Blog image,

Data Sharing, PETs, and the Trans-Atlantic Data Transfer Pact

Kurt Rohloff|
Share on twitter
Share on linkedin

Learn more about secure, collaborative computing while enjoying lunch on us.

Data Sharing, PETs, and the Trans-Atlantic Data Transfer Pact

Kurt Rohloff|
Share on facebook
Share on twitter
Share on linkedin

Learn more about secure, collaborative computing while enjoying

Blog image,

Data is extremely valuable in our modern economy, and there is tremendous value in data sharing, both locally and globally. Sharing medical data allows for the development of more effective cancer treatments by letting researchers share information to look for telltale patterns in large data that may be hard to see in small datasets. Sharing of financial records allows law enforcement to protect nations’ citizens from terrorism, fraud, and drug crimes by identifying which individuals are exhibiting indicators of dangerous behavior.

Although data sharing is tremendously valuable for the insights and knowledge that might be derived from shared data, sharing data also brings risks. Medical data and financial transaction data is incredibly private and shouldn’t be widely shared as it can be easily leaked, to the detriment of the specific individuals the data is derived from.

What do Privacy Enhancing Technologies Have to Do with it? 

To balance the value from sharing data against the absolute need to protect data and protect privacy, technological solutions such as privacy enhancing technologies (PETs) provide the best of both worlds. PETs are critical collaboration tools for highly valuable data in general – and for the growth of the modern international economy in particular. 

However, the use of privacy enhancing technologies needs to be standardized and regulated by government entities, if only to make sure that the technology solutions meet minimum standards for citizens’ privacy. Unfortunately, there are no universal legal regulations for privacy, and thus individual governments are left to negotiate how their citizens’ data could be stored, transferred, and used – both on a local and a global level. As of this writing, 137 out of 194 countries have put in place legislation to secure the protection of data and privacy – and each of those are different.

A New Trans-Atlantic Data Transfer Pact

There is a long history of attempts for US-EU joint regulations of data privacy protections that span the various state and federal US protections and the EU and national European protections, such as the General Data Protection Regulation (GDPR).The EU has generally been highly protective of their citizens’ data, thus driving improvements between trans-Atlantic data sharing and privacy agreements. The Privacy Shield Framework was put in place to provide for data sharing, but it was invalidated due to Schrems II

On March 25, 2022, the US and EU announced that a new trans-atlantic data transfer pact called the Trans-Atlantic Data Privacy Framework had been agreed to, replacing the Privacy Shield. In short, the US and EU have agreed to enhance the Privacy Shield Framework to enable transatlantic data flows – with appropriate privacy and security protections. 

In practical terms, the new agreement includes:

  • Safe, compliant, free data flows between the US and participating EU countries
  • Rules, checks, and safeguards to limit US law enforcement and intelligence access only to that data which is critical for protecting national security
  • A two-tier redress system to address claims from EU citizens that their data was unlawfully accessed by US authorities, including the creation of a Data Protection Review Court
  • Requirements for US companies to participate in adhering to the new regulations via self-verification, with oversight from the US Department of Commerce
  • Monitoring and review mechanisms

In this context, some of the standardization issues can be addressed with Privacy Enhancing Technologies. PETs can and do provide a secure mechanism for data sharing by enabling institutions to share encrypted insights, instead of directly sharing personal data. In turn, this attains an ethical balance between information sharing and privacy protection – similar to the professed goal of the Trans-Atlantic Data Privacy Framework itself. 

Duality Technologies, with our software products that enable privacy software solutions for international data collaborations on sensitive data, is proud to address this large and growing need.

Curious about how Privacy enhancing technologies can facilitate compliant trans-Atlantic data transfer flows?

Watch our webinar: Privacy Protection in Cross-border Information Sharing

trans-atlantic data transfer pact

 

 

 

You might also like
Sign up for more knowledge and insights from our experts
Duality Makes CB Insights’ AI 100 List for 2022 >> Read More