The third annual overview of the EU-US Privacy Defend data transfer mechanism has once again been nodded thru by Europe’s govt.

This no matter the EU parliament callingfinal yearfor the mechanism to be suspended.

TheEuropean Commissionfurthermore issued US counterparts with a compliance closing datefinal December— announcing the US have to appoint a permanent ombudsperson to tackle EU electorate’ complaints, as required by the procedure, and accomplish so by February.

This summer season the US senate within the extinguish confirmedKeith Krach— below secretary of enlighten for economic development, energy, and the atmosphere — within the ombudsperson position.

The Privacy Defend procedure used to be struck between EU and US negotiators help in 2016 — as a rushed replace for the prior Safe Harbor data transfer pact which in drop 2015 used to bestruck down by Europe’s top courtfollowing a real mission after NSA whistleblower Edward Snowden revealed US executive agencies were liberally helping themselves to digital data from Net corporations.

At heart is a fundamental genuine conflict between EU privacy rights and US national security priorities.

The intent for the Privacy Defend framework is to paper over those cracks by devising ample assessments and balances that the Commission can claim it offers ample protection for EU electorate deepest data when taken to the US for processing, no matter the inability of a commensurate, comprehensive data protection situation. Butcriticshave argued from the open that the mechanism is unsuitable.

Even so around 5,000 corporations are now signed as much as make consume of Privacy Defend to certify transfers of deepest data. So there would be major disruption to corporations were it to head the manner of its predecessor — as has appeared seemingly in most up-to-date years, since Donald Trump took location of job as US president.

The Commission stays a staunch defender of Privacy Defend, warts and all, preferring to red meat up data-sharing substitute as traditional than provide a talented-active defence of EU electorate’ privacy rights.

Thus a long way it has provided small within the manner of objection about how the US has implemented Privacy Defend in these annual opinions, no matter some apparent flaws and failures (as an illustration the disgraced political data company,Cambridge Analytica,used to be a signatory of the framework, even after the guidelines misuse scandal blew up).

The Commission did lay down one closing date gradual final year, referring to the ongoing lack of a permanent ombudsperson. So it will now ascertain that box.

It furthermore notes approvingly this day that the last two vacancies on the US’ Privacy and Civil Liberties Oversight Board were filled, that draw it’s totally-staffed for the first time since 2016.

Commenting in an announcement, commissioner for justice, customers and gender equality, Věra Jourová, added: “With around 5,000 collaborating corporations, the Privacy Defend has turn out to be a success account. The annual overview is a really principal health ascertain for its functioning. We’re going to be in a position to proceed the digital diplomacy dialogue with our U.S. counterparts to originate the Defend stronger, along with when it comes to oversight, enforcement and, in a longer-time length, to elongate convergence of our systems.”

Itspress birthcharacterizes US enforcement action related to the Privacy Defend as having “improved” — citing the Federal Alternate Commission taking enforcement action in a colossal total of seven cases.

It furthermore says vaguely that “an increasing number” of EU folks are making consume of their rights below the Privacy Defend, claiming the related redress mechanisms are “functioning successfully”. (Criticshavelong advised the reverse.)

The Commission is recommending extra enhancements too even though, along with that the US lengthen compliance assessments akin to touching on false claims of participation within the framework.

So presumably there’s a bunch of utterly false compliance claims going unchecked, besides exact compliance going below-checked…

“The Commission furthermore expects the Federal Alternate Commission to extra step up its investigations into compliance with substantive requirements of the Privacy Defend and present the Commission and the EU data protection authorities with knowledge on ongoing investigations,” the EC provides.

All these annual Commission opinions are most attention-grabbing fiddling around the perimeters, even though. The exact substantive test for Privacy Defend that could well select its very long time length survival is looming on the horizon — from a judgement anticipated from Europe’s top court subsequent year.

In July a hearing took location on a key case that’s been dubbedSchrems II. This is a real mission which before all the pieces centered Facebook’s consume of but every other EU data transfer mechanism however has been broadened to consist ofa bunch of genuine questions over Privacy Defend— now with the Court of Justice of the European Union.

There is furthermore aseparate litigationstraight focusing on Privacy Defend that used to be introduced by a French digital rights crew which argues it’s incompatible with EU guidelines resulting from US executive mass surveillance practices.

The Commission’s PR notes the pending litigation — writing that this “also can have an designate on the Privacy Defend”. “A hearing took location in July 2019 in case C-311/18 (Schrems II) and, once the Court’s judgement is issued, the Commission will assess its consequences for the Privacy Defend,” it provides.

So, tl;dr, this day’s third annual overview doesn’t mean Privacy Defend is out of the genuine woods.