- On December 1, the government received new hacking powers when Congress failed to block the changes to Rule 41 of Federal Criminal Procedure that were approved by the Supreme Court in April. Sen. Ron Wyden (D-OR) called this “one of the biggest mistakes in surveillance policy in years,” with one judge being able to use a single warrant to hack thousands and possibly millions of cellphones and tablets.
- On January 11, EU Justice Commissioner Vera Jourova stated that the U.S. has not satisfied the EU’s concerns about Yahoo's scanning of all customers' incoming emails for intelligence purposes. The European Commission had asked the U.S. in November for an explanation of the Yahoo scanning, making this a test case for how forthcoming the U.S. would be in clarifying its surveillance practices. According to Jourova, "I am not satisfied because to my taste the answer came relatively late and relatively general, and I will make clear at the first possible opportunity to the American side that this is not how we understand good, quick and full exchange of information."
- On January 12, the outgoing Obama administration expanded the power of the National Security Agency to share globally intercepted raw personal communications with the government’s 16 other intelligence agencies before applying privacy protections.
Update: On January 25, President Trump issued an executive order on enhancing public safety that directed agencies to exclude non-U.S. citizens from Privacy Action protections. Since legal redress via the Privacy Act is one of the underpinnings of Privacy Shield, the order prompted broad debate as to whether it would lead to the collapse of the framework. Most observers subsequently concluded that because of an exception made for applicable law, the order did not withdraw Privacy Act protection from personal data transferred from Europe. Nevertheless, the European Commission was reported to be seeking written confirmation of this interpretation of the order.