[hedonistbot]

Dear HN, please scale down the panic.

>President Trump’s Executive Order calls for federal agencies in the U.S. to ensure that their privacy notices make clear that Privacy Act protections extend only to citizens and permanent residents of the U.S. Importantly, Article 14 of the Order explicitly states that the federal agencies must do so in a manner that is “consistent with applicable law.” In the context of EU-U.S. data transfers for law enforcement purposes, the Judicial Redress Act constitutes applicable law, and thus President Trump’s Executive Order, as written, should not impact the Judicial Redress Act’s extension of the Privacy Act’s protections to citizens of the EU. As a result, absent further action from the U.S. government, we do not expect this Executive Order to impact the legal viability of the Privacy Shield Framework.

https://www.huntonprivacyblog.com/2017/01/28/privacy-shield-...

[hedonistbot]

Here is a good summary from Techcrunch. TLDR: the EO shouldn't invalidate Privacy Shield protections, but the whole framework is flawed and does not guarantee privacy of EU citizens. The relevant parts:

> The spokeswoman has now sent us a statement in which the EC asserts that Privacy Shield “does not rely on the protections under the U.S. Privacy Act”.

> Critics of Privacy Shield –– including the lawyer who brought the original challenge against Safe Harbor — have consistently argued the arrangement contains the same fundamental flaws as its invalidated predecessor, given ongoing U.S. government agency surveillance programs accessing European citizens’ data.

https://techcrunch.com/2017/01/26/trump-order-strips-privacy...

[uiri]

Yes, seriously. Trump's orders only apply to the federal government. State and local governments, along with private companies, still have full discretion when it comes to their privacy policies and other actions.