Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsEU and US Meet for Second Annual Privacy Shield Review
The United States and European Officials met in the last week as part of the second annual review of the US-EU Privacy Shield. The Privacy Shield is an agreement that establishes a framework to protect the personal data of EU citizens when it is transmitted to the United States and gives legal clarity to businesses making the transfers. It has been in operation since August 2016.
The framework is reviewed annually by the European Union. At the beginning of the annual review this year, the two parties issued a joint press statement expressing optimism that the two governments will continue to work closely to ensure the framework functions as intended. The joint statement indicated that the framework is of “vital importance to transatlantic data protection and commerce.”
There has been some discord over the past few months as the EU Parliament voted to suspend the Privacy Shield in a non-binding resolution over the summer unless the United States began complying with its terms. Since that vote, the United States has appointed a senior State Department official as Ombudsman and confirmed three new members to the independent Privacy and Civil Liberties Oversight Board (PCLOB).
The Privacy Shield is necessary because the EU does not recognize the United States as offering an adequate level of protections for the data privacy of its citizens without the agreement. As a result, the US government and many businesses have committed to uphold the protections specified in the agreement in order to make transfers between Europe and the United States.
Nearly 4,000 companies have made legally enforceable commitments to comply with the Privacy Shield. The Federal Trade Commission has brought several enforcement actions against companies that told consumers they would comply with the terms of the Privacy Shield but in reality were not participating in the Privacy Shield. The Commerce Department plans to revoke the certification of companies that do not comply with the data protection requirements of the Privacy Shield and the FTC intends to continue vigorous enforcement of those promises.
The EU will publish its conclusions before the end of the year. They are expected to extend the operation of the Privacy Shield for another year.
EU GDPR
– GDPR Compliance
– Consent Management Software
– GDPR Data Mapping Software
– DSAR Portal
– GDPR Text
ePrivacy
– Cookie Scanner
– Cookie Banner Generator
– Cookie Consent Manager
– ePrivacy Regulation
California Consumer Privacy Act
– CCPA Summary
– CCPA vs GDPR
– CCPA Privacy Software
– CCPA Webinar
On Privacy Shield:
EC Report for Second Annual Privacy Shield Review Finds Adequate Protection of Privacy
US Affirms Full Compliance with Privacy Shield Obligations
European Parliament Calls for Suspension of Privacy Shield in September
EU considering deadline for Privacy Shield compliance by United States
