Should Companies Use the Privacy Shield to Protect Against EU-US Data Transfer Risks?
After months of negotiations, it’s official: the EU-US Privacy Shield has been formally approved on both sides of the Atlantic, by the EU Commission and the US Commerce Department, despite concerns surrounding the adequacy of its earlier version.
The Shield is one of the legal mechanisms for transferring EU individuals’ personal information from the European Union to the United States. It is the replacement for the US-EU Safe Harbor framework, which was invalidated by the EU’s highest court last year. Earlier this year, both the Commission and Commerce announced the Shield as the product of their labor to negotiate a new data transfer framework. They shortly thereafter released the first text of the Shield, which was met with criticisms, particularly on the EU side, leading the two parties to revisit their negotiations and come up with a stronger framework.
We have reviewed the final text of the Shield, compared it to the first draft, and highlighted below its important aspects, for you to consider.
*This alert was originally posted on Arent Fox's Behind the Scenes blog. To read this alert in its entirety, please click here.