A short section of President Trump's immigration executive order that tells agencies "ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information" is drawing attention in tech circles.
Why privacy hawks are worried:
- Nuala O'Connor, the head of the Center for Democracy and Technology, said that the order sends the message that "people who don't hold a U.S. passport or current green card are not entitled to the same dignity as those of us who do."
- It raises questions about the United States' broader approach to protecting the data of non-citizens.
The bigger picture: The order has worried some in Europe, where recent revelations about American tech companies working with the government surveillance regime have caused officials to be wary of Silicon Valley. It also raises questions about the fate of the US-EU Privacy Shield agreement governing the transatlantic transfer of data.
Hold your horses: A European Commission spokesperson told TechCruch that the Privacy Shield agreement "does not rely on the protections under the U.S. Privacy Act." But the body has promised to keep an eye on the issue.
Update: Ken Propp, a director at software trade group BSA, says that the executive order "should not affect the privacy protections afforded under the US-EU Privacy Shield," and cited the agreement's grounding in a law called the Judicial Redress Act.