The agreement provides for a number of safeguards for personal data when exchanged between police and criminal justice services, including: for all proposed ASA activities (including umbrella agreements, annexes and saas concluded under specialized titles), an interim abstract review is required , which could have a significant impact on the Agency. In October 2015, the European Court of Justice struck down the current framework, the International Safe Harbor Privacy Principles, in a ruling later known as “Schrems I.” [3] Shortly after this decision, the European Commission and the US government began discussions on a new framework and reached a political agreement on 2 February 2016. [1] The European Commission has published a draft “adequacy decision” in which it stated that the principles are equivalent to the protection of EU law. [5] The EU-US agreement on protection standards for the transfer of personal data between law enforcement agencies between the EU and the US is not a member of the EU, but follows many EU policies through the implementation of the treaties. As a result, it has implemented its own version of the Privacy Shield-Framework via its own Swiss-US Privacy Shield. It largely resembles the framework of the data protection shield INTER the EU and the US, but implements its own DPA instead of different EU data protection authorities. It also has no additional time and several other significant differences in the definition of “sensitive data,” mandatory arbitration procedures, and changes to the privacy policy. [29] Programs between the EU, the United States and the United States are similar to those jointly managed by the United States. [30] The agreement is complemented by the EU and US law enforcement agencies, as well as by the Member States and the United States. The agreement itself is not a legal instrument for the transfer of personal data to the United States, but it complements the data protection guarantees contained in existing and future data transfers or national provisions that authorize data transfers. The judgment does not stop the transfer of data between the EU and other countries, as the Tribunal has confirmed the use of “standard contractual clauses” (CCS). But CSC does not necessarily protect data in countries where the law is fundamentally incompatible with the EU and RGPD Charter of Fundamental Rights, such as the United States.

The framework agreement covers all personal data between the police and criminal justice services of EU Member States and US federal authorities in the prevention, investigation, detection and prosecution of terrorism. This also translates into the fact that EU citizens can take legal action in the US courts for the above rights.