Created in 2016 to replace the invalidated U.S.-EU Safe Harbor agreement, the Privacy Shield is a data transfer mechanism negotiated by U.S. and EU authorities that received an adequacy determination from the European Commission that allowed for the transfer of personal data from the EU to the United States for companies participating in the program. Only those companies that fell under the jurisdiction of the U.S. Federal Trade Commission could certify to the Shield principles and participate, which notably excludes health care, financial services, and non-profit institutions. On July 16, 2020, the Court of Justice of the European Union invalidated the European Commission’s adequacy determination for Privacy Shield.