Over 40 International Business Groups Support Transatlantic Data Privacy Terms

MicroStockHub/Getty Images

A letter sent to EU and U.S. officials asked for more analysis on how requirements will be enforced within the EU-U.S. Data Privacy Framework.

An international cadre of business advocacy organizations cosigned a letter Tuesday sponsored by the Information Technology Industry Council requesting that European Union legislators formally ratify the commitments made between the EU and U.S. governments on data privacy, specifically in relation to the EU’s current adequacy decision process. 

A total of 41 organizations from both continents wrote in support of the privacy framework’s restrictions on surveilling American citizens and providing recourse for EU citizens who believe they have been victims of unlawful surveillance. They asked for more scholastic and expert review of the regulations outlined in the framework, and requested that it be made enforceable through the EU adequacy decision process. 

Adequacy decisions within the EU parliament determine if a country outside of the EU offers a suitable level of data protection that can coincide with EU law. 

“We urge all stakeholders to consider deliberately but fairly the substance of these new U.S. legal requirements, which establish unprecedented restrictions on U.S. surveillance activities as well as a meaningful redress mechanism for EU citizens,” the letter said. “We are heartened that these new safeguards serve to strengthen all existing transfer mechanisms available to companies, including standard contractual clauses, and should be relevant considerations in the context of EU supervisory authority investigations.”

The ITI and its signatories emphasized that establishing this framework would be a necessary step in facilitating data sharing between the EU and U.S. markets, a $7.1 trillion economic relationship, according to the letter. 

Business advocacy organizations have rallied to support more constructive transatlantic data sharing laws following the invalidation of the EU-U.S. Privacy Shield in 2020 as part of the Schrems II ruling. That legal ruling prevented the U.S. government from circumventing EU data privacy laws to harvest EU citizens’ online data. 

“New barriers to data transfers have undermined economic growth and stifled competition,” the letter said. 

It went on to outline the beneficial provisions included in the new data privacy framework, including establishing independent oversight of surveillance complaints and restricting the usage of national intelligence activities to safeguard civilian rights.

“Significantly, these measures are immediately binding on U.S. intelligence agencies,” the letter said. 

Unlike its EU allies, the U.S. still lacks a federal data privacy policy. The landmark executive order on the data privacy framework President Joe Biden signed in early October provided a blueprint for potential domestic regulation, and helps the U.S. participate in cross-border data transfers in sectors like financial services, e-commerce, media and health care. 

“As trusted allies and partners, the EU and U.S. require a data sharing framework that upholds citizens’ fundamental privacy rights, while providing national security authorities with the necessary and proportionate tools to protect citizens’ public safety interests at a time when shared democratic values are increasingly under threat,” the letter added.