ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.
Extract from article by Mary MackHow is the Privacy Shield different from the Safe Harbor?
The Safe Harbor framework did create rights and responsibilities around processing data containing protected data of EU citizens. However, in practice, there was little, if any enforcement for the self-certified status. The new Privacy Shield creates multiple enforcement mechanisms for the EU Data Protection Authorities (DPA’s) and multiple civil and administrative paths for remedies for the EU citizen. Consent requirements are expected to be higher, and there is an expectation that data will be secured.
Top 3 Practice Points for eDiscovery
- Understand how the climate has changed, especially with regard to FTC enforcement and Department of Commerce monitoring
- Understand the EU data landscape. Where does the data reside? How important is it? Can it be phased or de-scoped? Do you need early negotiations or protective orders?
- Know the specific rules in the specific country. France is different from Germany is different from Switzerland. Consider an experienced attorney on the ground in country and service providers whose contracts demonstrate they adhere to Privacy Shield requirements.
Read the complete article at The Safe Harbor is Dead. Long Live the Privacy Shield.