The member states of the European Union have given their support to the EU-U.S. Privacy Shield, the renewed safe framework for transatlantic data flows. The commercial data transfer pact had been agreed by the EU executive and the United States in February, and has today received the green light from EU governments on Friday, the European Commission said, paving the way for it to come into effect next week.
Its introduction should end months of legal limbo for companies such as Google, Facebook and MasterCard after the EU's top court struck down the previous data transfer framework, Safe Harbour, on concerns about intrusive U.S. surveillance.
"The EU-U.S. Privacy Shield will ensure a high level of protection for individuals and legal certainty for business. It is fundamentally different from the old 'Safe Harbour': It imposes clear and strong obligations on companies handling the data and makes sure that these rules are followed and enforced in practice," said Vice-President Ansip.
The U.S. has given the EU written assurance that the access of public authorities for law enforcement and national security will be subject to limitations, safeguards and oversight mechanisms and has ruled out indiscriminate mass surveillance of European citizens' data.
The United States will create an ombudsman within the State Department to field complaints from EU citizens about U.S. spying and has ruled out indiscriminate mass surveillance of Europeans' data.
For 15 years Safe Harbour allowed both U.S. and European firms to get around tough EU data transferral rules by stating they complied with European privacy standards when storing information on U.S. servers.
Cross-border data transfers by businesses include payroll and human resources information as well as lucrative data used for targeted online advertising, which is of particular importance to technology companies.
Industry group DIGITALEUROPE which represents Apple, Google and IBM, among others, expressed relief at Friday's vote, saying it would restore trust in data transfers between the EU and United States.
"Our members are ready to implement the new framework and meet the compliance challenge that the strengthened provisions demand from companies,” said John Higgins, director general of the group.
Revelations three years ago from former U.S. intelligence contractor Edward Snowden of mass U.S. surveillance practices caused political outrage in Europe and stoked mistrust of big U.S. tech companies.