Data protection: what is the EU-US Privacy Shield?

The European Union and USA have officially brought the EU-US Privacy Shield into effect.

This new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.

But what exactly is the agreement all about? After two and half years of negotiations, the European Commission and the U.S. Department of Commerce on February 2 2016 reached an agreement on a new framework for transatlantic exchanges of personal data for commercial purposes: the EU-U.S. Privacy Shield (IP/16/216).

This new framework will protect the fundamental rights of individuals where their data is transferred to the United States and ensure legal certainty for businesses. On July 12 2016, following a positive vote from the Member States (article 31 committee) on July 8, the College of Commissioners formally adopted the Privacy Shield.

READ MORE: Will Brexit impact UK data protection rules? 

The EU-U.S. Privacy Shield reflects the requirements set out by the European Court of Justice in its ruling on October 6 2015, which declared the old Safe Harbour framework invalid. The new arrangement will impose stronger obligations on companies in the U.S. to protect the personal data of individuals and stronger monitoring and enforcement by the U.S. Department of Commerce and Federal Trade Commission (FTC), including an increased cooperation with the European Data Protection Authorities.

The new arrangement includes written commitments and assurance by the U.S. that any access by public authorities to personal data transferred under the new arrangement on national security grounds will be subject to clear conditions, limitations and oversight, preventing generalised access. The newly created Ombudsperson mechanism will handle and solve complaints or enquiries raised by EU individuals in this context.

A full Q&A carried out by the EU can be accessed here: www.europa.eu/rapid/press-release_MEMO-16-2462_en.htm

Andrus Ansip, Commission Vice-President for the Digital Single Market, said: "We have approved the new EU-U.S. Privacy Shield today. It will protect the personal data of our people and provide clarity for businesses. We have worked hard with all our partners in Europe and in the US to get this deal right and to have it done as soon as possible. Data flows between our two continents are essential to our society and economy – we now have a robust framework ensuring these transfers take place in the best and safest conditions."

Read the July EURO 2016 issue of Business Review Europe magazine. 

Follow @BizReviewEurope