Why Europe must refuse the data-sharing deal with the US

06 May 2026, 09:48 · EUobserver

‘Digital sovereignty’ cannot be just a buzzword – under the framework being discussed, European citizens data would flow toward US law enforcement and intelligence agencies without equivalent protections or access for Europeans in return (Source: Christin Hume)

Opinion

Why Europe must refuse the data-sharing deal with the US

Unlock article and share
By Eric Pol,
Helsinki
,

For the past decade, Europe has positioned itself as the global conscience of the digital age.

Starting with the General Data Protection Regulation (GDPR), the European Union has sent a clear message to the world: personal data belongs to the individual, not the state and certainly not the corporation.

Drawing this line in the sand, Europe offered a glimmer of hope in an otherwise dark landscape of privacy threat and surveillance scandals.

More importantly, this leadership offered hope that digital rights could build a foundation for trust-based data sharing, unlocking high-quality data, better digital services, and strengthening the AI value chain.

The EU’s leadership is now on a precipice. Our push for digital sovereignty was driven by concern that the US Cloud Act might give the US administration access to US-owned data centres in Europe. Yet, today the European Commission is considering a deal with the US authorities to share the personal data of European citizens in exchange for the continuation of visa-waiver scheme.

This is not diplomatic negotiation; it is a fundamental test of Europe’s backbone. If digital sovereignty is to mean anything, declarations and investment aren’t enough. It must be a reality in practice.

The illusion of reciprocity

The European Data Protection Supervisor (EDPS) has been clear in arguing that the European Commission should refuse this deal because the agreement is not truly reciprocal.

In the world of international diplomacy, a deal implies a fair exchange. But under the framework being discussed, European citizens data would flow toward US law enforcement and intelligence agencies without equivalent protections or access for Europeans in return.

When we talk about sharing data with US authorities, we are talking about the intimate details of European lives being subjected to a legal system that does not recognise the values and protections of the European Charter of Fundamental Rights.

This is why organisations like MyData Global are raising the alarm. We are calling for three systemic shifts to make it a reality:

From formal rights to actionable rights: It is not enough to have a legal right to data privacy if you cannot easily exercise it. Digital sovereignty requires tools that allow citizens to see, move, and manage their data with a single click.
From data protection to data empowerment: Protection is defensive. Empowerment is proactive. Individuals should be able to use their data to get better healthcare, more personalised education, or smarter financial advice without surrendering their privacy to a “Big Brother” entity.
From closed to open ecosystems: We must move away from ‘walled gardens’ where a few tech giants (largely based in the US) hold all the keys, and create ecosystems where data moves to serve the people from whom it comes.

By considering a non-reciprocal data-sharing deal, the European Commission is moving in the opposite direction of these shifts.

Instead of empowering the individual, we risk reinforcing a model where data is a commodity used for state surveillance and corporate profit. The EU will lose its position as the potential torchbearer of the alternative global data and AI paradigm.

This is dangerous. But it is also important to acknowledge the context in which these negotiations are occurring. The commission’s services are under immense pressure from their American counterparts. The pressure to ‘get along’ and maintain security ties is being used as a lever to pry open the personal lives of European citizens.

But yielding to this pressure would be a historic mistake. If the EU, the architect of the world’s most robust data governance model, capitulates on the fundamental right to privacy, the global standard for AI and data governance will crumble.

The commission has a choice: it can remain the global leader in ethical data governance, or it can become a junior partner in a lopsided data regime.

For the sake of 450 million European citizens, let us hope they choose the former. Sovereignty is not a gift to be traded; it is a right to be defended, and an opportunity.

Unlock article and share

Latest from Big Tech

The European Tech sovereignty debate keeps getting this simple premise wrong

Cookies, consent, and clicks – will the EU new ‘Reject All’ rules work?

Latest from Digital

The Kremlin’s ‘digital Iron Curtain’ signals weakness and fear

Secrecy tracker: Data centre secrecy and top EU court database ‘disaster’

Latest from EU and the World

With Nato’s car-crash Ankara summit looming, the West needs a new survival strategy

Europe’s brutal awakening – the costs of its inaction in the Middle East

Latest from US

Leaked data deal fuels concerns as Europeans risk US entry bans for critics of Trump

Listen: Trump threatens with new tariffs on cars, will the EU retaliate?

Latest from Opinion

Aid is not a migration deterrent — it never should be, and here’s why

After flotilla raid, EU sticks to ambiguous warnings on Gaza aid missions

Topics

Author Bio

Eric Pol serves as the Board chairman of MyData Global, the Helsinki-based award-winning non-profit championing individual data rights and ethical AI governance across 45 countries.