It will bring together leading industry experts and policy-makers to share their insights into the latest developments in cloud computing, hunting, big data and the future of IT security.
The CJEU’s Schrems judgment of October 2015, besides declaring the European Commission’s Decision on the EU-US ‘Safe Harbour’ data transfer regime invalid, has also settled a number of crucial requirements corresponding to the foundations of EU data protection. In less than one year from the CJEU ruling, the Commission had adopted a new adequacy decision in which the new framework for EU-US data transfer, the Privacy Shield (2016), is deemed to adequately protect EU citizens. The main improvements of the Privacy Shield (over its predecessor), as well as the critical reactions to the new arrangements, are discussed in this paper. The first joint annual review took place in September 2017 on which both the Commission and Article 29 Working Party issued their own reports. Although progress is recognised, a number of concerns remain and new challenges to the Privacy Shield have arisen, among others, from the Facebook/Cambridge Analytica scandal, as pointed out by the European Parliament in its recent resolution.
The EESC believes that the European Commission’s Action Plan is a good basis but that additional measures are needed to tap the full potential of financial technology and to ensure certainty and protection for all market participants.