Get featured

EU court upholds EU–US data transfer deal

EU court upholds EU–US data transfer deal

EU court upholds data transfer framework between Europe and US. The ruling rejected a legal challenge and confirmed that the framework’s safeguards are adequate, allowing businesses across sectors to continue transatlantic transfers with renewed certainty after years of disruption caused by previous court annulments of earlier agreements.

Europe’s General Court has upheld the European Commission’s decision approving the EU–US Data Privacy Framework, rejecting a challenge that sought its annulment.

The ruling, delivered on 3 September in Case T-553/23, confirms that the framework adopted in July 2023 provides an adequate level of protection for personal data transferred from the European Union to the United States. French MP Philippe Latombe, who filed the case, argued that US surveillance laws still allow disproportionate collection of European data and that the new US Data Protection Review Court lacked independence.

The General Court dismissed these claims. Judges found that the safeguards written into the framework — including judicial oversight mechanisms and redress for EU citizens — were sufficient under European law. The judgment means companies across sectors, from banking and technology to manufacturing, can continue transferring data legally under the scheme.

The framework replaced earlier mechanisms struck down by the Court of Justice of the EU: Safe Harbour in 2015 and Privacy Shield in 2020, both invalidated due to US intelligence practices. Businesses had faced years of uncertainty and relied on alternative contractual clauses to keep cross-border data flowing.

Industry groups welcomed the decision. The Information Technology Industry Council described it as a “landmark ruling” that restores legal certainty for cross-border transfers. The Business Software Alliance added that it provides stability and reassurance for businesses and consumers on both sides of the Atlantic.

Privacy campaigners, however, remain sceptical. Max Schrems of digital rights group NOYB said the case brought by Latombe was narrowly framed and that further legal action is likely. He argued the ruling diverges from earlier findings of the Court of Justice, which twice struck down transatlantic transfer frameworks on privacy grounds.

An appeal to the Court of Justice of the EU remains possible, leaving open the prospect of renewed scrutiny. For now, though, companies dependent on transatlantic data flows have been granted a measure of legal certainty.

BQ

Stories for you —

  • Cargostore CEO marks five years with expansion plans

    Cargostore CEO marks five years with expansion plans

    Cargostore CEO Andrew Hart marks five years leading global expansion. The container leasing specialist has doubled profits during his tenure and completed two acquisitions, while positioning assets across its international depot network to support further growth in offshore energy, logistics, and temperature-controlled container markets.

  • Supporting neurodivergent employees in the workplace

    Supporting neurodivergent employees in the workplace

    Neurodiversity presents both opportunity and responsibility for modern workplaces. Dan Kentley, Head of Assessment and Specialist Clinical Services at Onebright, explains why organisations that recognise neurodivergent strengths — and make practical workplace adjustments — can unlock productivity, innovation, and stronger employee retention.

  • Tariffs drive sharp fall in UK exports to US

    Tariffs drive sharp fall in UK exports to US

    US tariffs trigger sharp drop in British exports to America. New trade barriers cut the value of UK goods shipped to the US by more than 10% in 2025, with clothing, footwear, artworks, and cars among the sectors recording the steepest declines.