This is an archived article and contains information that has not been updated or reviewed since it was originally published. For more information regarding the content in this article, please contact us.
Data-Sharing Agreement Between the EU and US is Good News for Google Product Users
The European Commission has approved an agreement with the US that allows for easier legal transfer of personal data between the two regions, benefiting tech giants like Meta and Google. The pact addresses concerns about US intelligence agencies accessing European data, granting Europeans the right to object if their data is collected improperly. While the agreement aims to ensure a free and secure flow of personal data, some groups plan to challenge it, arguing for changes to US surveillance laws to enhance data protection.
The European Union has approved the EU-US Data Privacy Framework, allowing companies to continue storing data about Europeans on servers located in the US. This agreement was necessary after a previous data-transfer arrangement was deemed illegal due to the lack of an effective mechanism for EU residents to challenge US government surveillance of their data. Negotiations for this new pact have been ongoing for several years.
Meta’s Breach of Data-Sharing Regulations
Meta’s recent legal trouble in Europe pertains to their collection of behavioural data and targeting on Facebook platforms. In May, Meta received a $1.3 billion fine for privacy violations, and recently, the EU’s highest court ruled that user consent is required for behavioral ad targeting. Now, Norway’s data protection authority, Datatilsynet, has banned Meta from running behavioral ads on Facebook and Instagram without users’ consent and may impose fines of $100,000 per day if the company fails to comply.
The Norwegian regulators cited the previous fine and court ruling as the basis for their actions, stating that invasive commercial surveillance for marketing purposes is a significant risk to data protection. Despite the court ruling, Meta’s platforms are still gathering data and targeting ads in the EU. The company claims to be engaging with the Irish Data Protection Commission, its lead regulator in the EU, to address compliance issues.
Companies operating in Europe must adhere to privacy regulations like GDPR or risk losing access to the EU’s massive consumer market. As a result, Meta has not launched its Threads product app in Europe and has even stated that they may not be able to continue to offer services in Europe if a legal outline for data transfers is not provided.
What Changed?
President Biden’s executive order in 2022 facilitated the data-sharing agreement by adding data collection safeguards for US intelligence while considering national security concerns. The US has more lenient privacy laws compared to the EU, making this agreement a critical step in facilitating data transfers between the regions.
Under the new agreement, Europeans can raise objections if they believe their personal information has been collected improperly by American intelligence agencies. These objections will be heard by an independent body called the Data Protection Review Court, which consists of American judges. US companies must adhere to specific privacy obligations as part of this agreement. These obligations include deleting personal data when it is no longer necessary for its original purpose and ensuring the continuity of data protection when sharing personal data with third parties.
Why We Care
This spotlight on data-sharing and privacy protection is in no way the end of data-sharing regulation reform internationally. Digital marketers in North America need to be aware of these recent changes for a few important reasons.
Companies like Meta (Facebook) and Google, which are major players in the digital marketing industry, are affected by the new EU regulations and agreements. Individual businesses using products like Google Analytics could find themselves open for lawsuits if this agreement was not reached. With a growing appetite for privacy regulation, the ability to collect and use data for ad targeting in Europe could be further limited, leading to potential changes in marketing strategies and revenue streams.
The changes in data privacy regulations and agreements between the EU and the US set a precedent for other regions and countries. Digital marketers in North America may need to adapt their practices and policies to comply with evolving global data protection standards to avoid disruptions in international operations.
With the limitations on data collection and ad targeting in Europe, digital marketers in North America may need to rethink their marketing strategies. They might have to rely more on alternative advertising methods and focus on building trust and transparency with consumers.
Have questions about digital advertising in this complex regulatory environment?