Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: eu-us privacy shield

Posted in International/EU Privacy

Navigating from Safe Harbor to Privacy Shield: A Primer

In less than one week, on August 1, U.S. companies may begin to submit self-certifications to the EU-U.S. Privacy Shield framework at www.privacyshield.gov. Those companies that previously certified to the predecessor Safe Harbor framework are in a particularly good position to certify to the Privacy Shield, which built upon Safe Harbor’s core principles by adding meaningful substantive and procedural privacy protections for EU individuals.

A company seeking to transition from Safe Harbor to Privacy Shield will need to engage in three general steps: (1) update its external-facing privacy policy; (2) develop internal policies and procedures to comply with new Privacy Shield requirements; and (3) more closely manage its relationships with third parties that will receive or have access to Privacy Shield data, including ensuring contracts with those third parties meet new Privacy Shield requirements. We summarize these three steps, as well as additional procedural requirements that will affect the impact of Privacy Shield on U.S. businesses compared to Safe Harbor.

Posted in News & Events

REMINDER: Upcoming Webinar: Privacy Shield: What You Need to Know

The much anticipated Privacy Shield framework for the transfer of data between the EU and U.S. received final approval from the European Commission on 12 July 2016. With this important data transfer mechanism available to companies at the beginning of August, the Hogan Lovells Privacy and Cybersecurity team will answer your questions in a webinar next Wednesday, 27 July. CLE credit will be available.

Posted in International/EU Privacy

EU Data Transfers to the U.S.: Considering Your Options after Privacy Shield

With the recent approval of the EU-US Privacy Shield framework and the ability to start filing online registrations on 1 August, many companies have questions about the advantages and disadvantages of Privacy Shield as compared to other cross-border transfer mechanisms to cover trans-Atlantic data flows.

To answer your questions, we publish here International Data Transfers – Considering your options, a high-level analysis of the EU cross-border transfer options for companies—including the EU Standard Contractual Clauses, Intra-Group Agreements and other ad-hoc contracts, Binding Corporate Rules, Privacy Shield, and Consent—and the pros and cons of choosing each one.

Posted in International/EU Privacy

Article 29 Working Party Sees Privacy Shield Glass Half Empty

From the moment that the Chairman of the Article 29 Working Party, Isabelle Falque-Pierrotin, announced at a press conference on 3rd February this year that the Working Party would assess the standing of the EU-US Privacy Shield under EU law, privacy professionals have been waiting to see what the Working Party’s view would be. Earlier this week, on 13th April, the Working Party provided their initial opinion. On the one hand, the Working Party welcomed the significant improvements of the Privacy Shield as a positive step forward. Yet, on the other hand, the Working Party set out their strong concerns on the commercial aspects of the Privacy Shield and the ability for US public authorities to access data transferred under the Privacy Shield. The opinion concluded by urging the European Commission to resolve these concerns and improve the Privacy Shield.

Posted in International/EU Privacy

Hogan Lovells Issues Legal Analysis of the EU-U.S. Privacy Shield

In a thorough legal analysis of the EU-U.S. Privacy Shield framework, a report from Hogan Lovells says the framework would stand up in the Court of Justice of the European Union, and the true level of data protection afforded by the Privacy Shield framework will only be demonstrated by its functioning and the practices of its participants.

Posted in International/EU Privacy

International Data Transfers – The Uncertainty Continues

Following the announcement by the European Commission of the newly agreed EU-US Privacy Shield, the missing piece of the jigsaw was the Article 29 Working Party’s stance on the adequacy of the existing mechanisms in place—in particular, standard contractual clauses and binding corporate rules. So after two days of intense discussions, the Working Party has issued a statement with its latest position, which is the follow up to their original reaction to the invalidation of Safe Harbor last October. The bottom line: the Working Party still does not view US government surveillance laws as sufficiently protective of privacy—a position which calls all transfers of personal data to the US in question, regardless of the methods used to legitimise the transfer—but they will reconsider this position in light of the Privacy Shield in the coming months.