On February 24, 2016, President Obama signed into law the Judicial Redress Act giving citizens of certain “covered countries” access to U.S. courts to protect their privacy and take legal action against U.S. government agencies if their personal data is unlawfully disclosed. The Act provides that the U.S. Secretary of State, the Treasury Secretary and the Secretary of Homeland Security, will designate which countries and “regional economic integration organizations” (REIOs) will be “covered countries.” To be designated, however, the countries and REIOs must have either shared or agreed to share information with the U.S. for the purpose of “preventing, investigating, detecting or prosecuting” crimes, and must permit the transfer of personal data for commercial purposes to the US in a manner that does not materially impede the national security interests of the U.S. The Judicial Redress Act is intended to rebuild trust among European and other allies following the highly publicized leaks by former National Security Agency contractor Edward Snowden in 2013 and is a step by the U.S. to meet the requirements of the recently negotiated agreement with the EU for the exchange of information with U.S. law enforcement agencies.
The Judicial Redress Act gives citizens of covered countries who are not lawful permanent residents of the U.S. privacy protections similar to those available to U.S. citizens under the Privacy Act of 1974, 5 U.S.C. § 552a. In particular, it allows covered foreign citizens to request their records and correct information held by a designated federal agency that the person believes is not accurate, relevant, timely or complete — mistakes that could subject innocent people to criminal charges or unnecessary surveillance. In addition, foreign citizens may bring a civil action in federal court against a U.S. agency that intentionally and unlawfully discloses their personal data. Supporters of the new law suggest that extending privacy protections to citizens of U.S. allies is a crucial element to the U.S. law enforcement strategy because it helps ensure that these nations will continue to share law enforcement data with the United States.
About Data Points: Privacy & Data Security Blog
The technology and regulatory landscape is rapidly changing, thus impacting the manner in which companies across all industries operate, specifically in the ways they collect, use and secure confidential data. We provide transparent and cutting-edge insight on critical issues and dynamics. Our team informs business decision-makers about the information they must protect, and what to do if/when security is breached.
Data Points: Privacy & Data Security Blog Updates
- The Consumer Financial Protection Bureau Stakes Out Its Enforcement Authority Over Unfair Information Security Practices
- Maryland Amendments to Data Security and Breach Notification Law
- The Devil Really is in the Details: The SEC Proposed Rule on Cybersecurity Risk Management for Investment Advisors, Registered Investment Companies and BDCs
- Will the U.S. Finally Pass Comprehensive Data Privacy Legislation?