Created in 2016 to replace the invalidated U.S.-EU Safe Harbor agreement, the Privacy Shield is a data transfer mechanism negotiated by U.S. and EU authorities that received an adequacy determination from the European Commission that allowed for the transfer of personal data from the EU to the United States for companies participating in the program. Only those companies that fell under the jurisdiction of the U.S. Federal Trade Commission could certify to the Shield principles and participate, which notably excludes health care, financial services, and non-profit institutions. On July 16, 2020, the Court of Justice of the European Union invalidated the European Commission’s adequacy determination for Privacy Shield.
EU-US Privacy Shield
Tags:
Related Stories
Privacy Shield and the UK — FAQs
This guidance page, published by Privacy Shield Framework, provides information through a list of frequently asked questions regarding the EU-U.S. Privacy Shield Framework and the United Kingdom in light of the Brexit negotiations.
Click to View...
The EU-US Privacy Shield – To Certify or Not to Certify
This webinar, produced by Fieldfisher, has leading experts in the privacy, security and information field explaining how the EU-U.S. Privacy Shield came into existence, what companies wanting to certify under the EU-U.S. Privacy Shield will need to do, and whether the EU-U.S. Privacy Shield is right...
Data & Marketing Association Privacy Shield FAQs
This publication by the Data & Marketing Association provides a answers to a list of frequently asked questions pertaining to the EU-U.S. Privacy Shield Framework. The Privacy Shield was designed to provide companies with a mechanism to comply with data protection requirements when transferring ...
EU-U.S. Privacy Shield Annex I Binding Arbitration Mechanism
The International Centre for Dispute Resolution, the international division of the American Arbitration Association, manages the Privacy Shield Annex I Arbitration Mechanism and Arbitral Fund. This website offers information for the Annex I Binding Arbitration Mechanism. The ICDR’s primary functions...
Privacy Shield Notice Requirements
The U.S. Department of Commerce spells out 13 details of an organization's privacy practices that must be provided "in clear and conspicuous language when individuals are first asked to provide personal information to the organization or as soon thereafter as is practicable ... " in order to comply ...