European Union Approves EU-US Privacy Shield

By Michael Klazema on 7/15/2016

The European Union (EU) approved the EU-US Privacy Shield, a framework designed to replace the now-defunct Safe Harbor, on Tuesday. The approval ends months of “Will they? Won’t they?” as certain European entities roundly endorsed the framework while others came out squarely against it. Now that the EU has endorsed the Privacy Shield, the US Commerce Department is moving fast to get it launched. Commerce will begin accepting applications for Privacy Shield on August 1, and the Shield takes effect immediately.

What follows are the key requirements of the EU-US Privacy Shield:

  • Companies to self-certify. Being a member of the Privacy Shield is optional; however, participants who do join must self-certify with the Commerce Department and publicly declare their commitment to comply. Once the company makes the public declaration, that commitment is enforceable under US law.
  • Free Dispute Resolution. With a nod to the FCRA, Privacy Shield requires a free and accessible disputes process for individuals; participating companies must respond within 45 days.
  • Data limitation. Participants must commit to limiting the use of the data collected, which is consistent with European privacy principles.
  • Greater accountability for data transferred to third parties. Privacy Shield participants must ensure through process and contractual means that data transferred to their parties is handled with the same level of commitment to the Shield.
  • Ongoing commitment to data protection. Even if a company decides to leave the Privacy Shield, it must continue to protect the information it collected while it was a participant.

The Privacy Shield is similar to the Safe Harbor framework it replaces. It does, however, resolve the most common Safe Harbor complaints which typically centered on the wide surveillance berth perceived to be taken by government and law enforcement communities. 

What This Means: 

The EU approval means that US companies now have a clear path forward in creating data privacy programs that actually comply with European standards. Rather than an outright rejection of everything Safe Harbor, Privacy Shield holds many of the same fundamental principles that were present in the now-defunct framework. It does provide more clear guidance in areas such as individual complaints, information sharing with government agencies and verification of compliance with privacy principles.

What You Should Do:

Tag Cloud
Recent Posts

Latest News

  • October 11 Sporting organizations have long maintained lists of people barred for misconduct. A new agency wants to collect those names into a publicly searchable database.
  • October 09 In July, Ohio Governor John Kasich signed an executive order requiring criminal background checks for all Medicaid providers. Some healthcare professionals, particularly counsellors to drug addicts, worry the new rule could cost them their jobs.
  • October 05 After a city in Georgia adopted ban the box rules to increase fairness in hiring, unforeseen conflicts with additional city regulations rendered the change ineffective. The city must now find a fix. 
  • October 04 Whether you are applying for a job that involves driving or renewing your car insurance policy, your driving record can have an impact on what comes next. At, we offer a way to check the accuracy of your record.
  • October 03 What should employers expect to see on criminal history reports, and what should job seekers expect these checks to reveal? We take a look at what shows up on criminal background checks.
  • October 02 Employers across the country are becoming more open to hiring people with criminal records. The reasons behind the shift range from new laws to the state of the job market.
  • October 01 Insurance points can affect how much you pay for your auto insurance policy. How are these points assessed and what do you need to know about them?
  • September 28 A driver’s license check includes more than just details about moving violations. Here’s what to expect if an employer or insurance provider pulls your driving record.
  • September 28

    Your driving record can impact your car insurance rates—and coverage options—in several ways. Learn how insurance companies use motor vehicle records to adjust their rates.

  • September 27 — With an aging population, long-term in-home care options are becoming more popular. In many cases, state governments have failed to provide thorough vetting procedures, leading to incidents of harm.