On 15 January 2019, the British Parliament rejected Prime Minister Theresa May’s Brexit deal. The vote produced a clear result: no deal. A no-deal Brexit means the UK would leave the European Union (EU) on 29 March 2019, and there would be no agreements in place about what their relationship would be like in the future. But what does the vote mean for data protection in European companies?
How intensely are American authorities using their right to inspect personal data collected by companies? In the face of the recent devastating decision taken by the European Court of Justice (ECJ) concerning the data transfer to the US under Safe Harbor, this question again arises. Indeed the Tribunal brought forward as an important argument the mass and uncontrollable surveillance activities of US-American authorities. According to the ECJ, this is not in compliance with the EU´s data protection regulations. As recent publications show, the Tribunal in its reasoning for the judgment was closer to reality than suspected.
On 2 June 2015, the US Senate passed the Freedom Act, new legislation which replaced parts of the expired Patriot Act. The revision of, inter alia, those parts which dealt with telecommunication data and its surveillance, turned out to be necessary in order to restore the trust of the US public in their authorities after the Snowden revelations. According to the Freedom Act, it is prohibited for American authorities (e. g. the NSA) to collect mass data of data subjects. Against the background of the recently devastating decision taken by the European Court of Justice (ECJ) concerning the data transfer to the US under Safe Harbor, companies may ask whether by means of the legal changes a data transfer to the US is now possible again.