Following the collapse of the Safe Harbour regime last year, the European Commission and the US Department of Commerce have been working together to construct a replacement regime for the transfer of personal data from Europe to the US.
The creation of the Privacy Shield was first announced in February and, following months of wrangling concerning the adequacy of the Shield, it has now been approved and comes into force with immediate effect. The central aim of the Shield is to impose stronger obligations on US companies to protect the personal data of Europeans. These include: further requirements relating to greater transparency; conditions relating to the onward transfers of data; and greater sanctions if companies fail to comply with those obligations.
The major obstacle to finalising the Privacy Shield has been the level of access to European's personal data by US authorities. This issue has now been resolved and for the first time public authorities in the US have provided written commitments and assurances that there will be no indiscriminate or mass surveillance of personal data transferred from the EU. An independent Ombudsperson mechanism has also been created to handle and resolve complaints from individuals regarding the processing of their personal data in the US.
Bevan Brittan's Information Law Team specialise in assisting organisations with the legal transfer of personal data to the US. If you require advice in relation to data sharing with the US, please contact Emma Godding or Jonathan Moore.