Tag

Privacy Shield

Browsing

On midnight January 31, 2020, the United Kingdom’s law formally governing its exit from the European Union went into effect.  From a data protection perspective, however, Brexit has not resulted in any changes in law.  In fact, The EU Withdrawal Agreement implements a transition period to resolve post Brexit concerns and other formalities through December 31, 2020.  During that time period, most EU law (including GDPR) will continue to apply, and, presumably, the UK will…

The Federal Trade Commission (FTC) finalized settlements with five companies for claiming EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield certification. Those companies included organizations focused on providing workforce solutions, collaboration platforms, artificial intelligence analytics, clinical trial management, and other IT providers. The actions In each case, the FTC alleged that each company wrongfully claimed current certification under either the EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield. Both frameworks establish a mechanism for companies to legally…

The European Union Commission (Commission) has issued a report on its findings from the third annual Privacy Shield review, which took place in September. In its report, the Commission confirmed that the EU-US Privacy Shield framework continues to ensure an adequate level of protection for personal data transferred from the EU to companies participating in the Privacy Shield program in the United States. In concluding its report, the Commission provided additional action items necessary to…

On September 8, 2017, three U.S. companies settled actions brought by the Federal Trade Commission (“FTC”) for misleading consumers about their participation in the EU – U.S. Privacy Shield Framework (“Privacy Shield”). These were the first Privacy Shield enforcement actions brought by the FTC. The Privacy Shield replaced the U.S. – EU Safe Harbor framework as the legal mechanism for transatlantic data flows in August 2016. It functions through a self-certification process by which U.S.…

United States Commerce Secretary Wilbur Ross and the Trump administration recently confirmed their commitment to the US-EU Privacy Shield (“Privacy Shield”) framework in meetings held with European Union Justice Commissioner Vera Jourova. Commissioner Jourova went to Washington to gain reassurance from the Trump administration that it would maintain its commitment to the Privacy Shield framework. In an interview on Thursday, Commissioner Jourova stated that Secretary Ross assured her that he understood the importance of Privacy…

2016 saw further seismic changes to the data protection framework globally and, in particular, the EU. The year heralded the long-negotiated GDPR, the NIS Directive, the Privacy Shield and ended with a flurry of further developments at EU and UK level.We have pulled together a summary of key developments as well as things to watch out for in 2017.Article 29 Working Party (“WP29”) Guidelines on GDPRThe WP29 adopted guidelines on three major GDPR requirements, namely:DPOLead…

On January 11, 2017, the US and Swiss authorities announced their agreement on a new cross-border data transfer framework, the Swiss-US Privacy Shield Framework, to allow US companies to meet the requirements for transfers of personal data from Switzerland to the US. This new Framework, which will replace the existing US-Swiss Safe Harbor program, will begin accepting self-certifications from US companies starting on April 12, 2017. The Framework requirements were described by Swiss authorities as…

With over 2,000 companies so far taking advantage of the EU-US Privacy Shield Arrangement to transfer information from the European Union to the US, a need certainly exists in the marketplace for compliance solutions to cross-border data flows. For companies transitioning over to Privacy Shield, or even those self-certifying to Privacy Shield for the first time, our team of privacy experts is here to assist in navigating this complex new framework. Below is a high-level checklist…

After much negotiation between the U.S. and European authorities, the Department of Commerce (DOC) began accepting applications to the EU-U.S. Privacy Shield Framework on August 1, 2016. Although there was considerable speculation about whether U.S. companies would participate in the program due to the possibility of legal challenges in Europe and the more stringent requirements of Privacy Shield over Safe Harbor, more than 75 companies have already completed the self-certification process, and many more have…

As of August 1, 2016, U.S. companies can now self-certify compliance to the EU-U.S. Privacy Shield (“Privacy Shield”) to the U.S. Department of Commerce (see https://www.privacyshield.gov/welcome). Privacy Shield is a new legal mechanism that provides “adequate protection” within the meaning of EU data protection laws for transatlantic data flows to the United States. Privacy Shield replaces the U.S.-EU Safe Harbor Arrangement (“Safe Harbor”) as a key mechanism for EU to U.S. data transfers, as the…