US President Biden and EU President von der Leyen say deal underscores shared values over data privacy and security surrounding transatlantic information sharing. Credit: Thinkstock The US and the European Union (EU) have a preliminary agreement over the storing of European data on US soil. It was announced by President Biden and EU President Ursula von der Leyen, speaking on Friday March 25. If successful, the data agreement would resolve a significant point of contention in US-EU relations since a previous deal regulating trans-Atlantic data flows—Privacy Shield—was deemed illegal by the EU’s top court in 2020. It ruled that the US did not provide EU citizens effective means to challenge US government surveillance of their data.Framework underscores “shared commitment to privacy”While neither President Biden nor President von der Leyen provided details on how the new agreement would work and withstand legal challenges, the US President said that the “framework underscores our shared commitment to privacy, to data protection and to the rule of law” and would allow EU authorities “to once again authorize trans-Atlantic data flows that help facilitate $7.1 trillion in economic relations with the EU.”EU President von der Leyen said in a statement that the US and EU must continue to adapt in a changing world, particularly when it comes to the protection of personal data and privacy. “Therefore, I am very pleased that we have found an agreement in principle on a new framework for transatlantic data flows,” she added. “This will enable predictable and trustworthy data flows between the EU and US, safeguarding privacy and civil liberties. This is another step in strengthening our partnership. We manage to balance security and the right to privacy and data protection.” President Biden added that the US and the EU are finding creative new approaches to bring their economies and people closer together on shared values. US-EU data privacy deal a relief for global organizationsThe deal will provide significant relief for companies that transfer data from the EU to the US and harbored concerns about the implications of doing so in the wake of the EU court’s 2020 ruling. It will also be seen as positive news for US technology companies that are fending off a growing number of cases involving European privacy regulators. Such issues threatened to force organizations to cut off transatlantic data flows. Related content opinion The Assumed Breach conundrum Assumed Breach is the third but often overlooked principle of zero trust. When we talk about adopting a “not if, but when” attitude to security, are we merely paying lip service or do we really believe and internalise it? By Steven Sim Apr 23, 2024 4 mins Zero Trust Security news Authentication failure blamed for Change Healthcare ransomware attack Absence of multi-factor authentication reportedly left a remote access application exposed. By John Leyden Apr 23, 2024 5 mins Ransomware Cyberattacks news Russian state-sponsored hacker used GooseEgg malware to steal Windows credentials A now-patched Windows Print Spooler flaw was used by Forest Blizzard to drop the privilege-elevating malware for credential stealing and persistence. By Shweta Sharma Apr 23, 2024 3 mins Malware Windows Security feature Top 10 physical security considerations for CISOs Securing premises and devices from physical attacks can be just as challenging as defending against cyber threats. Collaboration and communication with all teams involved is the key to success. By Ericka Chickowski Apr 23, 2024 14 mins Critical Infrastructure Security Infrastructure Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe