Data transfer is safe with the Privacy Shield!
Posted: Mon Jan 20, 2025 4:17 am
This was confirmed a few months ago and now the Privacy Shield is being implemented as a staunch defender of data transfer.
In October, we published a blog post about the end of the Safe Harbor Agreement , the legal agreement that covered international data transfers between the United States and Europe.
The whole problem starts with the Safe Harbor
Data exchange under discussion
The fuse was lit by the issue of leaks obtained from the NSA (American National Security Agency) by Edward Snowden, which called into question the security and treatment of data of European citizens that was carried out on the other side of the Atlantic.
Due to the different criteria and measures adopted by Europe and the United States in terms of surveillance and protection of personal data, this agreement was eventually annulled by the Court of Justice of the European Union on 6 October 2015.
Following the cessation, both parties agreed to work on drafting a new document that would truly ensure the secure handling and exchange of data by American companies.
It should be remembered that the laws of the United States are much more lax and permissive than those adopted by European countries (which come from Guidelines established by the EU), which is why the CJEU ended up declaring that agreement null and void.
Basically, it is due to the failure to guarantee a sufficient level of protection and the cash app database lack of respect for European privacy laws.
For this reason, and after a 4-month legal vacuum, the Privacy Shield was created in February 2016 .
Privacy Shield emerges as a guardian of data transfer
Privacy Shield - The Guardian of Data Transfer
The Privacy Shield was intended to lay the foundations for a new agreement and establish a new regulatory model for the protection of personal data that was more restrictive and adapted to European regulations.
The aim was to fill this legal gap and align the laws of Europe and the United States with regard to data transfer.
This week we learned that Privacy has been launched.
The European Commission has given the green light to this new text, which will come into force immediately in Europe and in the United States in August.
The new text aims to create a new system to protect the fundamental rights of European citizens whose data is transferred to the US, generating legal clarity for companies that depend on international data transfers between Europe and the US.
The European Commission has carefully examined the opinion of the working group, this body made up of different data protection authorities has clarified the text and agreed with the United States Government:
Provide clarifications on data collected in bulk.
Strengthen the Ombudsman mechanism.
Introduce more explicit obligations for companies regarding data retention and transfer limits.
Both the European Commissioner for Justice, Věra Jourová, and Penny Pritzker, the US Secretary of State, have expressed their conviction and satisfaction with the new agreement reached and are optimistic that it will not be challenged in court again.
Although American companies must self-certify to comply and ensure that they actually comply with the relevant level of protection dictated by European standards, it is also established that an entity such as the Department of Commerce can monitor and verify that these companies actually comply with the relevant protection standard.
This not only ensures that companies that sign the treaty sign it, but also that the Government can monitor it and there is a real desire to ensure that it is complied with.
Regarding the usefulness of the figure of the Ombudsman, who is the person who will be in charge of channelling possible complaints from Europeans to the US Government regarding data protection, we cannot yet comment until it is put into operation.
Time will have to pass to see if there is indeed involvement, commitment and willingness on the part of the NSA (National Security Agency) on which it depends.
Legal experts have welcomed this agreement from different perspectives.
Some people think that this agreement is a veto for the United States government to apply its intensive, indiscriminate and uncontrolled surveillance programmes on the transfer of personal data of European citizens who are on American soil.
In addition, a regulatory framework is being established so that European citizens feel represented and protected in their countries, imposing more obligations on US companies in the handling of data from European countries.
Privacy Shield and data protection
Others are more moderately optimistic and consider this agreement to be an important step, but at the same time call it a “patch”, sensing that the Privacy Shield will not end up bringing about significant changes in practice with respect to the Safe Harbor.
They also think that now a fence is being put on the massive and indiscriminate surveillance of data, that as much as possible will be filtered about what is being searched for and that it will be adjusted as far as possible to justified cases... but that these practices will not end up disappearing.
En mi opinión este acuerdo supone un pequeño paso adelante, quizás no suficiente pero si valorable de cara a equiparar dos legislaciones en ocasiones un tanto antagónicas en el tema de la transferencia de datos.
Hay aún muchos puntos débiles, pero es preferible un acuerdo de este tipo que la ausencia de acuerdo, ya que, si las empresas americanas no pudieran trabajar con datos procedentes de la Unión Europea no sería malo solo para estas firmas, sino también para los europeos.
Gracias al Privacy Shield conseguimos certidumbre jurídica, que sea o no suficiente para que nuestros datos personales que se encuentren en suelo americano estén bajo el mismo nivel de protección que en Europa, aparentemente parece que no.
Pero, es sin duda, un paso hacia delante o como lo tachan algunos una “patada a seguir” de cara a establecer nuevas normativas que nos protejan para que nuestros derechos fundamentales no se transgredan y el intercambio de datos esté a salvo.
Discharge
Consejos para proteger nuestras comunicaciones
Edward Snowden ha sido el responsable de despertar en nuestras mentes el tema de la privacidad en nuestras comunicaciones en Internet, de que nos espían y de generar conciencia de ello.
Hemos pasado de no preocuparnos en absoluto por estos aspectos a pensar que es imposible que podamos protegernos ante entes tan poderosos como la NSA.
The NSA and the Privacy Shield
Más, cuando sabemos positivamente que el resto de los gobiernos no están dispuestos a protegernos de sus abusos.
Hemos pasado de 0 a 100 Km/h en menos de 4 segundos, como un Lamborghini Diablo SV
¿Y qué mejor forma de concluir este artículo que con unos consejos del propio Snowden acerca de cómo podemos proteger la seguridad en nuestras comunicaciones?
Cifra tus llamadas telefónicas y tus mensajes de texto
Para ello existe una aplicación que él mismo recomienda denominada Signal, de Open Whsiper Systems.
Es libre y con ella te aseguras de que si tus comunicaciones son interceptadas no podrán ser descifradas.
Cifra tu disco duro
Para ello recomienda VeraCrypt, de tal forma, que si tu ordenador cayera en manos ajenas, la información de tus fotos, de dónde vives o a qué escuela van tus hijos no saldría al descubierto.
Usa un gestor de contraseñas
KeePassX nos puede ayudar en esta tarea.
¿Te acuerdas de aquel servicio en el que te diste de alta en 2007 de una aplicación que no recuerdas exactamente qué hacía con las imágenes?
Pues bien, tus credenciales podrían quedar expuestas si este servicio se hackea y por casualidades de la vida la contraseña que usabas es la misma que usas actualmente en Gmail y con la que te logueas en Redes Sociales.
Si no te ha recorrido un escalofrío por el cuerpo deberías volver a leer este párrafo.
Usa la validación en dos pasos
This method is used so that if someone steals your password or it is exposed somewhere, the service provider can send you a second authentication method through an alternative channel, for example, via SMS.
Many online services offer this form of verification, including Google.
If the issue of the end of Safe Harbor and the new Privacy Shield agreement has served to at least make us aware of the importance of what happens with the information we leave on the Internet, then so be it.
Photo ( International data ): Shutterstock
And what do you think? Do you think that data transfer is protected by the Privacy Shield?
Share
Share
Find keywords in seconds
Boost your SEO results with a powerful keyword strategy
Enter your keyword
Free Keyword Tool
In October, we published a blog post about the end of the Safe Harbor Agreement , the legal agreement that covered international data transfers between the United States and Europe.
The whole problem starts with the Safe Harbor
Data exchange under discussion
The fuse was lit by the issue of leaks obtained from the NSA (American National Security Agency) by Edward Snowden, which called into question the security and treatment of data of European citizens that was carried out on the other side of the Atlantic.
Due to the different criteria and measures adopted by Europe and the United States in terms of surveillance and protection of personal data, this agreement was eventually annulled by the Court of Justice of the European Union on 6 October 2015.
Following the cessation, both parties agreed to work on drafting a new document that would truly ensure the secure handling and exchange of data by American companies.
It should be remembered that the laws of the United States are much more lax and permissive than those adopted by European countries (which come from Guidelines established by the EU), which is why the CJEU ended up declaring that agreement null and void.
Basically, it is due to the failure to guarantee a sufficient level of protection and the cash app database lack of respect for European privacy laws.
For this reason, and after a 4-month legal vacuum, the Privacy Shield was created in February 2016 .
Privacy Shield emerges as a guardian of data transfer
Privacy Shield - The Guardian of Data Transfer
The Privacy Shield was intended to lay the foundations for a new agreement and establish a new regulatory model for the protection of personal data that was more restrictive and adapted to European regulations.
The aim was to fill this legal gap and align the laws of Europe and the United States with regard to data transfer.
This week we learned that Privacy has been launched.
The European Commission has given the green light to this new text, which will come into force immediately in Europe and in the United States in August.
The new text aims to create a new system to protect the fundamental rights of European citizens whose data is transferred to the US, generating legal clarity for companies that depend on international data transfers between Europe and the US.
The European Commission has carefully examined the opinion of the working group, this body made up of different data protection authorities has clarified the text and agreed with the United States Government:
Provide clarifications on data collected in bulk.
Strengthen the Ombudsman mechanism.
Introduce more explicit obligations for companies regarding data retention and transfer limits.
Both the European Commissioner for Justice, Věra Jourová, and Penny Pritzker, the US Secretary of State, have expressed their conviction and satisfaction with the new agreement reached and are optimistic that it will not be challenged in court again.
Although American companies must self-certify to comply and ensure that they actually comply with the relevant level of protection dictated by European standards, it is also established that an entity such as the Department of Commerce can monitor and verify that these companies actually comply with the relevant protection standard.
This not only ensures that companies that sign the treaty sign it, but also that the Government can monitor it and there is a real desire to ensure that it is complied with.
Regarding the usefulness of the figure of the Ombudsman, who is the person who will be in charge of channelling possible complaints from Europeans to the US Government regarding data protection, we cannot yet comment until it is put into operation.
Time will have to pass to see if there is indeed involvement, commitment and willingness on the part of the NSA (National Security Agency) on which it depends.
Legal experts have welcomed this agreement from different perspectives.
Some people think that this agreement is a veto for the United States government to apply its intensive, indiscriminate and uncontrolled surveillance programmes on the transfer of personal data of European citizens who are on American soil.
In addition, a regulatory framework is being established so that European citizens feel represented and protected in their countries, imposing more obligations on US companies in the handling of data from European countries.
Privacy Shield and data protection
Others are more moderately optimistic and consider this agreement to be an important step, but at the same time call it a “patch”, sensing that the Privacy Shield will not end up bringing about significant changes in practice with respect to the Safe Harbor.
They also think that now a fence is being put on the massive and indiscriminate surveillance of data, that as much as possible will be filtered about what is being searched for and that it will be adjusted as far as possible to justified cases... but that these practices will not end up disappearing.
En mi opinión este acuerdo supone un pequeño paso adelante, quizás no suficiente pero si valorable de cara a equiparar dos legislaciones en ocasiones un tanto antagónicas en el tema de la transferencia de datos.
Hay aún muchos puntos débiles, pero es preferible un acuerdo de este tipo que la ausencia de acuerdo, ya que, si las empresas americanas no pudieran trabajar con datos procedentes de la Unión Europea no sería malo solo para estas firmas, sino también para los europeos.
Gracias al Privacy Shield conseguimos certidumbre jurídica, que sea o no suficiente para que nuestros datos personales que se encuentren en suelo americano estén bajo el mismo nivel de protección que en Europa, aparentemente parece que no.
Pero, es sin duda, un paso hacia delante o como lo tachan algunos una “patada a seguir” de cara a establecer nuevas normativas que nos protejan para que nuestros derechos fundamentales no se transgredan y el intercambio de datos esté a salvo.
Discharge
Consejos para proteger nuestras comunicaciones
Edward Snowden ha sido el responsable de despertar en nuestras mentes el tema de la privacidad en nuestras comunicaciones en Internet, de que nos espían y de generar conciencia de ello.
Hemos pasado de no preocuparnos en absoluto por estos aspectos a pensar que es imposible que podamos protegernos ante entes tan poderosos como la NSA.
The NSA and the Privacy Shield
Más, cuando sabemos positivamente que el resto de los gobiernos no están dispuestos a protegernos de sus abusos.
Hemos pasado de 0 a 100 Km/h en menos de 4 segundos, como un Lamborghini Diablo SV
¿Y qué mejor forma de concluir este artículo que con unos consejos del propio Snowden acerca de cómo podemos proteger la seguridad en nuestras comunicaciones?
Cifra tus llamadas telefónicas y tus mensajes de texto
Para ello existe una aplicación que él mismo recomienda denominada Signal, de Open Whsiper Systems.
Es libre y con ella te aseguras de que si tus comunicaciones son interceptadas no podrán ser descifradas.
Cifra tu disco duro
Para ello recomienda VeraCrypt, de tal forma, que si tu ordenador cayera en manos ajenas, la información de tus fotos, de dónde vives o a qué escuela van tus hijos no saldría al descubierto.
Usa un gestor de contraseñas
KeePassX nos puede ayudar en esta tarea.
¿Te acuerdas de aquel servicio en el que te diste de alta en 2007 de una aplicación que no recuerdas exactamente qué hacía con las imágenes?
Pues bien, tus credenciales podrían quedar expuestas si este servicio se hackea y por casualidades de la vida la contraseña que usabas es la misma que usas actualmente en Gmail y con la que te logueas en Redes Sociales.
Si no te ha recorrido un escalofrío por el cuerpo deberías volver a leer este párrafo.
Usa la validación en dos pasos
This method is used so that if someone steals your password or it is exposed somewhere, the service provider can send you a second authentication method through an alternative channel, for example, via SMS.
Many online services offer this form of verification, including Google.
If the issue of the end of Safe Harbor and the new Privacy Shield agreement has served to at least make us aware of the importance of what happens with the information we leave on the Internet, then so be it.
Photo ( International data ): Shutterstock
And what do you think? Do you think that data transfer is protected by the Privacy Shield?
Share
Share
Find keywords in seconds
Boost your SEO results with a powerful keyword strategy
Enter your keyword
Free Keyword Tool