Earlier this week, the U.S. Attorney General designated 26 countries and the European Union as “covered countr[ies]” under the Judicial Redress Act. The Attorney General has simultaneously designated 13 “Federal agenc[ies] or component[s]” under the Act. These designations enable citizens of the “covered countr[ies]” to sue and seek remedies in U.S. court if one of the designated “Federal agenc[ies] or component[s]” violates the Privacy Act of 1974.

The Privacy Act protects against intentional or willful unlawful disclosure of covered records containing personal information and provides for certain individual rights to access and amend such records. This blog previously reviewed the Act and the remedies offered under the Act (here and here).

By enabling EU citizens to bring lawsuits under the Privacy Act, the Judicial Redress Act represents a continued U.S. attempt to address European concerns about the effective exercise of privacy rights for EU citizens. These concerns played an important role in the European Court of Justice’s decision in October 2015 to invalidate the Safe Harbor Framework, and EU officials and activists continue to press the issue as part of the larger dialogue between the EU and U.S. regarding EU-U.S. data transfers. For example, last year’s EU-U.S. Privacy Shield agreement provides multiple, detailed procedures designed to ensure that EU citizens have recourse for privacy harms.

Under the Judicial Redress Act, the following “covered country” designations will be effective February 1, 2017:

1. European Union
2. Austria
3. Belgium
4. Bulgaria
5. Croatia
6. Republic of Cyprus
7. Czech Republic
8. Estonia
9. Finland
10. France
11. Germany
12. Greece
13. Hungary
14. Ireland
15. Italy
16. Latvia
17. Lithuania
18. Luxembourg
19. Malta
20. Netherlands
21. Poland
22. Portugal
23. Romania
24. Slovakia
25. Slovenia
26. Spain
27. Sweden

The Attorney General notes that it “intends to move promptly” to expand this list to include Ireland and the United Kingdom provided it receives relevant notifications from the European Commission.

The following “Federal agency or component” designations will also be effective February 1, 2017:

1. United States Department of Justice
2. United States Department of Homeland Security
3. United States Securities and Exchange Commission
4. United States Commodity Futures Trading Commission
5. Bureau of Diplomatic Security, United States Department of State
6. Office of the Inspector General, United States Department of State
7. Alcohol and Tobacco Tax and Trade Bureau, United States Department of the Treasury
8. Financial Crimes Enforcement Network, United States Department of the Treasury
9. Internal Revenue Service, Division of Criminal Investigation, United States Department of the Treasury
10. Office of Foreign Assets Control, United States Department of the Treasury
11. Office of the Inspector General, United States Department of the Treasury
12. Office of the Treasury Inspector General for Tax Administration, United States Department of the Treasury
13. Special Inspector General for the Troubled Asset Relief Program, United States Department of the Treasury

[View source.]