In a panel discussion Wednesday at the Computers, Privacy, and Data Protection conference in Brussels, Edward Hasbrouck of the Identity Project pointed out that that both the so-called Privacy Shield and the EU-US agreement on transfers of Passenger Name Record (PNR) data from the European Union to the US government depend on non-treaty “promises”, “commitments”, “undertakings”, and executive orders by the Obama Administration.
These are not binding on President Trump, and there is no reason to expect Trump do anything just because Obama said he would do it.
Quite the contrary: President Trump has no intention of continuing many of President Obama’s policies, and every intention of reversing many of them — even if Trump continues others, such as mass surveillance, profiling of US citizens and foreigners, and reliance on executive orders to avoid the need for Congressional approval of his program, which Trump presumably will continue.
“As of this week, with Trump’s inauguration, the EU-US PNR agreement and Privacy Shield are dead letters. The only question is whether the Trump administration will officially renounce them, or whether it will simply ignore them,” Hasbrouck told the audience at CPDP.
The answer came just a few hours later the same day, when President Trump issued an executive order including the following:
Sec. 14. Privacy Act. Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.
The US recognized privacy as a human right when it ratified the International Covenant on Civil and Political Rights:
1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence….
2. Everyone has the right to the protection of the law against such interference or attacks.
But as we have complained to the relevant UN treaty bodies, the US has flouted its obligations under this and other provisions of the ICCPR related to freedom of movement as a human right, and has provided no effective means of redress for these violations.
Instead, on this and other issues the US has acted as though there are no human rights, only privileges of US citizenship. President Trump’s executive order on privacy is only the latest official restatement of this longstanding and bipartisan US government position.
With this Presidential decree, the EU-US PNR agreement is dead.
The next question is when EU institutions will recognize this legal fact, and what they will do about it.