Warning over EU–US data framework, Aura Salla urges European data sovereignty

Written By Dr. Piyush Mathur

by Piyush Mathur

Dr. Aura Salla, Member of the European Parliament and rapporteur on the European Union’s (EU) forthcoming Digital Omnibus file, issued a forceful LinkedIn statement yesterday, May 19, 2026, calling for a reassessment of the EU–US Data Privacy Framework in light of Europe’s broader technological sovereignty ambitions. A member of the Committee on Industry, Research and Energy (ITRE Committee), her post all but dismissed the continued validity of the framework, citing weakened safeguards and altered ‘political commitments’.

The EU–US Data Privacy Framework—adopted in 2023 to restore a lawful basis for transatlantic data transfers after the July 2020 Schrems II judgment—remains central to EU–US digital relations. Yet Salla implied that the data privacy guarantees enshrined in the framework may no longer be carried out in reality by the US for Europeans.

Dr. Aura Salla &

Dr. Aura Salla & Maximilian (Max) Schrems; this is a partial screenshot of a photograph Dr. Salla included with her LinkedIn post.
(Screenshot credit: Thoughtfox)

‘Trust must be grounded in an enforceable rule of law’, she wrote in her post, pointing to an erosion of trust between the US and EU. She also underlined the need for contingency plans for Europe, just in case the EU-US Data Privacy Framework ‘is invalidated’.

Salla stopped short, however, of clearly identifying what ‘invalidation’ would look like procedurally or otherwise.

A growing divergence between the US and Europe as core partners on the global front is also strongly implied in her statement, which includes the appeal to fellow EU leaders to ‘start treating data as a strategic asset’.

Dr. Aura Salla’s LinkedIn post of May 19, 2026.

This is a clickable screenshot of Dr. Aura Salla’s LinkedIn post of May 19, 2026. (Screenshot credit: Thoughtfox)

Background

Salla’s intervention comes amid heightened EU focus on digital and data sovereignty, including institutional debates on Europe’s technological autonomy and sovereign cloud capacity.

As a member of the Parliament’s Committee on Industry, Research and Energy (ITRE), which oversees much of the Union’s digital and industrial policy, and as rapporteur on the Digital Omnibus legislative file, she occupies a pivotal role in shaping the regulatory environment governing Europe’s data economy. Her prescription includes ensuring European access to large-scale datasets for innovation, prioritising European technology in the public sector, strengthening the single market, and scaling cross-border talent and capital.

Salla concludes her post by thanking the Austrian digital-rights and legal activist Maximilian (Max) Schrems for a meeting and exchange of views. Beyond any practical outcomes attributable to this meeting in the future, her frontal mention of it can be considered symbolically significant for European digital unity given that Salla was Meta Platform’s Public Policy Director and Head of EU Affairs through 2020-2023, and Schrems has had several major legal run-ins with the same company.

Salla, Schrems, and Meta

Schrems’ cases involving Meta Platforms include the following:

  • Schrems I (C-362/14), October 6, 2015, in which the Court of Justice of the European Union invalidated the EU-US Safe Harbour framework

  • Schrems II (C-311/18), July 16, 2020, which struck down the Privacy Shield and tightened the rules governing Standard Contractual Clauses

  • C-446/21, October 4, 2024, which limited Meta’s ability to rely on broad data processing for targeted advertising under the General Data Protection Regulation (GDPR), and related Austrian civil proceedings challenging aspects of Meta’s data-processing and advertising model.

Salla was thus at Meta during Shrems II fall-out (2020) and subsequent GDPR-related litigation and enforcement actions; however, there is no public record of her being involved in these legal cases. Her role at Meta (2020–2023) was in EU public policy and government affairs, not litigation. Nevertheless, her public mention of her outreach to Schrems—a well-known resistor of Meta—is likely intended to signal to fellow Europeans that they now all have to be united in an evolving front against the US and its technology corporations.

Salla’s LinkedIn post overall indicates that, within the European Parliament, debate over the durability of the EU–US Data Privacy Framework is once again intertwined with the Union’s larger project of technological sovereignty—and that legislative scrutiny may intensify as Europe reassesses its strategic autonomy in data governance.

The ITRE Committee is slated to hold four meetings in June.

Meanwhile, also yesterday, the Commission had to delay formally presenting its ‘Tech Sovereignty Package’ for a third time. This postponement may have something to do with the latest US warning to EU against protectionism and its prospective impact on the EU-US trade deal. The presentation is now scheduled for June 3.

Salla is a citizen of Finland. Her post discussed here can be accessed via this Unique Resource Locator (URL):
https://www.linkedin.com/posts/aurasalla_dpf-data-share-7462125814424338432-I2VJ

Piyush Mathur, PhD, is the author of Technological Forms and Ecological Communication: A Theoretical Heuristic (Lexington Books/Bloomsbury, 2017). He is a member of the Coalition for Independent Technology Research (CITR).

See also: https://www.thoughtfox.xyz/shorts/eu-aura-salla-csam-proposal-denmark-european-parliament

Dr. Piyush Mathur
Next

Reform UK’s Glenn Gibbins’ Facebook remarks against Nigerians prompt online petition