EuroCommerce and the NRF have issued a white paper on transatlantic data transfers in anticipation of the upcoming European Parliament resolution. The resolution is expected to address the EU-US agreement on this matter. The two organisations have called on both sides of the Atlantic to quickly adopt and implement the proposed framework.

“The new EU-US Data Privacy Framework would represent a clear improvement over the former Privacy Shield program,” said Christel Delberghe, director general of EuroCommerce, which represents retailers and wholesalers in Europe. “Following more than two years of uncertainty and disruption, it will facilitate responsible data transfers for retailers and wholesalers alike.”

The white paper prepared by EuroCommerce and NRF delivers a detailed legal analysis, particularly with respect to the establishment of a new Data Protection Review Court under US law.

The analysis demonstrates that the new framework would address the current cumbersome and expensive standard contractual clauses for personal data transfers between the EU and the US. The framework would also improve the necessity and proportionality of government access in line with the European Court of Justice’s requirements.

This would enable retailers and wholesalers to focus on strengthening online system defences, investing in personnel training, monitoring, and assessing privacy and security risks from service providers, ultimately enhancing consumer data privacy and security.

“US retailers support a reliable and legally valid transfer mechanism that allows them to serve their customers in the EU while maintaining the highest data protection standards,” NRF president and CEO Matthew Shay said. “This analysis shows that the new framework would ensure legal certainty and provide a durable, long-term mechanism for safeguarding consumers’ data while benefiting consumers and businesses alike.”

EuroCommerce and the National Retail Federation are urging the European Commission to consider the opinions of the European Council, the European Parliament, and the European Data Protection Board. The organisations are optimistic about the prompt adoption of a final adequacy decision and the implementation of the Data Privacy Framework.