CHAPTER 5: EU-U.S. PRIVACY SHIELD

As discussed in the previous chapter, the European Commission cannot grant the U.S. an adequacy decision due to its lack of a federal data privacy law, so EU organizations are unable to freely transfer personal data to the U.S. under the GDPR.

The EU-U.S. Privacy Shield is a data transfer mechanism that was adopted by the European Commission in July 2016 and became available on August 1, 2016. U.S. organizations attesting that they adhere to the framework’s seven Principles provide sufficient assurances that any EU personal data transferred to them is secure. This qualifies them for certification and trouble-free access to the European market as a data processor. Any personal data exchanged under the auspices ...

Get EU GDPR & EU-U.S. Privacy Shield: A pocket guide, second edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.