The US-EU Privacy Shield Pact: A Work in Progress

Gary Clyde Hufbauer (PIIE) and Euijin Jung (PIIE)

Policy Brief
16-12
August 2016

The modern global economy is fueled by consumers, companies, and governments communicating and exchanging information via the internet. But as people around the world engage in e-commerce, seek jobs, and share intimate details about their lives via social media, concerns arise over the vast stores of personal data possessed by multinational companies—and the risk that information transmitted over cyber networks can become readily available to US intelligence and law enforcement agencies. To allay these concerns, the United States and the European Union signed the Privacy Shield Pact on July 12, 2016, aimed at protecting individual privacy while meeting the legitimate needs of companies and the government. This Policy Brief elucidates the elements of that pact, a revision of earlier agreements covering the same issues. It argues that the pact reflects a reasonable compromise between legitimate competing interests but that as commerce expands, as concerns about invasions of privacy grow, and as the United States faces increasing threats from terrorists, criminals, and hackers in the cyber world, some of its provisions may need to be adjusted, especially if new international agreements are reached on trade, investment, and e-commerce.