Acceso usuarios
Briseida Sofía Jiménez Gómez
Processing of personal data of European Union citizens and residents by U.S. companies has been marked by constant challenges. A noteworthy development was the publication of an adequacy decision by the European Commission on 10 July 2023 with respect to personal data transfers from the European Union to the United States. This new agreement is named the EU-US Data Privacy Framework, which in principle responds to the legal concerns raised by the Court of Justice of the European Union in the landmark case Schrems II, that invalidated the Privacy Shield decision. This paper addresses the legal risks for data transfers from the European Union to the United States, considering the new agreement between the EU Commission and the United States. It is crucial to assess whether this data privacy framework involves a paradigm shift with regard to the EU citizens and residents’ rights since the most prominent technology companies operating in the European Union are based in the United States. The first periodic review carried out by the EU Commission (9 October 2024) and the European Data Protection Board Report on the first review (4 November 2024) are included in the analysis to demonstrate the shortcomings of the EU-U.S. Data Privacy Framework.
