The move follows the fact that the US has been spying on EU data and thinks that data sent across the pond or to US companies with servers in the EU should hand over data to its courts.
The European courts said the United States had to sling its hook and told the Commission to abandon the Safe Harbour framework that allowed the Americans to play fast and footloose with data.
The announcement of the pact, which still requires political approval, coincides with two days of talks in Brussels, where European data protection authorities were poised to restrict data transfers unless a deal was clinched.
The European Commission said that the new Privacy Shield would place stronger obligations on U.S. companies to protect Europeans’ personal data and ensure stronger monitoring and enforcement by U.S. agencies.
“We have for the first time received detailed written assurances from the United States on the safeguards and limitations applicable to US surveillance program,” Commission Vice-President Andrus Ansip told a news conference.
“On the commercial side, we have obtained strong oversight by the US Department of Commerce and the Federal Trade Commission of companies’ compliance with their obligations to protect EU personal data.”
The United States will create an ombudsman within the State Department to deal with complaints and enquiries forwarded by EU data protection agencies. There will also be an alternative dispute resolution mechanism to resolve grievances and a joint annual review of the accord.
European data protection authorities will also work with the U.S. Federal Trade Commission to police the system.
The accord received a thumbs up from lobbying groups The Information Technology Industry Council, BSA The Software Alliance and DigitalEurope, as well Paris-based International Chamber of Commerce and BusinessEurope.