A new data privacy protection agreement has been tentatively reached between the U.S. and the EU. This new agreement to be called the “EU-US Privacy Shield” replaces the 15-year-old EU-US Safe Harbor Program that US companies have relied on to ensure legal certainty when personal data from the EU to the US. The EU-US Safe Harbor was struck down late last year as not providing sufficient protection of personal information.
One of the most challenging obstacles to overcome in reaching this new agreement was the scope of access and transfer by U.S. government intelligence agencies. This new agreement should replace current uncertainty with clearer limitations and robust oversight and enforcement powers given to the Federal Trade Commission. US companies will be subjected to vigorous obligations on data processing guaranteeing individual rights. The new agreement also provides new redress options to any citizen who believes their personal information has been misused.
The EU-US Privacy Shield must now be approved by the European Union’s 28 member states. There will be both detractors and advocates, but it is nevertheless expected to pass muster. Details of the new agreement should be drafted over the next two weeks, and if approved, it would be effective from early April.
Let us help you with this hurdle to GDPR compliance.