Σάββατο, 29 Απριλίου 2017

The Proposed EU Directives on Digital Contracts: An Important Step for Legal Harmonization in the area of e-commerce in Europe

Ioannis Iglezakis
Associate Professor, Faculty of Law, Aristotle University of Thessaloniki

Α. Introduction
Europe is on the way to be transformed into a digital marketplace. For that purpose, it adopted the Digital Single Market Strategy on the 6th of May 2015, which aims to open up digital opportunities for people and business and enhance Europe’s position  as a world leader in the digital economy.[1]
To promote the objectives of that strategy and more particularly, to fully exploit the growth potential of e-commerce, the EU Commission submitted two Directive Proposals on 9 December 2015, which provide for contract rules for the supply of digital content and the online sales of goods, i.e., (a) a proposal for a Directive on certain aspects concerning contracts for the supply of digital content[2], hereinafter referred to as the Digital Content Directive, and (b) a proposal for a Directive on certain aspects concerning contracts for the online and other distance sales of goods, referred to as the Online Sales and Distance Sales Directive[3].
These two proposals and the proposal for a Regulation on cross-border portability of online content services were the first legislative initiatives adopted under the Digital market Strategy. The objective of the Directives is to harmonize in a targeted way the key mandatory rights and obligations of contract parties and thus, to contribute to faster growth of the Digital Single Market.[4]  The harmonization of the aspects covered by the Directives is considered necessary for the achievement of a genuine digital single market by the EU Commission.[5]
Furthermore, the proposals acknowledge that commercial and technological transformations take place speedily due to digitalization and legislation cannot keep up. Thus, the effort of the EU is to ensure that business standards and consumer rights will be set in accordance with EU rules that respect a high-level of consumer protect, while at the same time, provide for a modern business friendly environment. Businesses require a simplified regulatory framework in the EU, to increase their competitiveness and participation in digital markets. Consumers, on the other hand, should be offered protection to cope with problems related to distance transactions.
These new measures were proposed after a Regulation Proposal on a Common European Sales Law[6] (“CESL”) was withdrawn, as it was subjected to criticism because its scope was considered as too broad by many Member States. The influence of the CESL on the proposals is, however, manifest, since the directive provisions derive from that.
It is notable that the rules included in the Directives aim at full harmonization[7] and complement one another. Thus, they build an integral part of a legal framework on the civil law aspects of the digital environment, which needs to be consistent throughout the European Union.

B. Online Sales and Distance Sales Directive
The proposed Directive includes provisions for distance sales contracts concluded between the seller and the consumer, in particular rules on conformity of goods, remedies in case of non-conformity and the modalities for the exercise of these remedies. Thus, the scope of the proposal is restricted to contracts for movables in B2C and does not apply to distance contracts for the provision of services. It also does not apply to the sale of tangible items containing digital content, such as DVDs and CDs, which fall within the ambit of the Digital Content Directive. It should also be noted that the Directive does not include rules for consumer sales contracts concluded online, but it regulates sales contracts concluded at a distance.
The Directive provides detailed rules on conformity (Art. 4 – 8). Conformity with the contract is the key criterion for the seller’s liability. Of central importance is the provision of Article 4 providing that  the seller shall ensure that, in order to conform with the contract, the goods shall, where relevant: (a) be of the quantity, quality and description required by the contract, which includes that where the seller shows a sample or a model to the consumer, the goods shall possess the quality of and correspond to the description of this sample or model; (b) be fit for any particular purpose for which the consumer requires them and which the consumer made known to the seller at the time of the conclusion of the contract and which the seller has accepted; and (c) possess the qualities and performance capabilities indicated in any pre-contractual statement which forms an integral part of the contract.  The provisions of Articles 4-8 follow Article 2 of Directive 1999/44 and Articles 99 ff. of the CESL, while the main criterion for conformity has been applied in the Member States which transposed the Directive since 2002.
What is new in the proposal is that Article 7 requires that at the time relevant for establishing the conformity with the contract, the goods must be free from any right of a third party, including intellectual property rights, and also Article 8 specifies at which time the lack of conformity must exist. This is the time at which: (a) the consumer or a third party indicated by the consumer and other than the carrier has acquired the physical possession of the goods; or (b) the goods are handed over to the carrier chosen by the consumer, where that carrier was not proposed by the seller or where the seller proposes no means of carriage. Another specific provision is concerning incorrect installation of the goods, providing that in such case lack of conformity with the contract of goods exists if: a) the goods were installed by the seller or under the seller’s responsibility or b) the goods, were installed by the consumer and the incorrect installation was due to a shortcoming in the installation instructions.
The reversal of the burden of proof is regulated differently than in the Consumer Sales  Directive. Article 14 in connection with Article 8 Online Sales and Distance Sales Directive basically provides that this period is two years after the consumer has obtained physical possession of the goods or the goods have been installed, while Article 8 (3) provides for a presumption of lack of conformity within a period of two years. In the contrary, the Consumer Sales Directive provides in Art. 5 (3) for a presumption of a lack of conformity which becomes apparent within six months of delivery of the goods.
The directive proposal provides for a two-step remedy system which is similar to the consumer sales directive. Accordingly, the consumer must first claim repair or replacement, which should be completed by the seller within a reasonable time, and only in the second stage he/she is entitled to claim price reduction of termination. The rationale is to keep the contract intact for as long as possible and also, minimize costs.
The right to terminate the contract is central to the regulation of consumer rights and is included within the system of consumer’s remedies for the lack of conformity with the contract. Accordingly, the consumer shall exercise this right by notice to the seller given by any means in the circumstances defined in Art. 9 (3), that is, when repair or replacement are impossible. Furthermore, in accordance with the proposal, termination is also possible in case of minor defects, whereas, new rules on modalities and on consequences of termination are provided for.

C. Digital Content Directive
The Digital Content Directive applies to any contract for the supply of digital content to consumers by a supplier to a consumer, in exchange of which, a price is to be paid or the consumer provides counter-performance other than money in the form of personal data or any other data (Art. 3). It applies regardless of whether the contract was concluded at a distance and of the way in which the digital content is delivered (e.g., on a durable medium, by means of a download, by way of streaming, etc.). And, it also applies both to contracts under which the consumer obtains control over the digital content and contracts under which the supplies solely supplies services (e.g., streaming, cloud services, social media, etc.).
The definition of digital content is provided for in Article 2 s.1. It includes (a) data which is produced and supplied in digital form, for example video, audio, applications, digital games and any other software, (b) a service allowing the creation, processing or storage of data in digital form, where such data is provided by the consumer, and (c) a service allowing sharing of and any other interaction with data in digital form provided by other users of the service.
The basic obligation of the supplier, according to Article 5, is to supply the digital content to the consumer or to a third party designated by him/her, i.e. a physical or virtual facility through which the digital content is made available or accessible to the consumer, e.g. an internet host providing cloud storage. The supply must take place immediately after the conclusion of the contract, unless the parties have agreed otherwise. When the supplier fails to supply the digital content, the consumer can terminate the contract immediately.
The central provision in the Directive is Article 6, which regulates conformity of digital content. It provides that the digital content must comply with the specific purpose for which the consumer has purchased the digital content, in as far as these specific purposes have been disclosed to the supplier before the conclusion of the contract, and with the information that has been provided by the supplier before or at the conclusion of the contract. This applies to the purchase of software or games and to the supply of online services such as Netflix. In addition, unless agreed otherwise, the supplier must deliver the latest version of the digital content that was in circulation at the time of contract conclusion.
Objective standards for the assessment of conformity apply only in case the parties did not made any specific arrangements concerning the requirements with which the digital content should conform (Article 6 (2)).
The installation of digital content is also of importance, as it often needs to be installed to function properly. Respectively, Article 7 provides that the supplier is liable for a lack of conformity which results from the incorrect integration of the digital content into the consumer’s digital environment, provided that: (a) the digital content was integrated by the supplier or under the supplier’s responsibility; or (b) the digital content was intended to be integrated by the consumer and the incorrect integration was due to shortcomings in the integration instructions.
Similarly, as in the Online and Distance Sales Directive, the Digital Content Directive provides that at the time the digital content is supplied to the consumer, the digital content shall be free of any right of a third party, including based on intellectual property, so that the digital can be used in accordance with the contract. This also applies where the digital content is supplied over a period of time.
Regarding the reversal of the burden of proof, the proposal adopts an innovative solution. It provides namely that the burden of proof as regards the conformity with the contract shall be on the supplier, without time restriction. However, the supplier does not bear the burden of proof if he/she proves that the digital environment of the consumer is not compatible with the interoperability requirements and other technical requirements of the digital content and the supplier had informed the consumer before the conclusion of the contract of these requirements. This provision includes basically a requirement on the part of the supplier of the digital content to obtain information from the consumer before the conclusion of the contract.
Another essential regulation concerns the liability of the supplier in Art. 10, which provides that the supplier is liable to the consumer, firstly, for any failure to supply the digital content, which give him/her the right to terminate the contract, and secondly, for any lack of conformity existing at the time the digital content is supplied or for such that occurs during the period of time for which it is supplied. The remedies for the lack of conformity with the contract include: a) the right of the consumer to have the digital content brought into conformity with the contract free of charge, b) the right to terminate the contract, or c) the right to a reduction of the price.
If the consumer chooses to exercise the right to have the digital content brought into conformity, it is at the discretion of the supplier how to comply with the consumer’s demand. The supplier may provide an update or a patch or ask the consumer to download a new copy of the digital content. This remedy is free of charge and is provided within a reasonable period and without causing significant inconvenience to the consumer. The consumer does, however, not have a right to have the digital content brought into conformity if this would be impossible, disproportionate or unlawful.
The consumer has the right to either a proportionate price reduction of the price where the digital content is supplied in exchange for a payment of a price, or terminate the contract in the following cases: (a) if the remedy to bring the digital content in conformity is impossible, disproportionate or unlawful; (b) if the supplier has not completed the remedy within reasonable time; (c) if the remedy to bring the digital content in conformity would cause significant inconvenience to the consumer; or (d) if the supplier has declared, or it is equally clear from the circumstances, that the supplier will not bring the digital content in conformity with the contract.
The consumer may terminate the contract only if the lack of conformity with the contract impairs functionality, interoperability and other main performance features of the digital content such as its accessibility, continuity and security. The burden of proof that the lack of conformity with the contract does not impair functionality, interoperability and other main performance features of the digital content is on the supplier.
Where termination of the contract is performed, the supplier shall reimburse the consumer the price paid within 14 days. Upon termination, the supplier may prevent any further use of the digital content of the consumer. However, the consumer is not liable to pay for any use made of the digital content before the termination of the contract.
The supplier is also  required to offer the consumer the possibility to retrieve, free of charge, within a reasonable period and in a commonly used format, the digital content provided by the consumer (e.g., digital content in the supplier’s cloud) and any data that was produced or generated by the consumer and which has been retained by the supplier.
The Digital Content Directive differs from the relevant Directives, in that it includes a provision on damages. Article 14 (1) provides that the supplier shall be liable to the consumer for any economic damage to the digital environment of the consumer caused by a lack of conformity with the contract or a failure to supply the digital content. It also states that damages shall put the consumer as nearly as possible into the position in which the consumer would have been if the digital content had been duly supplied and been in conformity with the contract.
Long-terms contracts may be modified by the supplier of digital content in certain conditions, according to Article 15. In particular, this is possible where: (a) the contract so stipulates; (b) the consumer is notified reasonably in advance of the modification by an explicit notice on a durable medium; (c) the consumer is allowed to terminate the contract free of any charges within no less than 30 days from the receipt of the notice; and (d) upon termination of the contract, the consumer is provided with technical means to retrieve all content provided.
In long-term contracts the consumer has the right to terminate the contract any time after the expiration of the first 12 months period.

Conclusion
The Directive proposals presented here, once adopted, they will contribute to the development of a common European sales law. They are also important for the regulation of the civil law aspects of e-commerce.  



[1] Commission Communication 'A Digital Single Market Strategy for Europe' COM (2015) 192 final, available at: http://ec.europa.eu/priorities/digital-single-market/
[2] COM(2015) 634 final.
[3] COM(2015) 635 final.
[4] See, in particular, Communication, Digital contracts for Europe – Unleashing the potential of e-commerce, COM (2015) 633 final.
[5] Digital Content Directive , Recital Nr. 2; Online and Distance Sales Directive, Recital Nr. 2.
[6] Proposal for a Regulation on a Common European Sales Law (COM (2011) 635 final.
[7] Article 3 of Online and Distance Sales Directive; Article 4 of Digital Content Directive.

Διεθνές Συνέδριο, με θέμα: «Ιατρική, Δίκαιο και Διαδίκτυο»




Το Εργαστήριο Μελέτης Ιατρικού Δικαίου και Βιοηθικής του Αριστοτελείου Πανεπιστημίου Θεσσαλονίκης, ο Δικηγορικός Σύλλογος Θεσσαλονίκης και ο Ιατρικός Σύλλογος Θεσσαλονίκης διοργανώνουν Διεθνές Συνέδριο, με θέμα: «Ιατρική, Δίκαιο και Διαδίκτυο», που θα πραγματοποιηθεί στη Θεσσαλονίκη, από τις 4 ως τις 6 Μαΐου 2017, στο Συνεδριακό Κέντρο της Τράπεζας Πειραιώς ( Κατούνη 12 – 14). 

Συμμετέχουν διεθνούς φήμης επιστήμονες και ερευνητές στο πεδίο των πολιτικών δημόσιας υγείας, της βιοηθικής, του δικαίου, των θεμελιωδών δικαιωμάτων των πολιτών, της ιατρικής και του Διαδικτύου. Στόχος του συνεδρίου είναι να αναδειχθούν οι κίνδυνοι που δημιουργούνται για τη δημόσια υγεία και τις ατομικές ελευθερίες των πολιτών από την ευρεία χρήση του διαδικτύου καθώς και τα δυσχερή νομικά ζητήματα που ανακύπτουν και απασχολούν με διαρκώς αυξανόμενη ένταση την πράξη.
Πιο συγκεκριμένα, τα θέματα που θα εξεταστούν κατά τη διάρκεια του συνεδρίου είναι:
  • Ιατρικά και νομικά ζητήματα που ανακύπτουν από την προσφορά ή ζήτηση υπηρεσιών ή βιολογικού υλικού μέσω διαδικτύου.
  • Εμπορικές πρακτικές στο πλαίσιο της παροχής υπηρεσιών υγείας μέσω του διαδικτύου και των μέσων κοινωνικής δικτύωσης
  • Ιατρικά και νομικά ζητήματα σχετικά με το ηλεκτρονικό εμπόριο φαρμάκων.
  • Τηλεϊατρική.
  • Ηλεκτρονική διαχείριση ιατρικών δεδομένων.
  • Ο ρόλος του διαδικτύου στην άσκηση της ιατρικής και την ανάδειξη της σύγκρουσης συμφερόντων.
  • Δυσφημιστικές ενέργειες σε βάρος ιατρών μέσω διαδικτύου και νομική τους αξιολόγηση.

Ιστοσελίδα Συνεδρίου: http://medlawlab.web.auth.gr/news/14

Πέμπτη, 6 Απριλίου 2017

Ηλεκτρονικό πινάκιο, καταχώριση διάταξης στο ηλεκτρονικό βιβλίο διατάξεων και ηλεκτρονική ενημέρωση των διαδίκων

Δημοσιεύθηκε το Π.Δ. 19/2017 (ΦΕΚ Α΄, αρ. φύλλου 33, 17.3.2017) με τίτλο "Εγγραφή της υπόθεσης στο ηλεκτρονικό πινάκιο, καταχώριση της διάταξης στο ηλεκτρονικό βιβλίο διατάξεων και ηλεκτρονική ενημέρωση των διαδίκων, κατά το άρθρο 237 του Κώδικα Πολιτικής Δικονομίας."

Με το Π.Δ. αυτό υλοποιούνται οι επιταγές του άρθρου 237 ΚΠολΔ που αφορούν την εγγραφή των υποθέσεων στο ηλεκτρονικό πινάκιο.

Ειδικότερα, προβλέπονται τα εξής:


Άρθρο 1
Σκοπός
Με τις διατάξεις του παρόντος ορίζεται η διαδικασία εγγραφής της υπόθεσης στο ηλεκτρονικό πινάκιο, της καταχώρισης της διάταξης στο ηλεκτρονικό βιβλίο διατάξεων και της ηλεκτρονικής ενημέρωσης των διαδίκων, σύμφωνα με τις παραγράφους 4 και 6 του άρθρου 237 του Κώδικα Πολιτικής Δικονομίας.

Άρθρο 2
Ορισμοί
Για την εφαρμογή των διατάξεων του παρόντος, ισχύουν οι κάτωθι ορισμοί:
α. Ως «ηλεκτρονικό πινάκιο» ορίζεται το βιβλίο της παραγράφου 3 του άρθρου 226 του Κώδικα Πολιτικής Δικονομίας το οποίο τηρείται ηλεκτρονικά.
β. Ως «ηλεκτρονικό βιβλίο διατάξεων» ορίζεται το οικείο βιβλίο της παραγράφου 6 του άρθρου 237 του Κώδικα Πολιτικής Δικονομίας το οποίο τηρείται ηλεκτρονικά.

Άρθρο 3
Στοιχεία ηλεκτρονικού πινακίου
1. Το ηλεκτρονικό πινάκιο διαθέτει τα ακόλουθα στοιχεία: α) ημερομηνία, β) αύξοντα αριθμό πινακίου, γ) δικαστήριο, δ) κτίριο, ε) αίθουσα, στ) γενικό ή/και ειδικό αριθμό κατάθεσης, ζ) όνομα και επώνυμο διαδίκων και η) όνομα και επώνυμο πληρεξουσίων δικηγόρων.
2. Η καταχώριση των στοιχείων των πληρεξουσίων δικηγόρων των διαδίκων γίνεται, όπου αυτό είναι εφικτό, με την αξιοποίηση βάσεων δεδομένων των Δικηγορικών Συλλόγων ή της Ολομέλειας των Δικηγορικών Συλλόγων Ελλάδος.
3. Στοιχεία ταυτοποίησης του πληρεξουσίου δικηγόρου ή και της δικηγορικής εταιρείας ορίζονται τα ακόλουθα: α) αριθμός μητρώου οικείου Δικηγορικού Συλλόγου, β) όνομα, γ) επώνυμο, δ) διεύθυνση ηλεκτρονικού ταχυδρομείου.

Άρθρο 4
Ηλεκτρονικό βιβλίο διατάξεων
Το ηλεκτρονικό βιβλίο διατάξεων διαθέτει τα πληροφοριακά στοιχεία του πινακίου και επιπλέον πεδίο καταχώρισης της διάταξης στο οποίο εμφανίζεται ο χρόνος έκδοσης της και ο αύξων αριθμός αυτής. Το πεδίο αυτό συνέχεται με την εφαρμογή του ηλεκτρονικού πινακίου και εμφανίζεται ως διακριτή στήλη.

Άρθρο 5
1. Με απόφαση του αρμόδιου για την κατάρτιση του κανονισμού εσωτερικής υπηρεσίας οργάνου, η οποία αναρτάται στον πίνακα ανακοινώσεων του δικαστηρίου, διαπιστώνεται η ύπαρξη της κατάλληλης τεχνικής υποδομής και καθορίζεται η ημερομηνία εφαρμογής των άρθρων 3 και 4.
2. Με την ίδια απόφαση μπορεί να ορίζεται ότι από την ημερομηνία αυτή καταργείται το βιβλίο διατάξεων.

Άρθρο 6
Αρμοδιότητες Γραμματείας Δικαστηρίων
1. Ο γραμματέας που είναι υπεύθυνος για τη σύνταξη του πινακίου εγγράφει την υπόθεση στο ηλεκτρονικό πινάκιο.
2. Ο γραμματέας που είναι υπεύθυνος για την καταχώριση της διάταξης στο οικείο βιβλίο καταχωρίζει τη διάταξη στο ηλεκτρονικό βιβλίο διατάξεων
3. Η ηλεκτρονική εγγραφή της υπόθεσης στο πινάκιο και η ηλεκτρονική καταχώριση της διάταξης ισχύει ως κλήτευση όλων των διαδίκων. Με πρωτοβουλία του γραμματέα γνωστοποιείται η δικάσιμος που ορίστηκε με αποστολή ηλεκτρονικού μηνύματος στη διεύθυνση ηλεκτρονικού ταχυδρομείου των διαδίκων.
4. Αντίγραφο του ηλεκτρονικού μηνύματος τίθεται από το γραμματέα στο φάκελο της υπόθεσης.

Άρθρο 7
Τήρηση ηλεκτρονικού αρχείου
1. Τα δικαστήρια τηρούν τα ως άνω ηλεκτρονικά αρχεία σύμφωνα με τα προβλεπόμενα στη διάταξη της παραγράφου 4 του άρθρου 42 του ν. 3659/2008.
2. Η αναζήτηση των πληροφοριών από το ηλεκτρονικό αρχείο πραγματοποιείται με τη χρήση αλφαβητικού ευρετηρίου των διαδίκων και αριθμητικού ευρετηρίου των αριθμών κατάθεσης.
3. Τα τηρούμενα ηλεκτρονικά αρχεία πρέπει να πληρούν τους όρους και προϋποθέσεις ασφαλείας και να εγγυώνται ιδίως την ακεραιότητα, αυθεντικότητα, εμπιστευτικότητα και την ποιότητα των εγγράφων καθώς και των δεδομένων και πληροφοριών που περιέχονται σε αυτά.

Άρθρο 8
Δημοσιοποίηση στοιχείων
Το ηλεκτρονικό πινάκιο και το ηλεκτρονικό βιβλίο διατάξεων αναρτώνται σε ιστοσελίδα.
Τα δικαστήρια μπορούν να δημοσιοποιούν σε ηλεκτρονική σελίδα που είναι προσβάσιμη στο κοινό τα κάτωθι στοιχεία του ηλεκτρονικού πινακίου και του ηλεκτρονικού βιβλίου διατάξεων: α) αριθμό κατάθεσης αγωγής, β) γενικό αριθμό κατάθεσης, γ) ημερομηνία κατάθεσης, δ) αύξοντα αριθμό πινακίου, ε) ημερομηνία εκδίκασης της υπόθεσης και στην περίπτωση της παραγράφου 6 του άρθρου 237 του Κώδικα Πολιτικής Δικονομίας στοιχεία της διάταξης που διατάζει επανάληψη της συζήτησης.
Το άρθρο 5 παρ.1 εφαρμόζεται αναλόγως.

Άρθρο 9
Έναρξη ισχύος
Η ισχύς του παρόντος αρχίζει από τη δημοσίευσή του στην Εφημερίδα της Κυβερνήσεως. Στον Υπουργό Δικαιοσύνης, Διαφάνειας και Ανθρωπίνων Δικαιωμάτων αναθέτουμε τη δημοσίευση και εκτέλεση του παρόντος διατάγματος.
Αθήνα, 23 Φεβρουαρίου 2017

European Parliament Resolution with regard the Privacy Shield Rules


The Commission adopted on 12 July 2016 its decision on the EU-U.S. Privacy Shield.
See: http://europa.eu/rapid/press-release_IP-16-2461_en.htm

This new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers. The new arrangement includes:
  • strong data protection obligations on companies receiving personal data from the EU
  • safeguards on U.S. government access to data;
  • effective protection and redress for individuals;
  • annual joint review to monitor the implementation.

The new arrangement lives up to the requirements of the European Court of Justice. On 6 October 2015, the Court of Justice of the European Union had declared the Commission’s 2000 Decision on EU-US Safe Harbour invalid. So far, more than 1,900 companies have joined the scheme.

However, new rules were adopeted recently, which allow the US National Security Agency (NSA) to share private data with other US agencies without court oversight. Moreover, recent revelations about surveillance activities by a US electronic communications service provider and vacancies on US oversight bodies have brought about concerns raised by MEPs in a resolution passed on Thursday.

In the resolution, adopted by 306 votes to 240, with 40 abstentions, MEPs call on the EU Commission to conduct a proper assessment and ensure that the EU-US “Privacy Shield” for data transferred for commercial purposes provides enough personal data protection for EU citizens to comply with the EU Charter of Fundamental Rights and new EU data protection rules. The first annual review of the Privacy Shield framework is expected in September.

"This resolution aims to ensure that the Privacy Shield stands the test of time and that it does not suffer from critical weaknesses”, said Civil Liberties Committee Chair Claude Moraes (S&D, UK). “We acknowledge the significant improvements made compared to the former EU-US Safe Harbour, but there are clearly deficiencies that remain to be urgently resolved to provide legal certainty for the citizens and businesses that depend on this agreement”, he added.

MEPs are particularly worried about recent revelations about surveillance activities conducted by a US electronic communications service provider at the request of the NSA and FBI in 2015, one year after Presidential Policy Directive 28 limited the amount of data intelligence that can be collected and processed, new rules that from January 2017 allow the NSA to share vast amounts of private data, gathered without warrant, court orders or congressional authorisation, with 16 other agencies, including the FBI, the rejection of rules to protect the privacy of broadband customers by the Senate and the House of Representatives in March, which “ eliminates (…) rules that would have required internet service providers to get consumers’ explicit consent before selling or sharing web browsing data and other private information with advertisers and other private companies”, vacancies on the Privacy and Civil Liberties Oversight Board, which means that it lost its quorum on 7 January, making it more limited in its authority, while at the same time the Federal Trade Commission, which enforces the Privacy Shield, has three of its five seats vacant, insufficient independence of the Ombudsperson mechanism set up by the US Department of State plus the fact that the incoming US administration has not appointed a new Ombudsperson , and the fact that neither the Privacy Shield Principles nor letters from the US administration demonstrate the existence of effective judicial redress rights for EU individuals whose data are transferred to the US.

Source: http://www.europarl.europa.eu/news/en/news-room/20170329IPR69067/data-privacy-shield-meps-alarmed-at-undermining-of-privacy-safeguards-in-the-us