On July 12, 2016, the European Commission (“Commission”) formally adopted and released the Privacy Shield Adequacy decision, which will allow certified U.S. companies to transfer EU personal data to the United States.  The EU-U.S. Privacy Shield (“Privacy Shield”) replaces the U.S.-EU Safe Harbor framework (“Safe Harbor”), which was invalidated in October 2015 by the European Court of Justice (“ECJ”) in Maximillian Schrems v Data Protection Commissioner. The decision will immediately go into effect upon notification to the EU Member States.

The more than 4,400 U.S. companies that previously relied on the Safe Harbor and have been waiting for an alternative mechanism for data transfers can choose to self-certify to the Department of Commerce (“Commerce”) under the new Privacy Shield framework. Commerce will begin accepting Privacy Shield applications on August 1, 2016. This client advisory provides an overview of Privacy Shield, highlights key differences between Privacy Shield and Safe Harbor, and offers some key considerations given the forthcoming Global Data Protection Regulation and other data privacy developments.

Continue Reading What You Need to Know About Privacy Shield: An Overview of the New Transatlantic Framework