European Commission and US “close to a deal” on data sharing
Banks may need to revisit the way they handle data, in preparation of an upcoming agreement between the European Commission and the US authorities on data-sharing.
The European Commission and the US authorities are working on the final details of a commercial data-sharing deal, which will affect the way banks and other businesses store data. Intended as an update of the original ‘Safe Harbour’ agreement between the two parties, which dates from 2000, the proposed changes include tougher conditions for US companies when sharing data with third parties.
The move is intended to ensure that the EU’s robust requirements on data protection are protected. It is also partly motivated by the Edward Snowden case in the US, when a former NSA contractor published details of US spying activity. A final deal is expected between the EU and the US later this summer.
“A commercial data sharing deal between the EU and US, intended to reform the current transatlantic agreements ensuring adequate levels of data protection, will have major implications for countries not adhering to incoming regulation,” said Ian McEwan, VP EMEA at cloud-based file sharing service Egnyte. “In particular, US companies will face stricter regulations over the way they share their data with third parties. Maintaining compliance with the new standards, ensuring that privacy and data protection are upheld, will become a priority for IT departments across both regions.”
The implication for banks could also be serious, especially for those that fail to uphold the conditions of the deal. Any bank that breaches the requirements on protection of customer data and sharing with third parties could be fined up to 2% of annual turnover – a figure which produces fines in the hundreds of millions of dollars for some of the world’s tier one global investment banks.
“Businesses will need to employ IT systems that are complicit with the latest standards, giving them complete control over where their data resides and how it is shared with other businesses,” added McEwan. “A best in class privacy and compliance IT infrastructure will give administrators a centralised view of how their data is being held and shared with other businesses, enabling them to meet with regulations. If businesses don’t take action to comply, they could face serious fines and lose credibility.”