EU member states today (8 July) signed off on the controversial Privacy Shield agreement for data transfers to the US, locking down the final deal after the European Commission haggled for months with the US over legal details.
Four out of 28 EU diplomats abstained from the final vote. The Commission instructed diplomats not to publicly state how they voted.
One person who voted on the agreement said the executive was “paranoid” that if it became public which countries abstained, support for Privacy Shield would be weakened.
“The Commission’s idea is that since member states are now bound to the decision, everybody should rally behind it regardless of how they voted in the committee. That’s politically difficult if it comes out that your delegation voted one way,” the source said.
The official described the executive as “very concerned that member states will not help protect Privacy Shield”.
A Commission official told euractiv.com that it’s standard for the voting breakdown in so-called comitology committees made up of national diplomats to be kept secret.
Privacy Shield is a replacement for the now defunct Safe Harbour agreement, which was knocked down by the European Court of Justice last October on grounds that data protection safeguards were too lax in the United States.
Safe Harbour landed in court after the Austrian lawyer Max Schrems filed a complaint against Facebook for violating the agreement.
Schrems already said he would challenge Privacy Shield in court as well because the deal doesn’t have strict enough privacy safeguards.
The Commission has vowed to review the new deal once every year.
One diplomat said the countries that abstained from the vote would be “extremely vigilant” during the review.
“This is not just going to be a box-ticking exercise, this is going to be a very detailed and in-depth review. Only adjustments from the review can save this from the ECJ,” the diplomat said.
The Commission announced in February that it had struck a deal with the US to replace Safe Harbour. Since then, national data protection watchdogs and the European Parliament have pointed out cracks in the deal but only the group of diplomats from EU countries could actually topple the agreement.
Diplomats pressed the executive to make changes, which include promises that “bulk collection” of personal data once its transferred to the US will not be “mass” or “indiscriminate”.
EU Justice Commissioner Vera Jourova said earlier this year that she wanted the agreement finalised by June, but diplomats wouldn’t give the green light until the Commission improved the deal.
