EU and US seek 'common principles' for data governance and AI

The EU and the United States of America plan to work together to build a common approach to data governance and policies around technology platforms, according to a joint statement.

Information and communications technology security and competitiveness, as well as the misuse of technology threatening security and human rights are also in scope of the Inaugural Trade and Technology Council Meeting between the global superpower and the world’s largest economic and political bloc.

Launched by president Joe Biden, European Commission president Ursula von der Leyen, and European Council president Charles Michel at the U.S.-EU Summit in June 2021, the Council held its first meeting yesterday.

At the meeting, the United States and European Union decided to closely coordinate on an expansive set of critical economic and technology issues over the coming months and achieve concrete outcomes by the next meeting. These include joint work on the semi-conductor supply chain and Artificial Intelligence, as well as data governance, the joint statement said.

"The United States and European Union will develop and implement AI systems that are innovative and trustworthy and that respect universal human rights and shared democratic values, explore cooperation on AI technologies designed to enhance privacy protections, and undertake an economic study examining the impact of AI on the future of our workforces," it said.

Management of data sharing between the two jurisdictions has hit a rocky patch since EU Court of Justice struck down the so-called Privacy Shield data protection arrangements between the political bloc and the US, triggering a fresh wave of legal confusion over the transfer of EU subjects' data to America.

• Privacy Shield binned after EU court rules transatlantic data protection arrangements 'inadequate'
• Final guidance on Schrems II ruling: Data from EU could be held up if a third country lets authorities access it
• European recommendations following Schrems II Privacy Shield ruling cast doubt on cloud encryption practices
• Eclipse Data Connector arrives for GAIA-X, Europe's plan to protect its cloud data from foreign tech firms

The 2020 Schrems II ruling stemmed from a complaint that Ireland's data protection agency wasn't preventing Facebook Ireland Ltd (as EU representative of the Zuckerberg empire) from beaming his data to the US.

In its final guidance on the Schrems II ruling, European Data Protection Board (EDPB) said the transfer of data could be impinged on if legislation in a third country allows authorities to access data transferred from the EU, even without the importer's intervention.

The guidance also allows for data sharing with encryption only if the "keys are retained solely under the control of the data exporter, or by an entity trusted by the exporter in the European Economic Area or under a jurisdiction offering an essentially equivalent level of protection to that guaranteed within the EEA." ®