With the deadline for a new Safe Harbour just behind us, the European Commission and the US have established another system to ensure the safe transfer of data across the Atlantic, named the EU-US Privacy Shield.
For EU citizens and businesses the proposed agreement acts in essentially the same way, but with greater assurance from the US that any transatlantic data is protected from surveillance. However, it still needs political approval and businesses shouldn't expect it to come into effect for at least three months.
The Privacy Shield would ensure that any US companies abide by the US Federal Trade Commission's data processing laws. US access to personal information of EU citizens would be limited to the appropriate authorities, and would have to be ''necessary and proportionate''. EU citizens will also have the right to complain to an ombudsman if they suspect any misuse of their data.
The European Commission and the US are discussing a transition period, so that businesses have time to make any changes necessary in order to coincide with the new agreement. However, the advice for businesses from the European Commission, the US and the UK is still fairly mixed, leading some to believe that the Privacy Shield is more of a PR move than a solution.
Regardless of the outcome of the Privacy Shield, it's important to take stock of the personal data you are transferring outside of the EU and consider relocating it or securing it further. Transcendit are happy to discuss how any personal data your business handles is protected, let you know what action needs to be taken and offer technical support.
If you need help understanding your data protection obligations, please contact us at 0191 482 0444 and ask for Adam Kuznesof