umbrella?

rss_feed

""

Amongst the news of the Umbrella Agreement between the EU and U.S. on the sharing of law enforcement information announced in late September was a caveat: The European Commission would not sign on until the passage of U.S. HR 1428, also known as the Judicial Redress Act.

One might think, given the relative gridlock that usually grips the U.S. Congress, that this would not be a small matter. However, the House of Representatives last night did in fact pass HR 1428, moving the bill a step closer to law. The Senate must now take the legislation up.

This bill is not just important for the Umbrella Agreement, however. Many observers here in Brussels believe the Judicial Redress Act is also vital for the creation of “Safe Harbor 2.0,” which the U.S. Department of Congress and the European Commission have been negotiating for the past two years.

The Judicial Redress Act would “designate foreign countries or regional economic integration organizations whose natural citizens may bring civil actions under the Privacy Act of 1974 against certain U.S. government agencies for purposes of accessing, amending or redressing unlawful disclosures of records maintained by an agency.”

The idea is that the U.S. Department of Justice could designate the EU's member states and then European citizens would have the legal recourse they desire, should their data be inappropriately accessed by law enforcement in the U.S. In an interview, European Data Protection Supervisor Giovanni Buttarelli identified this bill specifically as something that would allow the U.S. to move toward becoming “essentially equivalent” to the EU, which would address the recent ruling of the European Court of Justice (ECJ).

Further, the European Commission’s Bruno Gencarelli, head of unit for data protection in DG Justice, called passage of the Judicial Redress Act a “huge step” in moving toward a “sustainable” Safe Harbor 2.0. He said both the Commission and Commerce know that the next agreement will be brought before the ECJ in short order and that any new agreement must be able to withstand that scrutiny or it would be a “disaster.”

Finally, Věra Jourová, the commissioner overseeing Safe Harbor’s negotiations, said the bill “specifically addresses the situation” in her explanation of next steps to the European Parliament.

However, a number of privacy advocates here in Brussels are skeptical that the Judicial Redress Act will get a Safe Harbor 2.0 past the ECJ. The Privacy Act of 1974 has a number of carve-outs for law enforcement and intelligence actions. What good would this do EU citizens if they are concerned about things like the PRISM program, run by the U.S. National Security Agency (NSA), and the NSA is exempt from the Privacy Act’s provisions?

That’s a question sure to be thrown around on both continents in the days and months to come. 

photo credit: 3D Scales of Justice via photopin (license)

Author
Headshot Sam Pfeifle Nonmember Contributor
Tags
Europe
U.S.
Enforcement
Privacy Law
Transborder Data Flow
2 Comments

If you want to comment on this post, you need to login.

  • comment Frederik Van Remoortel • Oct 21, 2015 
    Could another issue be that the application of the EU Directive is not based on EU Citizenship (but is linked to the activities of the controller cf. article 4.1 of the Directive) whereas the Judicial Redress Bill seems to be limited to EU Citizens?
  • comment Sam Pfeifle • Oct 21, 2015 
    That's a great question and I think it's yet to be determined. However, it's not that the Redress Bill is limited to EU citizens. Rather, it's limited to those countries the Department of Justice designates. So, it could be EU citizens, along with lots of other partner nations, depending on whether that would be important for data transfer negotiations.
Related Stories
Will the EU and U.S. Open a Transatlantic Umbrella?
After a five-year, arduous negotiation spanning two EU Commissions and several changes in negotiation teams, the EU and U.S. completed work on the data protection "Umbrella Agreement" regarding law enforcement data sharing. This agreement will put in place a comprehensive, high-level data protection...
Read More queue Save This
LIBE: Why Did Safe Harbor Last 15 Years?
The European Parliament’s Civil Liberties Committee (LIBE) met to debate the European Court of Justice’s recent decision in the Schrems Case invalidating Safe Harbor. The resounding message: What took so long? “It’s important to highlight that something went wrong here,” said German Green MEP Jan Ph...
Read More queue Save This
Don't Panic About Safe Harbor ... Yet
“Don’t panic” about EU-U.S. personal data transfers was the advice of UK Information Commissioner Christopher Graham. And in this exclusive for The Privacy Advisor, Denis Kelleher suggests it is excellent advice for anyone considering the recent judgment of the European Court of Justice in Schrems. ...
Read More queue Save This
Related Stories
Tags
Europe
U.S.
Enforcement
Privacy Law
Transborder Data Flow
Recent Comments