Most recent Update on data protection: EU-US Privacy Shield strongly supported by the member states of the European Union

 in IT-recht

On July 8th the member states of the European Union (‘the Article 31 Committee’) have given their strong support to the adoption of the EU-US Privacy Shield. The next step in the process will most likely be the formal adoption of the EU-US Privacy Shield.

Recap:  EU-US Privacy Shield

In our earlier newsletters we informed you about the negotiations between the European Union and the United States in reaching an agreement on a data transfer pact to replace the invalidated Safe Harbour Principles. The EU-US Privacy Shield is meant to enable the adequately protected transfer of personal data for commercial purposes between the U.S. and the European Union. As per February 2nd of this year, the European Commission made public that the European Union and the United States had agreed upon a new data transfer framework: the “EU-US Privacy Shield”. On February 29th the European Commission published a draft adequacy decision along with the texts of the EU-US Privacy Shield (a general outline of which you can find in our earlier newsletter of this year regarding the EU-US Privacy Shield). An adequacy decision reflects the adopted position the European Commission takes regarding the level of personal data protection provided by a country outside the European Economic Area. The ‘Article 29 Working Party’, as requested, published its opinion regarding the EU-US Privacy Shield on April 14th (a general outline of which you can find in our earlier newsletter of this year regarding the EU-US Privacy Shield).

Practicalities once adopted

American organization will be able to participate by conducting a registration and annual self-certification procedure. Once registered such organizations will be periodically monitored and verified by the US Department of Commerce. A listing of all registered participants will be made available. In addition, the organizations will be required to display an easily accessible and readable privacy policy on its website in accordance with the principles of the EU-US Privacy Shield.

What to do in the mean time?

For the moment, businesses can still make use of substitute instruments (e.g. Binding Corporate Rules or Standard Contract Clauses). Relying on the Safe Harbour, however, is – since last October – no longer a legal option.

Status of the General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR will take effect on 25th of May of 2018 in all member states of the European Union without transposition having to take place into the 28 national laws.

I.M. Tempelman, 12 juli 2016

If you would like to know more about this matter or any other privacy issue, please contact mr. I.M. Tempelman.

Read more information as published by the European Commission on the Privacy Shield:

Press release European Commission dated 8 July 2016

Draft Text Privacy Shield dated 29 February 2016

Recente berichten
  • 31 oktober 2019

    Uw ziekmelding wordt niet geaccepteerd! Of toch wel?

    Marion Hagenaars
    Lastige gesprekken met werknemers. Over functioneren, samenwerkingsproblemen, houding en gedrag. En dan – u had het al voorzien – een ziekmelding. Soms met een enkel WhatsApp bericht. U bent geen arts, maar bij een ziekmelding in dergelijke omstandigheden plaatst u vraagtekens. Er lijkt immers meer sprake te zijn van een “vlucht in ziekte”. U besluit
    Lees verder
  • 4 oktober 2019

    Storing cookies requires internet users’ active granular (specific) consent

    Bob Cordemeyer
    A pre-ticked checkbox is therefore insufficient Answering questions of The Bundesgerichtshof (Federal Court of Justice, Germany)  to interpret the EU law on the protection of electronic communications privacy.2 the EU Court of Justice decides on October 1, 2019 that the consent which a website user must give to the storage of and access to cookies
    Lees verder
  • 30 september 2019

    Uitgeleende werknemer, een vrije vogel?

    Marion Hagenaars
    U heeft met uw werknemers een relatiebeding gesloten. En met uw opdrachtgevers een verbod op indiensttreding. Met boetes op overtreding. U vreest een overstap van uw werknemers naar een opdrachtgever dus niet. En mocht het onverhoopt toch gebeuren, dan bent u in ieder geval zeker van een financiële compensatie. Of toch niet?!
    Lees verder

Plaats een reactie