From Safe Harbour to the Rough Sea? Privacy Disputes across the Atlantic

Abstract

Contrary to initial hopes of its founders, the increased economic, social-cultural and political importance of “cyberspace”has led to substantial state regulation of it. The issue of transborder data traffic therefore requires the cooperation of nation states which, however, encounters many difficulties. The established literature on the regulation of disputes in transatlantic data transmissions focuses on the importance of values, norms, and discourse in a constructivist perspective. Building on an analysis of three illustrative case studies (the “Safe Harbor” agreement between the U.S. and the EU that was meant to provide a framework for firms in the face of different standards of private sector data protection between the two areas; the dispute between the U.S. and the EU about the transmission of airline passengers’ personal data; and the controversy between the U.S. and European institutions about the confiscation of financial transfer data), this paper argues that an approach that combines the analysis of “frames”with that of interests and institutions can better account for the diversity in outcomes. The cases also demonstrate that initial expectations for a “policy transfer” of EU privacy standards to the U.S. did not materialise. The paper concludes by offering speculations about conditions conducive to the emergence of an international regime on privacy and data protection.