Former FTC commissioner says Privacy Shield ‘effective and essential’ for data

Julie Brill tells IIEA event in Dublin agreement will make Europe a ‘vital hub’ for digital information

The new Privacy Shield data transfer arrangement between the EU and the US is an "effective and essential" framework for the protection of European consumer data, a former commissioner of the Federal Trade Commission (FTC) who was involved in the negotiations has said.

Julie Brill, partner in the global law firm Hogan Lovells who left the FTC in March, addressed the Institute of International and European Affairs in Dublin just hours after the deal was formally signed off.

Privacy Shield will underpin more than $250 billion worth of transatlantic trade in digital services annually and replaces the previous Safe Harbour arrangement used to legally transfer citizens’ personal data from the EU to the US.

Ms Brill said the agreement signed off by the European Commission would provide European citizens with "unprecedented protections for their personal and commercial data".

"It will also make Europe a vital hub in the global flow of digital information," she said.

Ms Brill, who was seen as one of the leading antitrust enforcers for the FTC, said she did not take lightly “notions of privacy”.

“In the sometimes-pitched battle between the machinery of the free market and consumers’ rights, I have staked my career on defending the latter,” she said.

She said that in her six years as a commissioner at the FTC, the agency had brought hundreds of enforcement actions against companies.

This included many tech giants that it believed had “failed to keep consumers’ data reasonably secure, misrepresented their data collection and use practices, treated consumers and their data unfairly, and/or violated one of the many specific laws designed to protect sensitive data”.

“We obtained millions of dollars in penalties and restitution in these privacy and data security actions, and we placed numerous companies under 20-year orders with robust injunctive provisions relating to their privacy and data security practices.”

Ms Brill said it was true that the US had “no single law like the baseline data protections found in most EU member states”.

“But taken as a whole, US laws and regulations do provide a layered assemblage of strong consumer safeguards,” she added.