Menu
A digitally manipulated image blending the EU and US flags. The stars from the EU flag overlay the blue field of stars from the US flag, while the red and white stripes of the US flag merge into the blue background of the EU flag, creating a textured, intertwined appearance.

EU General Court Upholds EU‑US Data Privacy Framework

, , , , , ,

The European Union General Court (EGC) has dismissed the annulment action brought by French lawmaker Philippe Latombe against the EU‑US Data Privacy Framework (DPF), allowing transatlantic data flows to continue under the current arrangement. Latombe had argued that the Data Protection Review Court (DPRC), created by a 2022 US executive order, lacked sufficient independence because its existence and structure stemmed from presidential authority. The EGC found that safeguards govern DPRC appointments and functioning, and noted that judges can be dismissed only by the US Attorney General and only for cause, while the European Commission retains an ongoing duty to monitor the framework and may suspend or amend it if obligations are not met.

The court also rejected the claim that prior authorization by an independent authority was required under the Schrems II precedent, observing that the Court of Justice’s case law addresses ex post review rather than prior approval for intelligence activities. As a result, the EGC concluded Latombe had not shown the DPF should be annulled. Latombe’s challenge was further constrained by procedural standing rules, which require plaintiffs in annulment actions to demonstrate direct individual concern—a hurdle the court found not met in this case.

Privacy advocates, particularly Max Schrems and his None Of Your Business (noyb) group, signalled that the litigation is unlikely to end with this decision. noyb argued that the DPF largely mirrors the earlier Safe Harbor and Privacy Shield frameworks that the Court of Justice invalidated, and indicated plans to examine US practices—especially the increased use of executive orders under recent administrations—as grounds for further legal challenge. Schrems has suggested a broader challenge that scrutinizes US law and the practical independence of oversight mechanisms could produce a different outcome.

Legal commentators observe the ruling stabilizes cross‑border data transfers for now but stress the future of the DPF depends on how US oversight mechanisms operate in practice. Some practitioners note the EGC’s judgment may reflect broader political considerations, aiming to avoid immediate transatlantic economic friction. Ultimately, the DPF’s long‑term viability will hinge on continual monitoring, potential enforcement actions, and the possibility of further legal challenges that test the adequacy of protections for EU data subjects.

  • Save

Related Posts

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Copy link
CopyCopied