Table of Contents
WASHINGTON – The National Retail Federation welcomed the announcement Friday that a long-sought agreement in principle on transatlantic data flows has been reached between the United States and the European Union.
“Transatlantic data flows are vitally important to global retailers that operate establishments in Europe or sell goods online or by mobile apps to European consumers,” NRF senior vice president for Government Relations David French said. “NRF and our members have long supported a coherent regulatory system for EU-to-U.S. data transfers that works for both consumers and businesses and provides protective, flexible and predictable rules that permit retailers to serve their customers as they wish to be served. NRF has worked with our counterparts at EuroCommerce and with EU and U.S. government officials since 2016 to develop and support reasonable solutions to the challenge of disparate privacy regimes on both sides of the Atlantic. We continue to support and are very appreciative of the Biden administration’s efforts to resolve the invalidated EU-U.S. Privacy Shield, which is critically important to U.S. businesses serving EU customers. Retail is global and retailers want to be sure consumer and employee data is properly protected when transferred from Europe to the U.S.”
President Biden and European Commission President Ursula von der Leyen announced today that an agreement in principle has been reached on a successor to the invalidated EU-U.S. Privacy Shield. The announcement came as Biden is in Brussels to meet with NATO leaders on Russia’s invasion of Ukraine and other issues.
The previous version of the Privacy Shield was struck down by the EU’s highest court in 2020 only four years after it replaced an earlier Safe Harbor agreement on transatlantic data flows rejected by the same court in 2015. Since 2020, standard contractual clauses approved by the European Commission have served as an alternative for businesses transferring data between the U.S. and the EU, but conditions set by the court on their use have called continued reliance on them into question.
Working virtually because of the pandemic, NRF and EuroCommerce last fall held theirfifth annual joint meeting with senior officials of the European Commission and the European Data Protection Board to discuss a successor to the Privacy Shield. NRF and U.S. retailers also met with officials and staff from the U.S. Mission to the European Union and the U.S. Commerce Department.
NRF and EuroCommerce last year formed a Joint Working Group on International Data Transfers with the goal of fostering greater regulatory certainty for retailers as they negotiate EU data protection requirements on transfers of customer and employee data from EU countries to the United States. In August, the working group submitted a paper to the European Commission highlighting uncertainties within the retail industry about implementation of revised contractual clauses issued by the commission. The paper requested clarification on a range of implementation issues.