January 28 is an internationally celebrated Data Privacy Day, initiated to raise awareness and promote privacy and data security. It’s, therefore, rather ironic that US President Donald Trump chose the very same week to sign an executive order that limits Privacy Act protections.
Among other things, the immigration-related executive order titled “Enhancing Public Safety in the Interior of the United States” includes a provision aimed at eliminating privacy protection for foreigners. It explicitly removes the ability of federal agencies to offer protections under the Privacy Act to anyone except US citizens or legal permanent residents.
The order seems to have been designed to allow law enforcers to track foreign nationals who have come into the US illegally or overstayed their visas. However, language of the order has raised many international concerns about security of personally identifiable information of non-Americans.
Observers have noted that the executive order might have an impact on up to 90 per cent of Internet traffic in Canada, which is commonly routed through the US. If the US cannot guarantee the privacy of the traffic, it means significant issues for Canadian Internet users and sends a message that the US may not be a safe place for business.
The order also raised broader concerns about the collection of Canadian personal information by US agencies as well as data that the Canadian government shares with US authorities under the Five Eyes alliance. Even before the order, the cooperation between agencies of the neighboring countries resulted in privacy breaches, such as mental health records of Canadian citizens being accessed by the FBI and the US border control.
Last year, the US and the EU implemented a data agreement known as Privacy Shield. It’s a framework aimed to safeguard the fundamental rights of European online users whose personal data is collected and handled by US companies and organizations.
Naturally, Trump’s executive order raised a number of questions regarding the privacy protections of EU citizens. Jan Philipp Albrecht, the European Parliament’s rapporteur on data protection regulation, even suggested that the Privacy Shield should be immediately suspended and the US sanctioned for breaching the agreement.
However, so far it seems that the order does not impact the specific assurances given by the US in the bilateral agreement. Privacy Shield, which covers private company databases, does not rely on the Privacy Act’s protections, which are applicable to government databases. Furthermore, EU citizens are already covered by the US Judicial Redress Act, which grants them a right of action for privacy violations that occur in the US.
Nevertheless, EU institutions remain vigilant about any potential future changes in the US that might have an effect on Europeans’ data protection rights.
US citizens and legal permanent residents are not affected by the provision, but it directly targets around 11 million undocumented immigrants. President Trump seems intent on showing the anti-immigrant wing of his voters that the more conciliatory Obama-era approach to migrants is over.
Meanwhile, legal residents of the US should stay on the lookout for future developments. The recent slew of executive orders has not touched upon the mass surveillance powers of government agencies, but Trump has expressed support for expanding surveillance measures before the election.
Whether or not you are affected by the latest US policies, it is imperative to be vigilant in your online activities. Secure privacy tools, such as NordVPN, will encrypt your Internet traffic and protect your identity and personal information from government snooping and being tracked by advertisers.
What do you think about the executive order? Does it affect you? Share your thoughts in the comment section below!