On October 18, 2017, the European Commission published its report on the functioning of the EU-U.S. Privacy Shield framework (the “Privacy Shield”), marking the conclusion of its first joint annual review of the regime.
The Privacy Shield, which is administered by the International Trade Administration within the U.S. Department of Commerce (“DOC”), provides companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States. To join the Privacy Shield, a U.S.-based organization is required to self-certify to the DOC and publicly commit to comply with the Privacy Shield requirements. While joining the Privacy Shield is voluntary, once an eligible organization makes the public commitment to comply with the Privacy Shield requirements, the commitment will become enforceable under U.S. law.
Click here, to continue reading on the Cleary Cybersecurity and Privacy Watch blog.