The European Commission has reached a new data transfer agreement with the United States. This comes in response to the recent order from the Irish Data Protection Commission (DPC) to Meta Platforms, instructing them to cease the transfer of users’ data from the European Union to the US.
The European Union has long been committed to safeguarding the data protection rights of its citizens, especially when it comes to the transfer of personal data outside the Union. However, the previous data transfer framework, known as the Privacy Shield, was invalidated by the Court of Justice of the European Union (CJEU) in 2020 over concerns about U.S. surveillance practices.
Meta, owners of Facebook, WhatsApp, Instagram and new record-breaking Threads, faced the consequences of this legal loophole when the company was fined a record €1.2 billion by the Irish Data Protection Commission. The social media giant’s practices failed to meet EU standards, resulting in the highest-ever fine under the General Data Protection Regulation (GDPR). This has also contributed to Threads’ unavailability in Ireland and the EU zone in general.
In addressing data protection challenges, the European Commission designed a new data transfer pact known as the Trans-Atlantic Data Privacy Framework (TADPF) whose primary goal is to establish robust protections against mass surveillance, ensuring the privacy and security of personal data transferred from the EU to the US.
Earlier this week, the European Commission finalized the TADPF and its Justice commissioner, Didier Reynders said the adoption of the adequacy decision means “personal data can now flow freely and safely from the European Economic Area to the United States without any further conditions or authorizations.” “The adequacy decision ensures that data can be transmitted between the European Union and the U.S. on the basis of a stable and trusted arrangement that protects individuals and provides legal certainty to companies,” he added.