EU Commission, U.S. Reach New Privacy-Shield Agreement (Feb. 2, 2016)
Shortly after the original deadline to reach an agreement expired on Sunday, the EU Commission and the U.S. have agreed to a new Safe Harbor deal. The new framework will protect the fundamental rights of Europeans when their data are transferred to the U.S. and ensure legal certainty for businesses, according to an EU Commission announcement.
The EU-US Privacy Shield reflects the requirements set out by the European Court of Justice in its Oct. 6, 2015 ruling, which declared the old Safe Harbor framework invalid. The new agreement will provide stronger obligations on U.S. companies to protect the personal data of Europeans and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission, including increased cooperation with European Data Protection Authorities, the EU Commission said. The U.S. also has committed to clear conditions, limitations and oversight of public authorities’ access to personal data. Europeans will have the possibility to raise any inquiry or complaint in this context with a dedicated new Ombudsperson.
“We are pleased that U.S. and European Commission officials have reached an agreement in principle which, once finalized, will allow for the continuation of an important mechanism for transatlantic data transfers,” said FTC Chairwoman Edith Ramirez in a statement. “Under the new agreement, the EU-U.S. Privacy Shield, the Federal Trade Commission will continue to prioritize enforcement of the framework as part of our broader commitment to protect consumers’ personal information and privacy. We will continue to work closely with our European partners to ensure consumer privacy is protected on both sides of the Atlantic.”
The Privacy-Shield agreement isn’t subject to U.S. congressional approval, but the 28 EU member states must approve the plan.