BRUSSELS—New rules governing trans-Atlantic data transfers were formally approved Tuesday, months after Europe’s top court ruled against the previous arrangements amid concerns over the surveillance activities of U.S. intelligence agencies.
The European Union and the U.S. say the new Privacy Shield imposes stricter obligations on American companies, including the likes of Facebook and Apple, to safeguard the personal data of individuals, from health matters through to social media activities.
As part of the deal, the U.S. government has assured that any access on national security grounds by public authorities to personal data transferred under the new arrangements will be subject to “clear conditions, limitations, oversight and preventing generalized access.”
The two sides say that includes stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission including increased cooperation with European authorities.
Under the terms of the new deal, there will be an annual joint review of the pact and those who think their data has been misused has a route for complaint. And the U.S. will appoint a new official — an ombudsman based at the State Department — responsible for following up on European complaints.
