TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Europe Data Protection Digest | Notes from the IAPP Europe Managing Director, 24 September 2021 Related reading: UK Parliament committee to review EU-UK adequacy agreement

rss_feed

""

Greetings from Brussels!

It’s been a whirlwind week in international politics and the global stage. A week that threatened to derail trans-Atlantic relations and overall entente. At the heart of the discord, Australia canceled a bilateral multibillion dollar contract with the French government to purchase several conventional submarines in favor of a U.S. contract to deliver a fleet of nuclear-powered ones. Moreover, this coincided with Australia, the U.K. and the U.S. also announcing the formation of a new trilateral security alliance in the Indo-Pacific region called AUKUS, a defense pact to help Australia develop and deploy nuclear-powered naval capability, but also designed to work toward the development of technological capabilities in the areas of artificial intelligence and cybersecurity.

On the balance of media reports, it seems these agreements and decisions were taken in isolation without any meaningful diplomatic discussion or consultation with France or the EU and its member states. There has been a clear (vocal) and palpable sense of dismay emanating from Paris, but also from other European capitals, including Brussels, with European Commission President Ursula von der Leyen referring to the treatment of France as "not acceptable." Why does this all matter, you may ask? The short answer is that it has a trickledown effect on ongoing (global) trade discussions, including discussions that could influence consensus building around emerging technologies, which by their very nature impact the business of international data flows and transfers.

As you may know, the Trade and Technology Council, an EU-U.S. initiative formed to find common positions on critical issues related to trade and emerging tech, is set to have a first meeting in Pittsburgh next week. France, considering the recent crisis, has been pushing for a postponement of the summit. It is an awkward standoff for the EU, although my understanding is that other member states including Germany, Ireland, Italy and the Netherlands have been working diligently to push back on France’s request. Building a trans-Atlantic framework for trade and tech is, in the views of many, a necessary initiative if we are ever going to agree on shared principles, rules and standards. The dialogue is needed, and diplomatic tensions need to be addressed and resolved to avoid mistrust between Washington and Brussels. To be clear, the agenda for the planned discussions is centered around a number of trade matters, AI, platform regulations and related supply chain issues. There is no explicit agreement to include negotiations on Privacy Shield and data flows as the EU position remains one that these need to be resolved in a separate set of talks: Those talks are far from done. All said, there can be no denying there is an interdependence of outcomes to these discussions. However, it remains to be seen if the TTC talks will go ahead next week, despite some efforts undertaken to alleviate the current crisis.

Sticking with the topic of data transfers, a quick reminder on the new standard contractual clauses for transfer of personal data from the EU to third countries. The new SCCs are required for new transfer agreements entered on or after 27 Sept., which is Monday. Existing agreements currently in place have until 27 Dec. 2022 to be replaced with the new SCCs. There is much work to be done around the new SCC requirements around transfer impact assessments, and specifically around the destination jurisdiction.

And finally, and I would just like to remind everyone the annual call for IAPP volunteers for all our Boards and KnowledgeNet Chapter chairs as well as Young Privacy Professionals positions is well under way and the deadline for applications is 1 Oct. If you want to become a leader in the field and support the growth of the privacy profession, look no further: We want to hear from you.  

1 Comment

If you want to comment on this post, you need to login.

  • comment Stefan Plier • Sep 24, 2021
    Thanks Paul, very informative.