April, European data protection regulators gave their opinion on the draft E.U. - US Privacy Shield. The Working Party concluded that that the Shield does not meet EU standards. The Working Party sees the Shield as an improvement from Safe Harbor. However, it identified points of concern and points to be clarified. The key points of concern are:
- The Shield does not have a data retention principle
- The position on massive and indiscriminate collection of data for national security purposes is unclear
- The legal remedies are insufficient, in particular the exact role, the independence and powers of the Ombudsperson (who will deal with national security related complaints) are not clear.