The Trans-Atlantic Data Privacy Framework: Building for the long term

We commend the European Commission and U.S. government on the work they’ve done to reach a new Trans-Atlantic Data Privacy Framework.

People want to be able to use digital services from anywhere in the world and know that their privacy is respected, and their information safe and protected. This agreement acknowledges that reality: it commits the parties to a high standard of data protection while establishing a reliable and durable foundation for the future of internet services on both sides of the Atlantic.

A meaningful agreement

The work to get to this stage was anything but trivial, and required addressing important considerations of both national security and individual privacy. Google has long advocated reasonable limits on government surveillance. The U.S. government has now committed to systems that will enable independent and meaningful redress for people in the EU, strengthen the guardrails and proportionality of U.S. intelligence collection, and ensure effective oversight of these new privacy and civil liberties standards in ways that address the concerns articulated by the Court of Justice of the European Union.

Citizens expect these safeguards from democratically elected governments, even as they understand the importance of protecting people from national security threats.

Building for the long term

People rely more than ever before on the global exchange of information in their daily lives. Everything from online shopping and travel to business operations and security depends on data flows across borders. The Framework guarantees that the tools and services people in the EU use every day will remain available, even while being held to the highest standards of privacy and data protection.

We look forward to certifying our processes under the Trans-Atlantic Data Privacy Framework at the first opportunity. For Google, these (and similar) standards serve as a floor, not a ceiling, for the protections we offer our users and customers. We already help our customers meet stringent data protection requirements by offering industry-leading technical controls, contractual commitments, and resources for risk assessment, and we have long offered leading data access and control tools to our users. Our investment in that work continues to grow.

Sustaining transatlantic cooperation

The Framework shows that it is possible to take difficult steps to reinforce transatlantic cooperation and address emerging security and information threats. This urgency should carry over to enacting a robust new U.S. federal privacy law to align with international standards and enhance trust and confidence in digital services.

For similar reasons, we called eight months ago for the creation of the Transatlantic Trade & Technology Council (TTC) to enable the kind of bilateral coordination necessary to get ahead of future challenges and ensure that the U.S. and EU avoid discordant or discriminatory approaches. We were encouraged by the creation of the TTC and its commitment to avoiding unnecessary barriers to technological trade. There is now a need for progress in other areas of transatlantic divergence, from online content to taxation to competition to supply chains.

The importance of safe, resilient distributed computing in the face of war and autocracy makes this work even more urgent. As the TTC prepares for its next meeting, it is more important than ever that it carry forward the lessons of the Trans-Atlantic Data Privacy Framework to promote a durable digital partnership.