On 8 September 2015, the EU finalised negotiations with the United States on high data protection standards for transatlantic law enforcement cooperation (“Umbrella Agreement”) which in fact reasserts citizens’ fundamental right to privacy on both sides of the Atlantic.
The EU-US data protection “Umbrella Agreement” provides a high-level data protection framework for EU-US law enforcement cooperation by regulating the exchange of personal data (e.g. names, addresses, criminal records) between the EU and the US for the purpose of prevention, detection, investigation and prosecution of criminal offences, including terrorism, in the framework of police and judicial cooperation in criminal matters.
In fact, the kinds of protection guaranteed are numerous: a clear limitation of data use; the prior consent of the country of origin if the data is transferred to a third country; retention time limits; right of the individuals concerned to access and rectify their data. However, and what is absolutely new, EU citizens will have the same judicial redress rights as US citizens in case of privacy breaches.
The agreement represents a remarkable achievement for 2 reasons: 1) it finally establishes a common ground for data protection, a field where the “cultural gap” between Europe and the US has traditionally been wide; 2) It contributes to rebuild trust in EU-US data flow, particularly damaged after the 2013 scandal of large-scale US intelligence surveillance of private communications (with political leaders being bugged themselves) denounced by former National Security Agency (NSA) subcontractor Edward Snowden.
The “Umbrella Agreement” will be signed and formally concluded only after the US Judicial Redress Bill will be approved by the Congress, which is highly likely, since it was introduced as a bipartisan proposal and enjoys the strong support of the Obama administration.