French digital rights group La Quadrature du Net is seeking to annul the European Commission decision implementing Privacy Shield The Privacy Shield transatlantic data transfer deal is now caught in a pincer action: A week after it emerged that Irish digital rights activists had filed suit to annul the deal come reports that a French campaign group has begun its own legal action.French civil liberties campaign group La Quadrature du Net filed suit against the European Commission, the European Union’s executive body, on Oct. 25.Although the Court of Justice of the EU has not yet published details of the complaint, Brussels-based news agency Euractiv reported Thursday that La Quadrature’s goal is to annul the Commission’s decision that Privacy Shield provides adequate protection under EU law when the personal information of EU citizens is transferred to the U.S. for processing.Digital Rights Ireland filed a similar suit against the Commission in September, it emerged last week. Details of that case have not yet been released either, and DRI declined to comment. Privacy Shield entered effect in July, a replacement for the Safe Harbor framework that in October 2015 was overturned by a decision of the CJEU. Transatlantic commerce worth US$260 billion is reliant on the transfer of data that Privacy Shield enables, U.S. Secretary of Commerce Penny Pritzker has said, and its interruption would have consequences for many companies offering cloud services to consumers.By going to the court directly rather than making its complaint through a national data protection authority, DRI must prove that Privacy Shield is “of direct and individual concern” to it. That will be “an uphill battle,” according to Aaron Tantleff, a privacy and information security lawyer at Foley & Lardner. La Quadrature, as a campaigning body rather than a collection of individuals with personal privacy rights to defend, will presumably face the same difficulty.Neither the European Commission nor La Quadrature responded immediately to requests for comment on the court filing, details of which will eventually be published in the EU’s Official Journal. Related content news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices feature 20 years of Patch Tuesday: it’s time to look outside the Windows when fixing vulnerabilities After two decades of regular and indispensable updates, it’s clear that security teams need take a more holistic approach to applying fixes far beyond the Microsoft ecosystem. By Susan Bradley Dec 06, 2023 6 mins Patch Management Software Threat and Vulnerability Management Windows Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe