ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.Extract from article by Robert Stankey and Bryan Thompson
Though the Privacy Shield’s details have been released, its implementation is still many months away. In the meantime, U.S. companies that are considering participating in the new data transfer arrangement should review the increased monitoring and privacy requirements that they will be subject to and determine whether the Privacy Shield will be a better alternative to BCRs and model contractual clauses.
Privacy Compliance under the EU-U.S. Privacy Shield
The Privacy Shield’s core compliance obligations are built around its “Privacy Principles,” which U.S. companies must agree to adhere to through self-certification with the Commerce Department in order to import data from the EU under the framework.