Regulatory Conflict and the Struggle for Digital Sovereignty: A Critical Analysis of the EU-U.S. Data Privacy Framework

Abstract

After the EU-U.S. Privacy Shield was invalidated, both sides introduced the “Data Privacy Framework” in late 2022 to restore cross-border data flow order. In July 2023, the European Commission issued an adequacy decision recognizing U.S. data protection. However, the framework does not curb U.S. intelligence agencies’ mass surveillance, and its redress mechanism lacks independence and effectiveness. Substantially, it offers little progress over the Privacy Shield. The EU-U.S. negotiations reflect a deeper clash between the EU’s “digital sovereignty” and the U.S.’s “digital hegemony.” Their competition for digital governance influence holds key lessons for developing countries in shaping their data regulation strategies.