After Safe Harbor: EU-US Privacy Shield
The EU-U.S. Privacy Shield
The EU-U.S. Privacy Shield was announced by the European Commission and U.S. Department of Commerce as a replacement for the Safe Harbor Framework. The agreement contains three key features:
- Strong Obligations for Companies’ Handling of EU Citizens’ Data
- Clear Safeguards and Transparency Obligations for U.S. Government Agency Access
- New Redress and Complaint Resolution Mechanisms for EU Citizens
- FACT SHEET: Learn More About the EU-U.S. Privacy Shield
Without an agreement, thousands of companies of all types and sizes – in both Europe and the United States – will face widespread uncertainty and serious impacts to their operations and their ability to conduct business across the Atlantic.
Internet Data Travelling Between the EU and United States is Essential
Everyday millions of people go online to work, exchange ideas, explore, learn, engage in commerce, or connect with friends and family. Complex networks with data streaming around the globe make going online seem routine, and our modern society and economy have become dependent on the free flow of data.
A situation where a significant portion of the Internet is effectively shuttered is frankly unimaginable. But without the EU-U.S. Privacy Shield to improve data privacy protections and ensure online data transfers between Europe and the United States, this contingency may very well come to pass.
What was Safe Harbor?
The Safe Harbor Framework, which was negotiated between the EU and United States in 2009, was the primary – and often sole – mechanism under which more than 4,400 companies of all sizes, and across all industries, legally transferred data from Europe to the United States for the past 15 years. During that time, the transatlantic trade relationship thrived, creating new jobs and new prosperity in both Europe and the United States.
On October 6, 2015, the Court of Justice of the European Union (CJEU) effectively invalidated the Safe Harbor Framework on the basis that the European Commission had not appropriately evaluated whether the United States maintains “essentially equivalent” protections of EU citizen data.
What Did Tech Companies Seek?
ITI encouraged the European Commission and the U.S. Department of Commerce to negotiate a new agreement to replace the Safe Harbor Framework by the January 31, 2016, deadline set out by EU Member State data protection authorities following the CJEU’s ruling.
In particular, ITI and other leading business groups asked leaders on both sides of the Atlantic to support the negotiation of a legally durable framework that reflected shared principles on privacy and security, and provided a reasonable transition period for companies to come into compliance with a revised framework.
We welcome the EU-U.S. Privacy Shield agreement and believe it will provide a basis for companies to reliably move data across the Atlantic, while upholding citizens’ fundamental rights to privacy and data protection.
Learn More:
-
Statement by Thomas Jarzombek and Marian Wendt, the CDU/CSU Parliamentary Group in the German Bundestag: "Secure Foundation for Transatlantic Data Exchange Established" in EU-US Privacy Shield.
-
ITI Praises EU-US Privacy Shield Approval by European Governments. “Today’s favorable vote by EU Member States endorses the Privacy Shield Framework as a much-needed solution for protecting the fundamental privacy rights of European citizens while enabling the transatlantic data flows essential to innovation, job creation, and economic growth,” ITI President and CEO Dean Garfield said.
-
ITI: Irish Data Protection Commissioner Decision Signals Need to Swiftly Conclude Privacy Shield. "The IDPC draft decision should be a catalyst to reach closure on the Privacy Shield negotiations rather than a reason to delay.”
-
ITI Welcomes Public Release of Text of EU-U.S. Privacy Shield. "it achieved the objective of securing an agreement that both enhances privacy protections and provides the certainty needed to promote innovation and economic growth."
-
Tech Industry Leaders Commend New 'EU-US Privacy Shield' Agreement to Replace Safe Harbor. "Today’s economy is online and it runs on data, and so the biggest winners here are the EU and U.S. economies."
-
Statement by Thomas Jarzombek, the CDU/CSU-BT Parliamentary Group for the Digital Agenda, on the EU-US Privacy Shield. "…An agreement in the negotiations on transatlantic data exchange offers hope that legal certainty will soon prevail for the digital economy and a free flow of data across the Atlantic will be guaranteed."
- ITI Encourages Negotiators to Take the Time to ‘Get it Right’ on Strengthened Transatlantic Data Transfers Agreement. Given the very complex issues at hand, we encourage negotiators to take the time necessary to secure an agreement that enhances privacy protections and provides the certainty needed to promote innovation and economic growth.
-
"The Art. 29 Data Protection Working Party should therefore cancel its self-imposed deadline, or at least extend it so that the German and European digital economy is not threatened by uncertainty." A statement by Thomas Jarzombek, chair of the Digital Agenda Working Group of the CDU/CSU faction in the German Federal Parliament, urging European Data Protection Authorities to extend the deadline for a new Safe Harbor agreement.
- Congress Passing the Judicial Redress Act is an Important Bridge to Ensuring Future U.S.–EU Digital Trade. The Judicial Redress Act demonstrates the U.S. respects the privacy of individuals and creates momentum towards reaching a strong data-flows agreement between the U.S. and EU.
- Essentially Equivalent: New Report Showing Equal EU & U.S. Data Privacy Protections Should Help Spur a New Safe Harbor Agreement. A new report concludes that privacy and data protection laws are substantially similar in the European Union (EU) and the United States
- TechWonk: What Happens to the Internet Without a Safe Harbor in February? A situation where a significant portion of the Internet is effectively shuttered is frankly unimaginable. Yet in the absence of leadership on both sides of the Atlantic, it may very well come to pass.
- Tech & Business Groups Call on President Obama, EU Leaders to Step in and Help Reach a new Safe Harbor Agreement. To avert serious harm to the economy, businesses ask U.S. and European heads of state to engage their efforts to help conclude a new Safe Harbor agreement governing data transfers between the U.S. and EU.
- TechWonk: It’s Clear the U.S. and EU Economies Need a Safe Harbor 2.0. More than half a trillion dollars in trans-Atlantic trade depends on data flows enabled by the Safe Harbor agreement for the past 15 years.