President Joe Biden on Friday signed an executive order to implement a new privacy framework intended to allow tech companies to transfer data from Europe to America.
The move comes more than six months after the White House and European officials announced that they had reached an agreement in principle for a new data pact.
Two prior trans-Atlantic privacy deals were struck down by Europe's highest court, which ruled in 2015 and again in 2020 that the arrangements didn't adequately protect Europeans because the United States allows the government to monitor communications.
Friday's executive order aims to alleviate that concern by spelling out requirements for government surveillance.
Among other mandates, the order requires that “signals intelligence” activities -- meaning surveillance -- can only be carried out “in pursuit of defined national security objectives,” including assessing foreign military capabilities, understanding threats that affect global security, and protecting against terrorism.
The order also prohibits signals intelligence collection for certain purposes,
including suppression of criticism, or disadvantaging people based on their ethnicity, race, religion or gender.
The Department of Justice on Friday also proposed that a new “Data Protection Review Court” should handle claims over surveillance from citizens of other countries.
This latest cross-data pact could face similar legal challenges as the prior deals.
Privacy activist Max Schrems -- who sued to invalidate the other two agreements -- suggested that he believes the latest pact still poses concerns.
“We will analyze this package in detail, which will take a couple of days,” he stated. “At first sight, it seems that the core issues were not solved.”