Tweet Privacy

Privacy Shield Marks a Promising Step Forward – Not the End of the Road – on Privacy

When you think about how the internet operates, you probably think about “how many bars” you have and making sure your device has a charge strong enough to last the day. Perhaps you think about software and data. What you might not think about are obscure agreements on paper or Congress’s everlasting arguments on privacy.

And yet those details are vital to the operation of the internet. They create the legal framework that allows the technical components to all work together. In short, it takes paper pacts to keep the data flowing and the LEDs lit.

That’s why this week’s signing of a new agreement between the United States and the European Union should be a cause for major celebration as well as a time to acknowledge the real work that remains to be done to support cross-border data flows.

As for this week’s development, the new EU-US Privacy Shield, finalized in a meeting between EU Commissioner Vera Jourova and Commerce Secretary Penny Pritzker, is indispensable to the future of digital commerce. The Privacy Shield will allow US and European companies to send data back and forth across the Atlantic.

This is important because data is now instrumental to so many elements of our interconnected, global economy. Moving data is crucial at almost every step of financial lives. Without the Privacy Shield, multinational companies would have struggled to ensure their employees received their paychecks. Businesses would have had to find new ways to process international orders. Software companies, a trillion-dollar sector of the US economy, would have needed new systems to move, process, and store their customers’ data. Those crises, thankfully, have been averted.

Looking ahead, though, much more remains to be done. As a start, international policymakers need to create a durable framework to govern the new age of data-related investigations, and Members of Congress must continue to rebuild trust among technology users by improving the US privacy regime.

Today’s criminal investigations, like today’s crimes, are not limited by national boundaries. But our legal regimes were crafted for a system focused on physical – not digital – evidence. In the physical world, it’s still obvious that borders matter. And the system for obtaining physical evidence that belongs to a citizen of another country requires an exchange of both legal comities with other countries – and the proper paperwork.

Such regimes were not designed for an age when the police could access the contents of a person’s digital communications located almost anywhere in the world with a few clicks of a mouse and without the involvement of the country’s legal system – or privacy protections. But even there borders still matter. As Americans we would never accept foreign investigators reaching across border to snatch our data, and yet the United States has argued that it can do exactly that to others. Such claims threaten not only our bilateral relations but the trust that US companies have cultivated in their customers around the world.

Congress can begin to address this concern by adopting legislation designed to craft appropriate boundaries for digital requests. The International Communications Privacy Act, or ICPA, would do just that. The legislation, which was introduced last month, by Sens. Hatch, Coons, and Heller, and Reps. Marino and DelBene, will help investigators do their jobs while also preserving consumer privacy. The bill ensures that law enforcement officials obtain warrants for the content of U.S. persons’ communications, removes the uncertainty around how to access such information belonging to foreign nationals, and it improves the Mutual Legal Assistance Treaty system, which is the mechanism used to access evidence abroad.

In addition, Congress should take the lead in continuing to improve the privacy protections of Americans in the digital realm. Lawmakers can do so by extending warrant protections to all digital data, by considering appropriate protections for new types of data, and by increasing the transparency around law enforcement requests by limiting the use of gag orders. First, the Senate should join the House in passing reforms to the Electronic Communications Privacy Act. That legislation, the most popular in Congress, would require law enforcement officials to obtain a warrant for access before obtaining the contents of our online communications. Further, as we generate location data and other new sources of information for investigators, Congress should consider how to balance the government’s ability to access that data and the opportunities for service providers to inform their customers when their data is demanded.

The foundation of the digital age is trust, and the aim of each of these efforts is to expand users’ trust in the products and services that power today’s economy by creating appropriate privacy protections. By doing so, we can advance the aims of today’s Privacy Shield agreement, and extend the celebration.

Read recent media highlights from BSA on the Privacy Shield agreement here.

Chris Hopfensperger


As the founding executive director of the BSA Foundation, Chris Hopfensperger leads the foundation’s efforts to help policymakers and the general public better understand the impact that software has on our lives, our economy, and our society. He also helps translate the foundation’s philanthropic and forward-looking agenda into efforts to address key issues facing the software industry.

Previously, Hopfensperger was a Senior Director, Global Policy at BSA | The Software Alliance. In that role he worked with BSA members to develop and advance the organization’s positions on technology law and regulation across markets. Hopfensperger conceived and helped produce a series of groundbreaking policy papers including the BSA Global Cloud Computing Scorecard, a tool for helping policymakers craft the right legal and regulatory environment for adopting the emerging technology. He advised members in such critical policy areas as cybersecurity, privacy, and encryption.

Hopfensperger has worked with industry representatives and government officials in numerous markets, and he has spoken on the intersection of policy and technology in several key capitals including Bangkok, Brussels, Beijing, Delhi, Seoul, and Tokyo.

Prior to joining BSA, Hopfensperger served as a technology and trade policy associate in the DC office of a large global law firm. While there, he advised companies and industry associations on pursuing legislation and representing their issues before Congress and the federal agencies and in the courts. Previously, Hopfensperger worked for more than a decade as a newspaper writer and editor, including at The Washington Post, The Sacramento Bee, and the St. Petersburg Times. Hopfensperger holds a law degree from the University of Michigan and a bachelor’s degree in journalism from the University of Nebraska.

Leave a Reply

Your email address will not be published. Required fields are marked *

11 + 12 =