Can we rely on the new Privacy Shield?

read titleRead full title
Published on LexisPSL on 04/08/2016

The following Information Law Q&A provides comprehensive and up to date legal information covering:

  • Can we rely on the new Privacy Shield?
  • What is Privacy shield?
  • How does it work?
  • Is it safe to rely on Privacy Shield?
  • What should you do next?

Can we rely on the new Privacy Shield?

What is Privacy shield?

On 29 February 2016, the European Commission announced draft details of the EU–US Privacy Shield to replace the Safe Harbour Agreement and it quickly attracted widespread criticism from the Article 29 Working Party (the domestic data protection regulators), the European Data Protection Supervisor and the European Parliament.

Negotiations continued until 12 July 2016, when the Commission finally officially adopted the Privacy Shield framework and published the following documents:

  1. Adequacy decision

  2. Annexes 1–7

  3. EU-US Privacy Shield: Frequently Asked Questions

  4. Factsheet: EU–US Privacy Shield

  5. Communication: Transatlantic Data Flows: Restoring Trust through Strong Safeguards

How does it work?

From 1 August 2016, US organisations are able to self-certify themselves (as having adequate systems in place to safeguard data) with the US Department of Commerce (DoC). The Commission's decision of 12 July 2016 means that any organisation registered in this manner will be deemed to provide an adequate level of protection to the personal data of EU citizens.

Those organisations who register with the DoC before 1 October 2016 will have nine months from registration to bring their pre-existing commercial

Popular documents