What Europe’s New Privacy Shield Means For U.S. Companies

Come of the uncertainty attaching to data transfer from the EU to the United States has been removed, with the approval by the European Commission of the so-called EU-U.S. Privacy Shield. Starting on August 1, U.S. companies can begin to self-certify under the Privacy Shield, which replaces the “Safe Harbor” protocol that was invalidated by a European high court last year. In a client alert, Drinker Biddle & Reath attorneys Ken Dort and Jeremiah Posedel summarize the terms of the new document and what they mean for both European and U.S. companies. They note that this version is a rewrite of an earlier one that had been criticized for not being strict enough on a number of counts. Companies are advised to carefully review the terms of the new document, even as they prepare for possible push-back on it, too, from data protection authorities from some of the individual members of the EU.