Printed from BusinessInsurance.com

U.S. lawmakers delay bill on European data privacy deal

Posted On: Jan. 21, 2016 12:00 AM CST

(Reuters) — Legislation that would grant U.S. privacy rights to Europeans is being delayed in the U.S. Senate, which may complicate negotiations over a broader trans-Atlantic data transfer pact that faces a January deadline for completion, sources said on Wednesday.

The Judicial Redress Act, which would allow citizens of European allied countries to sue over data privacy in the United States, is "likely to be held" from a scheduled vote on Thursday in the Senate Judiciary Committee, a panel aide said.

Passage of the legislation is viewed as an important step toward securing a new "safe harbor" framework after the previous one was struck down by a top European Union court last year amid concerns about U.S. surveillance.

More than 4,000 firms, including tech behemoths such as Google Inc. and IBM, have been relying on the 15-year-old safe harbor framework to freely transfer data between the United States and Europe, which has far stricter rules on the privacy of personal information.

But that deal was ruled invalid last October by the Court of Justice of the European Union, which cited revelations about U.S. mass surveillance by former National Security Agency contractor Edward Snowden.

European Union data protection authorities have given Brussels and Washington until the end of January to strike a new safe harbor agreement for transferring personal data.

Industry executives are growing increasingly alarmed that the new safe harbor agreement will not be completed in time. The Information Technology Industry Council, a Washington-based trade organization that represents Apple Inc., Microsoft Corp. and other major tech companies, sent some of its executives to Europe on Wednesday to press for a quick resolution.

A spokesman for the organization, which warned of "enormous" consequences in a letter this week to President Barack Obama and European Commission President Jean-Claude Juncker if a pact is not forged soon, said its leaders are meeting with government and data protection authorities in several cities, including Dublin, Amsterdam, Berlin and London, ahead of the deadline.

E.U. privacy regulators are due to meet on Feb. 2 to decide if they should begin enforcement action against companies if they determine all transfer mechanisms violate E.U. law and there is no new framework in place.