Privacy Shield News and Events

Privacy Shield-Related News 
  • September 28, 2020The U.S. Government released a white paper to assist organizations in assessing whether their EU-U.S. data transfers offer appropriate protection in accordance with the ECJ’s Schrems II ruling.
  • September 8, 2020: The Federal Data Protection and Information Commissioner (FDPIC) of Switzerland issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection (FADP). As a result of that opinion, organizations wishing to rely on the Swiss-U.S. Privacy Shield to transfer personal data from Switzerland to the United States should seek guidance from the FDPIC or legal counsel. That opinion does not relieve participants in the Swiss-U.S. Privacy Shield of their obligations under the Swiss-U.S. Privacy Shield Framework. As we work to resolve the situation, the U.S. Department of Commerce will continue to administer the Privacy Shield program, including processing submissions for self-certification and re-certification to the Privacy Shield Frameworks and maintaining the Privacy Shield List. If you have questions, please contact the FDPIC or legal counsel.
  • August 10, 2020Joint Press Statement from Former U.S. Secretary of Commerce Wilbur Ross and European Commissioner for Justice Didier Reynders
  • August 5, 2020Former Federal Trade Commission (FTC) Chairman Joseph Simons noted with reference to the July 16, 2020 decision by the CJEU that “We stand ready to support the administration’s efforts in this area, but at the same time we will continue to hold companies accountable for their privacy commitments, including promises made under the Privacy Shield.”
  • July 16, 2020Former U.S. Secretary of Commerce Wilbur Ross Statement on Schrems II Ruling and the Importance of EU-U.S. Data Flows
  • July 16, 2020: The Court of Justice of the European Union (CJEU) issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. That decision does not relieve participants in the EU-U.S. Privacy Shield of their obligations under the EU-U.S. Privacy Shield Framework. As we work to resolve the situation, the U.S. Department of Commerce will continue to administer the Privacy Shield program, including processing submissions for self-certification and re-certification to the Privacy Shield Frameworks and maintaining the Privacy Shield List. If you have questions, please contact the European Commission, the appropriate European national data protection authority or legal counsel.
Previous Page