Privacy Shield replacement on track, though hurdles remain
By 
Neil Hodge2023-03-03T14:00:00
Since the most recent mechanism to ensure “safe” data transfers between the European Union and United States was rescinded, companies on both sides of the Atlantic have hoped a viable replacement would come into force quickly to provide the same level of legal assurance.
Fortunately, momentum is gathering toward a new standard.
The July 2020 ruling by the Court of Justice of the European Union (CJEU) to invalidate the Privacy Shield placed companies at increased risk of violating the EU’s General Data Protection Regulation (GDPR) when transferring data between the two regions. This is because U.S. surveillance laws allow excessive access to EU citizens’ personal data for national security reasons.
In the aftermath of the ruling, standard contractual clauses (SCCs) and binding corporate rules (BCRs) gained popularity as alternatives for enabling transatlantic data flows. But neither mechanism provides the cover of the Privacy Shield, meaning businesses have viewed a new agreement between the European Union and United States as necessary.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefEU adopts Privacy Shield replacement for U.S. data transfers
The European Commission announced it adopted a new agreement with the United States to allow for transatlantic data flows without fear of violating the European Union’s General Data Protection Regulation.
-
PremiumBig Tech, ad industry bracing for Meta data transfer decision
Meta and other Big Tech firms will soon learn if they might be prevented from transferring the personal data of European citizens to the United States in the way they do now.
-
ArticlePortugal statistics office fined record $4.6M for GDPR violations
The government office for national statistics in Portugal was assessed a fine of €4.3 million (U.S. $4.6 million) by the country’s data protection authority for multiple violations of the General Data Protection Regulation that occurred during its 2021 census work.
More from Data Privacy
-
PremiumCompanies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
-
PremiumMany dating apps a matchmaker for cybercriminals, study finds
Location-based dating apps are not doing enough to protect user privacy, with exact location and other personal data being exploited by stalkers and bad actors, a recent analysis found.
-
PremiumWhat’s on tap for CPPA from its deputy director of enforcement
Michael Macko, deputy director of enforcement at the California Privacy Protection Agency, described priorities for the agency now and in the near future during a recent board meeting.