Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

U.S., EU reach breakthrough on new 'Safe Harbor' data transfer agreement - report [u]

Last updated

Having already missed the original Sunday deadline, U.S. and European officials are reportedly on the verge of cinching a new "Safe Harbor" deal on transferring data across the Atlantic. [Updated]

The new framework still requires political approval but should be finalized later on Tuesday, two sources close to the talks told Reuters. The exact details of the arrangement weren't mentioned.

The original Safe Harbor pact was in place for some 15 years, and made it possible for American tech companies to do business in Europe without worrying about the flow of data back and forth. In October, however, the European Court of Justice ruled the pact invalid, concerned about intrusion by U.S. intelligence agencies. The court referred to revelations by former National Security Agency contractor Edward Snowden, who exposed overreaches by the organization including mass surveillance — often with the cooperation of business — and even the tapping of German Chancellor Angela Merkel's own cellphone.

Negotiators are believed to have been in a rush to complete a new deal, since European privacy agencies are set to publish their own judgment on Wednesday, and some of had been threatening legal action without a framework.

A new pact should mean that companies like Apple and Facebook will be able to continue operating in Europe without having to limit how data is handled. Rumors have suggested that U.S. officials are offering concessions like a data ombudsman at the State Department, more oversight of intelligence agencies' access to European data, and the right for Europeans to press legal actions against American companies misusing their information.

Update: An agreement was later confirmed by European Commission spokesman Christian Wigand. Reuters sources said that the U.S. will indeed appoint a new ombudsman within the State Department, and that other oversight measures will include an annual review by the European Commission and the U.S Department of Commerce, as well as cooperation between European privacy agencies and the U.S Federal Trade Commission. The latter two groups will help monitor the system and respond to complaints by European citizens.

The U.S. Office of the Director of National Intelligence is reportedly providing written commitments that data transfers won't be subject to indiscriminate mass surveillance.

Businesses, meanwhile, will potentially face sanctions and/or exclusion from the new pact if they fail to follow rules.