Share

2 min read

Writen by Zlatko Delev

Posted on: October 12, 2022

President Biden Signs Executive Order to Implement the European Union-U.S. Data Privacy Framework

President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework (EU-U.S. DPF) announced by President Biden and European Commission President von der Leyen in March of 2022. 

The Executive Order bolsters an already rigorous array of privacy and civil liberties safeguards for U.S. signals intelligence activities. It also creates an independent and binding mechanism enabling individuals in qualifying states and regional economic integration organizations, as designated under the E.O., to seek redress if they believe their personal data was collected through U.S. signals intelligence in a manner that violated applicable U.S. law.

In particular, the Executive Order:

  • Adds further safeguards for U.S. signals intelligence activities, including requiring that such activities be conducted only in pursuit of defined national security objectives; take into consideration the privacy and civil liberties of all persons, regardless of nationality or country of residence; and be conducted only when necessary to advance a validated intelligence priority and only to the extent and in a manner proportionate to that priority.
  • Mandates handling requirements for personal information collected through signals intelligence activities and extends the responsibilities of legal, oversight, and compliance officials to ensure that appropriate actions are taken to remediate incidents of non-compliance.   
  • Requires U.S. Intelligence Community elements to update their policies and procedures to reflect the new privacy and civil liberties safeguards contained in the E.O. 
  • Creates a multi-layer mechanism for individuals from qualifying states and regional economic integration organizations, as designated pursuant to the E.O., to obtain independent and binding review and redress of claims that their personal information collected through U.S. signals intelligence was collected or handled by the United States in violation of applicable U.S. law, including the enhanced safeguards in the E.O. 
  • Calls on the Privacy and Civil Liberties Oversight Board to review Intelligence Community policies and procedures to ensure that they are consistent with the Executive Order and to conduct an annual review of the redress process, including to review whether the Intelligence Community has fully complied with determinations made by the CLPO and the DPRC.

    These steps will provide the European Commission with a basis to adopt a new adequacy determination, which will restore an important, accessible, and affordable data transfer mechanism under EU law. It will also provide greater legal certainty for companies using Standard Contractual Clauses and Binding Corporate Rules to transfer EU personal data to the United States.

    Source: whitehouse.gov

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.

Contact Us

Recent blogs

Change to UK Data Protection

GDPR Changes: What’s Happening With the Digital Protection and Digital Information Bill?

GDPR Local: Supplier Evaluation

How Do You Know Your Suppliers Are GDPR Compliant? We explain why you should make GDPR evalu

GDPR – Onboarding Process

How to Onboard Your GDPR Article 27 Representative You’re based outside the EU or UK and you

Get Your Account Now

Setup in just a few minutes. Enter your company details and choose the services you need.

Create Account

Get In Touch

Not sure which option to choose? Call, email, chat to us
anytime.

Contact Us
06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.

Full Name is required!

Business Email is required!

Company is required!

Please accept the Terms and Conditions and Privacy Policy