Will the EU-US Privacy Framework succeed where the Privacy Shield and Safe Harbour failed?

The EU and US announced on 25 March they have “agreed in principle on a new Trans-Atlantic Data Privacy Framework, which will foster trans-Atlantic data flows and address the concerns raised by the Court of Justice of the European Union [CJEU] in the Schrems II decision of July 2020.” Based on our 2021 study for the European Parliament, we have made some brief initial comments on the framework.

There is little in the announcement of the “political”/“in principle” agreement which suggests the CJEU’s high standards will be met. If, when the promised “concrete legal proposals” are revealed, they fail to meet those standards, the European Data Protection Board should emphatically refuse to issue a positive opinion on them.