Rumors are circulating that the Trans-Atlantic Data Privacy Framework executive order will be released as soon as October 3rd. This follows the Biden Administration’s announcement of an agreement in principle this year in March.
The highly anticipated order brings exciting news, and questions, about how the framework will satisfy European legal requirements. We want to highlight some of our previous work to acquaint readers with the complex legal issues the executive order will address.
The agreement in principle is one of the first and most important steps in the negotiation process for a transatlantic data transfer mechanism. On the US side, an executive order or presidential directive is next. On the EU side, there are several procedures that must take place before reaching a final adequacy decision. To learn more, please read Beyond Schrems II: What Happens After EU and US Officials Conclude Negotiations for Privacy Shield 2.0. (February 2022).
Once the European Commission adopts and publishes an adequacy decision, it is likely that it will be challenged. In Challenging the New Privacy Shield Framework: All Paths Lead to the CJEU (March 2022), we discuss the legal path someone might take to dispute the new framework and adequacy decision.
In the interim, it is possible that European data protection authorities (DPA) will continue to challenge Big Tech’s ability to transfer data from the EU to the US. In Blocking Meta in Ireland—Will It Happen? (July 2022), we explore how a European DPA finalizes a draft decision and how the Irish Data Protection Commission’s draft order affects Meta and the TADPF process.
While we wait for the executive order, it is helpful to revisit the legal processes that bring us to this moment. For more information on transatlantic and global privacy issues, please check out our resource guide.