EU-U.S. Privacy Shield Framework Assessments

The EU-U.S. Privacy Shield Framework was put forth by the U.S. Department of Commerce and European Commission for purposes of providing organizations on both sides of the Atlantic with a protocal for complying with the respective EU data protection requirements relating to the transfer of personal data from the European Union to the United States in support of transatlantic commerce.

The Privacy Shield Framework thus provides a comprehensive set of enforceable protection measures relating to the personal data of EU individuals. The Framework provides transparency regarding how participating companies use personal data, overall U.S. government oversight, and increased cooperation with EU data protection authorities (DPAs). The European Commission deemed the Privacy Shield Framework acceptable for enabling data transfers under EU law. Therefore, the U.S. Department of Commerce will allow companies time to review the Framework and update their compliance programs and then, on August 1, will begin accepting certifications.

Therefore, to effectively join the Privacy Shield Framework, a U.S.-based entity will be required to self-certify with the U.S. Department of Commerce and publicly commit to comply with the Framework’s requirements. While joining the Privacy Shield Framework is voluntary, once an eligible company makes the public commitment to comply with the Framework’s requirements, the commitment will become fully enforceable under U.S. law. Learn more at https://www.commerce.gov/page/eu-us-privacy-shield today.