EU-U.S. Privacy Shield

Two updates that companies may find helpful regarding standard contractual clauses for cross-border transfers of personal data post invalidation of the EU-US Privacy Shield program.

Guidance from EU Data Protection Authorities

In the wake of the Schrems II decision from the Court of Justice of the European Union (CJEU), several EU Data Protection Authorities (DPAs)

On July 16, 2020, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield program.

Click here for the decision and here for the accompanying press release.

The Court concluded that (i) the EU-U.S. Privacy Shield program (“Privacy Shield”) does not provide adequate safeguards and the European Commission’s adequacy decision which facilitates

Now that the United Kingdom is (finally) exiting the European Union (EU) one question U.S. based companies have is what happens to transfers of personal data from the United Kingdom (UK) to the United States under the EU’s General Data Protection Regulation (GDPR). The International Trade Administration’s (ITA) Privacy Shield Team recently put out guidance

This week’s edition of the Compliance News Flash by Arnall Golden Gregory includes blurbs about the:

  • National Association of Professional Background Screeners (NAPBS) conference in Baltimore;
  • Temporary Protected Status program and an injunction against the government;
  • EU-U.S. Privacy Shield program and enforcement actions against organizations related to their certification;
  • Updated “A Summary of Your Rights

The full text of the EU-U.S. Privacy Shield (“Privacy Shield”) framework is now available.   Privacy Shield was “designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union