Privacy Shield News and Events

Privacy Shield-Related News 

  • November 8, 2018: Congratulations - over 4,000 companies are Privacy Shield certified.
  • October 19, 2018: Joint Press Statement from Commissioner Věra Jourová and Secretary of Commerce Wilbur Ross on the Second Annual EU-U.S. Privacy Shield Review
  • October 18, 2018: Op-Ed: Transatlantic Privacy Deal is Vital to Trade
  • October 18, 2018: Remarks by Commerce Secretary Wilbur L. Ross at the Second Annual Review of the EU-U.S. Privacy Shield in Brussels, Belgium
  • October 15, 2018: The Department is pleased to announce the following individuals have been selected for inclusion on the list of arbitrators developed by the U.S. Department of Commerce and the Swiss Administration as part of the Swiss-U.S. Privacy Shield Framework Annex I Binding Arbitration Program. Additional information regarding the Binding Arbitration Program is available at http://go.adr.org/Swiss-AnnexI.html.
    • Paul Lanois
    • Urs Maurer-Lambrou
    • Reinhard Oertli
    • Cyrill Rigamonti
    • Axel Tschentscher
  • September 27, 2018: The Federal Trade Commission (FTC) announced four companies have agreed to settle FTC allegations that they falsely claimed certification under the EU-U.S. Privacy Shield Framework (see press release). The agreements are subject to public comment for 30 days after which the FTC will decide whether to make the proposed consent orders final. The FTC also issued a blog post reminding companies that they must complete their initial certifications and follow through with required annual re-certifications if they represent themselves as Privacy Shield participants.
  • July 2, 2018: The Federal Trade Commission (FTC) announced a California company has agreed to settle FTC allegations that it falsely claimed it was in the process of being certified as complying with the EU-U.S. Privacy Shield Framework (see press release). In conjunction with the announcement, the FTC issued a blog post reminding companies about the potential consequences of making false claims regarding Privacy Shield participation. As part of its settlement with the FTC, the company is prohibited from misrepresenting its participation in any privacy or security program sponsored by a government or any self-regulatory or standard-setting organization and must comply with FTC reporting and compliance requirements. The agreement will be subject to public comment for 30 days after which the FTC will decide whether to make the proposed consent order final.
  • May 1, 2018: From January 2017 through May 2018, the U.S. Government has taken action to support the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. These measures enhance privacy protections for EU and Swiss individuals, while ensuring that American and European businesses can count on the Privacy Shield to deliver innovative products and services across the Atlantic. (Information available in French and German)
  • March 9, 2018: The International Trade Administration (ITA) within the U.S. Department of Commerce is enhancing its procedures for conducting periodic compliance reviews under the Privacy Shield program. In order to monitor effective compliance with the program, ITA’s Privacy Shield team will conduct spot checks of randomly selected Privacy Shield participants in which ITA will seek to verify:
1) that the point(s) of contact responsible for the handling of complaints, access requests, and other issues arising under the Privacy Shield are available,
2) that the organization’s publicly-facing privacy policy is available for viewing by the public,
3) that the organization’s privacy policy continues to comply with the self-certification requirements described in the Framework, and
4) that the organization’s chosen independent recourse mechanism(s) is available to investigate and resolve complaints.
 
Additionally, ITA’s Privacy Shield team will actively monitor news for reports regarding the privacy practices of Privacy Shield participants.  If there is credible evidence that a participant does not comply with its commitments under the Privacy Shield or if significant issues are identified during a compliance review, the participant will receive a compliance questionnaire.

These enhancements are intended to strengthen the administration and supervision of the Privacy Shield Framework, increasing the confidence of participants in the Framework and of EU individuals that their data will be protected.
 

Privacy Shield-Related Events

  • October 20, 2018 (Brussels, Belgium): Second annual joint review of the Swiss-U.S. Privacy Shield Framework
  • October 18-19, 2018 (Brussels, Belgium): Second annual joint review of the EU-U.S. Privacy Shield Framework
  • May 14-15, 2018 (Berlin, Germany): A Department of Commerce official will give a Privacy Shield keynote at the 8th European Data Protection Days conference.

Additional Privacy Shield-Related Resources