Insights & news

Annual Review Confirms Validity of EU-US Privacy Shield

  • 26/11/2019
  • Articles

On 23 October 2019, the European Commission (Commission) published its report on the Third Annual Joint Review of the EU-US Privacy Shield. The Privacy Shield is a self-certification scheme whereby certified US organisations can more easily receive personal data transferred to them from the EU. Certification is granted when an organisation implements measures in order to protect personal data. At the time of the review, there were more than 5,000 participating companies.

In its report, the Commission confirms that the EU-US Privacy Shield continues to provide an adequate level of protection for transfers of personal data. It indicates that important improvements have been made to the framework, but also identifies some areas of concern. The European Data Protection Board (EDPB), which is invited to participate in the annual review process, published its own report on the Third Annual Joint Review on 12 November 2019, essentially confirming the findings of the Commission and making further recommendations on access by public authorities of data transferred to the US under the Privacy Shield. The annual review procedure is an important element in the construction of the Privacy Shield since its predecessor, the EU-US Safe Harbour scheme, was annulled by the Court of Justice of the European Union (CJEU) on 6 October 2015 (Case C-362/14). Whether the improvements suffice for the Privacy Shield to meet the EU requirements will be determined by the European Courts in the coming months. 

Please click below for a short client memorandum on the Third Annual Review of the EU-US Privacy Shield.  

Attachments:

Key contacts

Related practice areas

Related insights

Sign up for updates
    • 16/03/2020
    • Newsletters

    VBB on Belgian Business Law, Volume 2020, No. 2

    The February 2020 issue of our Belgian Business Law newsletter reporting on the latest developments in a range of areas, including competition, data protection, intellectual property and labour law.

    Read more
    • 12/03/2020
    • Articles

    European Commission Presents Digital Strategy on Data and Artificial Intelligence

    On 19 February 2020, the European Commission published its white paper on artificial intelligence (AI) – “A European approach to excellence and trust” (the White Paper). According to the White Paper, in simple terms, AI is a collection of technologies that combine data, algorithms and computing power for the benefit of citizens, businesses and the public interest in general. In essence, the White Paper sets out policy options on how to achieve a balance between encouraging the uptake of AI while addressing the associated risks through potential regulation. On the same day as the publication of its white paper on artificial intelligence, the European Commission unveiled a new European data strategy. With this five-year plan, the Commission wants to create a single European data space, which is a single market for data that will be open to data from across the world. The European data strategy and the white paper on artificial intelligence are the first pillars of broader policy initiatives that involve a digital strategy and a framework for the development of Artificial Intelligence.

    Read more
    • 04/03/2020
    • Articles

    EDPB Urges Companies to Conduct Data Protection Assessment Ahead of Merger

    The European Data Protection Board (EDPB) has issued a statement on the privacy implications of mergers in view of Google LLC’s intention to acquire Fitbit, Inc. The EDPB is concerned that Google would gain too much control over people’s health and wellness data potentially leading to an unfair advantage over other companies.

    Read more

Subscribe to our updates

Please select the practice areas you are interested in: *