United States and European Union officials have about two weeks to conclude negotiations on a new data-transfer pact that would allow American companies to transfer customers’ personal information on European servers to the U.S.
Unfortunately, the Senate committee charged with moving a bill crucial to those talks hasn’t scheduled a meeting to vote on it. The measure was referred to the Senate Judiciary Committee and was put on the agenda of an executive meeting on Dec. 10, but it received no action at the time.
The Judicial Redress Act would give foreign citizens of U.S. allies the ability to sue U.S. federal agencies if they mishandle their personal information. These citizens would also be given the same legal rights American citizens enjoy under the Privacy Act of 1974. It is seen as crucial to securing a new data transfer agreement between the U.S. and E.U., which is supposed to occur by Jan. 31.
The old international “Safe Harbor” agreement was struck down by a court last year. Data sharing will halt by the end of the month if a new agreement isn’t completed.
The legislation relating to the agreement isn’t controversial: The House passed the measure on a voice vote on Oct. 20. But it does have to go through the notoriously ponderous Senate Judiciary Committee, which has some of the chamber’s strictest rules about how it approves bills.
The Senate’s main sponsor of the redress bill, Sen. Chris Murphy (D-Conn.), told Morning Consult he is optimistic the measure could pass the Senate before the Jan. 31 deadline. “My understanding is that it will move through the Judiciary Committee, and it will be eligible for passage on the floor later this month,” Murphy said, and added that he expects the Judiciary Committee to take up the bill at the next executive meeting.
Taylor Foy, spokesman for the Judiciary Committee, corroborated this in an email and said a markup on the bill is expected before the end of the month.
“Listen, time is running out,” Murphy said. “This bill is pretty useless if it doesn’t have an impact on the Safe Harbor agreement. Every day we delay is another day that we get closer to catastrophe for American technology companies.”
Under the pending deal, American companies will be able to transfer Europeans’ personal data from Europe back to their main servers without breaking European privacy laws, which are generally much stricter than those in the U.S. The European Court of Justice struck down the previous agreement last year. The court decision came in the wake of growing European mistrust about how the American government handles foreign and domestic data.
Passing the judicial redress bill through Congress is seen as essential to getting some of this trust back, but the timeline might not be as crucial as a simple of display of progress.
“I don’t think it’s a requirement that it passes right away,” said Bijan Madhani, public policy and regulatory counsel at the Computer and Communications Industry Association. “They’re looking for positive signs, and they’re as aware of congressional procedure as we are. They want to know this is something that Congress takes seriously.”
Madhani added that it’s clear to the EU, so far, that Congress does take the bill seriously. “Nobody has any illusion that we will make the deadline, probably. Of course if we do we’re really happy about that, but if not it’s not the end of the world.”
Murphy, however, was still upbeat. “It’s taken a long time to get some members to yes. It’s not a simple issue,” Murphy said. “But once people have the chance to look at the bill, they realize how non-controversial it is, but that process sometimes takes a while.”