It’s baaaack: The European Commission this month formally adopted the long-awaited transatlantic data transfer framework, establishing stringent new data privacy compliance obligations on U.S. companies seeking to transfer personal data from Europe into the United States.
The European Commission on July 12 adopted a final version of the EU-U.S. Privacy Shield, keeping intact all the data protection requirements set out in the proposed framework issued in February. Participating in Privacy Shield is voluntary. For companies that choose to participate, however, any non-compliance with Privacy Shield principles will be enforceable under U.S. law by the relevant enforcement authority, either the U.S. Federal Trade Commission (FTC) or the U.S. Department of Transportation (DOT). The U.S. Department of Commerce will begin accepting certifications Aug. 1.
The Privacy Shield... To get the full story, subscribe now.