An advisory group to the European Union has said it can't endorse the "privacy shield" proposal agreed to by the EU and U.S. to succeed a data protection agreement invalidated last year, according to the Information Technology and Innovation Foundation.
The working party is made up of EU's data protection regulators.
ITIF said it was disappointed that the Article 29 Working Party could not support the negotiated framework.
"The new agreement offers a host of new protections, obligations, and opportunities for redress that affirm the commitment of the U.S. government to safeguard European data and respect the rights of European citizens," said ITIF. "Moreover, the agreement has achieved widespread support on both sides of the Atlantic from many policymakers, businesses, and advocacy groups for offering an opportunity to move forward after the European Court of Justice invalidated the Safe Harbor agreement in the Schrems decision."
ITIF said the fact the advisory group thinks the agreement needs work is not a reason not to approve it.
"While members of the Article 29 Working Party should continue to offer suggestions on how to strengthen this agreement—and there are opportunities for improvement—the opportunity for improvement should not preclude official approval of the agreement," it said.
If it is approved, it will replace the safe harbor agreement that an EU court invalidated over concerns about the U.S. being able to hold up its end of the agreement given the government surveillance revealed by the Edward Snowden leaks. The framework requires companies to provide notice of what personal information is being collected and stored, the purposes it is used for, and an "opt out" mechanism.