Executive Order weakens US data protection for foreigners

US President Donald Trump signed an executive order, which could further weaken the data protection level for non-US citizens (as reported by heise.de). Section 14 of the order of January 25 states:

Sec. 14.  Privacy Act.  Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.

This means US agencies shall not apply privacy regulations to foreigners. This might threaten the new Privacy Shield agreement between the EU and the US which requires a data protection level comparable to EU standards in order to allow transfer of personal data to the US. Companies might therefore face legal uncertainties in future when they process personal data under US legislation. To avoid those risks, European companies should rely on European infrastructure providers solely.

Further details at heise.de (in German).