US President Donald Trump may have thrown a wrench into New Jersey’s plans to share online poker liquidity with gambling operators in European markets.
On Thursday, Trump’s tiny fingers signed yet more executive orders, including one titled Enhancing Public Safety in the Interior of the United States, that could have significant implications for a reciprocal data privacy deal with the European Union.
Section 14 of Trump’s order states that the nation’s intelligence agencies “shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”
Trump’s order appears to conflict with the provisions of the EU-US Privacy Shield, a data protection deal that took effect last year. Much of the point of the deal was to ensure that US businesses could conduct cross-border transactions with EU firms while offering EU customers ‘essentially equivalent’ privacy protections in the US.
Trump’s order also appears to threaten the new EU-US Umbrella Agreement, which is supposed to take effect February 1. The Agreement extended the US Privacy Act’s data protection benefits to EU citizens, but Trump’s order has left privacy advocates fearing that Trump doesn’t intend to honor data deals struck under President Barack Obama.
The European Commission subsequently issued a statement attempting to calm the waters, saying the Privacy Shield and Umbrella Agreement would ensure that “EU citizens’ data is duly protected when transferred to the US.”
That said, the language in Trump’s order was sufficiently ambiguous that the EC added that it would “continue to monitor the implementation” of the two data deals and “are following closely any changes in the US that might have an effect on European’s data protection rights.”
Last July, the New Jersey Division of Gaming Enforcement reached an agreement in principle with the UK Gambling Commission to permit the two jurisdictions’ licensed gambling operators to share online poker liquidity. While the deal has a long way to go before cross-border bets are a reality, Trump’s executive order has injected more uncertainty into the process.
There’s also the small matter of how much longer the UK will remain under the EU umbrella following last year’s Brexit vote. Assuming the UK follows through on its pledge to leave the EU, the UK would presumably have to work out a bilateral data privacy deal with the US before PokerStarsNJ.com players could play against their PokerStars.co.uk counterparts.
FEDERAL COURT REJECTS DOJ EXTRATERRITORIAL OVERREACH
Meanwhile, Tuesday saw a US federal court reject the US Department of Justice’s assertion that it has the right to force private companies to turn over data held on computer servers based outside the US.
Last July, a three-judge panel of the US Second Circuit Court of Appeals ruled that the Stored Communications Act of 1986 allowed the DOJ to get tough with private companies regarding data held on US servers, but not on overseas servers. The defendant in this case was Microsoft, but dozens of companies filed briefs in support of Microsoft, including Apple, Amazon, Verizon, Cisco and the US Chamber of Commerce.
Arguing that the ruling hindered its ability to maintain national security, the DOJ sought a rehearing of its appeal by the full Second Circuit. The Court handed down a split 4-4 verdict on Tuesday, meaning last July’s ruling is upheld. The DOJ is currently reviewing its options, but will likely appeal the matter to the US Supreme Court.
It’s also likely that Congress – particularly the current GOP-dominated class – will at some point step in to explicitly authorize the extraterritorial scope of US law enforcement agencies. But frankly, this all smacks of public posturing. As Edward Snowden so ably demonstrated, if it’s online, the US intelligence community is already reading it.