BEERG Newsletter - GDPR: MEPs want to delay US adequacy decision

Derek Mooney writes: The European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE) has published a draft resolution urging the Commission not to give the recently concluded EU-US Data Privacy Framework an adequacy decision and to continue negotiations with the U.S. until the U.S. agrees to introduce “…meaningful reforms… for national security and intelligence purposes.”

The resolution, which is not due to be decided by the full parliament for another month, or two, is in the name of the Committee Chair, the Spanish, Socialist Party (PSOE) MEP, Juan Fernando López Aguilar. It is worth noting that this resolution, if passed by the parliament, would not be binding on the Commission. Indeed the resolution effectively re-states concerns and objections raised by the Parliament in a more detailed resolution passed in May 2021.  

Of greater concern however, is the EU Commission’s initiative to produce a regulation to “…streamline cooperation between national data protection authorities when enforcing the GDPR in cross-border cases.” While this is being framed in the media as an attempt by the EU Commission to tackle problems with how GDPR is applied against Big Tech, from our standpoint this very much looks like an attempt at regulatory overreach (an issue we have flagged, many times) at the behest of the EU Data Protection Board via an attack on the one-stop-shop principle which underpins GDPR. Such a move would impact all businesses, as we will set out in more detailed commentary, next week.