WASHINGTON (Reuters) - U.S. companies will not face a much heavier compliance burden when new rules governing the protection of personal data between the United States and European Union come into effect, a senior Commerce Department official said on Monday.
After revelations about U.S. National Security Agency surveillance caused an uproar in Europe, negotiations are underway about changes to the “Safe Harbor” agreement that allows companies that gather customer information in Europe to send to the United States.
Ted Dean, Deputy Assistant Secretary for Services at the U.S. Department of Commerce, said the administration aimed to meet or even surpass recommendations made by the European Commission late last year but also wanted to make sure U.S. companies were not hit with a high regulatory burden.
“What we are aiming for at the end of this process is going to be, if I can offer some assurance, fairly recognizable to what you are doing now,” he said at a U.S. Chamber of Commerce event on data privacy.
“We are very conscious of the compliance costs and what companies need to do to implement safe harbor, and what they already do to implement safe harbor.”
A survey of 35 multinational companies by the U.S. Chamber of Commerce and law firm Hunton & Williams found 70 percent relied on the Safe Harbor program for cross-border data transfers to the United States. One reported that key clients had insisted on a blanket ban on data transfers in the wake of the debate about cyber-spying.
More than 3,000 U.S. companies are registered to take part in the program to receive data coming from the European Union.
Editing by Eric Walsh