Flora of European Cloud
/

Trump White House jeopardises EU-US data deal

Privacy and Civil Liberties Oversight Board hearing

TL;DR

  • The Trump administration’s decision to order the resignations of all Democratic members of the Privacy and Civil Liberties Oversight Board (PCLOB) could jeopardize a transatlantic data privacy agreement designed to protect the flow of commercial data between Europe and the U.S.
  • The PCLOB plays a central role in a data agreement struck between the U.S. and the European Union in 2023 that allows data to flow freely between the two, despite differences in policy approaches.
  • The agreement relies on the PCLOB as a “key oversight mechanism introduced by the U.S. to align its surveillance oversight and accountability standards with EU law.”
  • The EU has relied in large part on the PCLOB to ensure that the U.S. adequately protects personal data and to address complaints from Europeans about any misuse of their data.

Introduction

The Trump White House has jeopardized the EU-US data deal, a vital agreement that allows for the free flow of commercial data between Europe and the United States. The deal, known as the Transatlantic Data Privacy Framework (TDPF), relies heavily on the Privacy and Civil Liberties Oversight Board (PCLOB) to ensure that the U.S. adequately protects personal data. However, the Trump administration’s decision to dismiss all Democratic members of the PCLOB has raised concerns about the future of the TDPF and the potential consequences for businesses that rely on this framework.

The TDPF was introduced in 2023 to regulate the transfer of personal data from the European Union to the United States, balancing the requirements of both EU and US laws. Under EU law, exporting personal data outside the EU has been restricted since 1995 unless the receiving country offers “essentially equivalent” data protection to that of the EU. This ensures that Europeans’ personal information is not exposed to lax privacy standards in other jurisdictions. However, the United States operates under a vastly different legal regime, where national security and surveillance laws such as the Foreign Intelligence Surveillance Act Section 702 (FISA702) and Executive Order 12.333 permit extensive government access to data stored by major US tech firms like Amazon, Meta, and Google.

The German Interior Ministry has expressed concerns about the future of the data transfer agreement between the EU and US after the Republican administration of President Donald Trump vowed to review, and possibly repeal, all the decrees signed by his predecessor. The current agreement, known as the EU-US Data Privacy Framework and used by businesses on both sides of the Atlantic for data transfers, is based on commitments made by the US administration led by Democrat Joe Biden, which were set out in an executive order. There are now fears that Trump could lift the legal basis for the agreement.

The EU’s highest court has already struck down two predecessors to the EU-US data transfer framework, known as Safe Harbor and the Privacy Shield, following cases brought by privacy activist Max Schrems. Judges cited US mass surveillance laws that allow the government to access any data stored with big tech firms without probable cause or individual judicial approval.

In an annual review in October, the European Commission found that the US was complying with the framework, despite warnings from privacy advocates that the US Foreign Intelligence Surveillance Act still allows US intelligence to collect data from American platforms and applications such as Microsoft Teams, Cisco, and WebEx.

Impact on Businesses

The potential collapse of the TDPF could have significant consequences for businesses that rely on the free flow of data between the EU and the US. Companies may need to stop using US cloud providers such as Google, Microsoft, or Amazon, or find alternative mechanisms under Europe’s General Data Protection Regulation (GDPR) to continue data transfers. These alternatives might not always be feasible and come with significant challenges.

The German ministry told newspaper Handelsblatt that “legally secure” data transfers are of “great importance” for the German economy, with many businesses depending on cloud storage from the US for example. Privacy group NOYB, which has been a vocal critic of the TDPF, says that the European Commission “has always relied on a mosaic-puzzle approach” which, when pieced together, is sufficient to prove adequacy when drafting the agreement with the US.

In an interview with Euronews, NOYB founder Max Schrems said that the PCLOB’s role in ensuring limited bulk data collection by US intelligence agencies is vital for Europe, and that the board’s independence and operational capacity are crucial for the TDPF’s credibility.

The PCLOB’s independence and effectiveness could be compromised, potentially undermining the trust that underpins the data-sharing agreement. If the PCLOB is weakened or rendered non-functional, it undermines trust in the TDPF and the adequacy of protections for EU citizens’ data transferred to the US.

Conclusion

The Trump administration’s decision to dismiss all Democratic members of the PCLOB has raised concerns about the future of the TDPF and the potential consequences for businesses that rely on this framework. The TDPF relies heavily on the PCLOB to ensure that the US adequately protects personal data, and the board’s independence and operational capacity are crucial for the agreement’s credibility.

In an extreme scenario, companies may need to stop using US cloud providers such as Google, Microsoft, or Amazon, or find alternative mechanisms under Europe’s General Data Protection Regulation (GDPR) to continue data transfers.

As the situation continues to unfold, it is essential to monitor developments and assess the potential impact on businesses and individuals. The Trump administration’s actions have already sparked concerns among EU lawmakers and business leaders, and it remains to be seen how the situation will be resolved.

References

[^1]: Cynthia Kroet (2025-04-17). Trump White House jeopardises EU-US data deal: German ministry. Euronews. Retrieved 2025-04-20.
[^2]: Cynthia Kroet (2025-01-23). Trump rollback jeopardises EU-US data transfers, key privacy activist says. Euronews. Retrieved 2025-04-20.
[^3]: Silvia Amaro (2025-04-16). The European Union braces for more U.S. tariffs despite talks. CNBC. Retrieved 2025-04-20.
[^4]: noyb Team (2025-02-12). US Cloud soon illegal? Trump punches first hole in EU-US Data Deal. noyb. Retrieved 2025-04-20.
[^5]: Suzanne Smalley (2025-01-24). Politicization of intel oversight board could threaten key US-EU data transfer agreement. The Record. Retrieved 2025-04-20.
[^6]: CNN (2025-04-10). Fact check: Trump makes false claims about China, Japan and the EU at Cabinet meeting. CNN. Retrieved 2025-04-20.
[^7]: FRANCE 24 (2025-04-16). Europe seeks tech independence amid strained ties with Trump’s America. FRANCE 24. Retrieved 2025-04-20.
[^8]: Euronews (2025-04-17). Video. ‘We are against any form of hatred, no matter what manifestation it takes,’ Al-Issa says. Euronews. Retrieved 2025-04-20.
[^9]: Donald J. Trump (2025-04-02). Regulating Imports with a Reciprocal Tariff to Rectify Trade Practices that Contribute to Large and Persistent Annual United States Goods Trade Deficits. The White House. Retrieved 2025-04-20.
[^10]: European Council on Foreign Relations (2024-06-12). Imagining Trump 2.0: Six scary policy scenarios for a second term. European Council on Foreign Relations. Retrieved 2025-04-20.

Related Posts

Magic Earth navigation
Digital Services: Why You Should Use Alternatives to WhatsApp, Instagram, Google and Co.
Smartphone with Whatsapp
Irish privacy watchdog has ‘unresolved questions’ about Meta’s AI tool
OpenAI building
OpenAI’s EU Economic Blueprint

This article was written with the help of AI.

Tagged

Leave a Comment

Your email address will not be published. Required fields are marked *

To top