Most recent Update on data protection: EU-US Privacy Shield strongly supported by the member states of the European Union

 in IT-recht

On July 8th the member states of the European Union (‘the Article 31 Committee’) have given their strong support to the adoption of the EU-US Privacy Shield. The next step in the process will most likely be the formal adoption of the EU-US Privacy Shield.

Recap:  EU-US Privacy Shield

In our earlier newsletters we informed you about the negotiations between the European Union and the United States in reaching an agreement on a data transfer pact to replace the invalidated Safe Harbour Principles. The EU-US Privacy Shield is meant to enable the adequately protected transfer of personal data for commercial purposes between the U.S. and the European Union. As per February 2nd of this year, the European Commission made public that the European Union and the United States had agreed upon a new data transfer framework: the “EU-US Privacy Shield”. On February 29th the European Commission published a draft adequacy decision along with the texts of the EU-US Privacy Shield (a general outline of which you can find in our earlier newsletter of this year regarding the EU-US Privacy Shield). An adequacy decision reflects the adopted position the European Commission takes regarding the level of personal data protection provided by a country outside the European Economic Area. The ‘Article 29 Working Party’, as requested, published its opinion regarding the EU-US Privacy Shield on April 14th (a general outline of which you can find in our earlier newsletter of this year regarding the EU-US Privacy Shield).

Practicalities once adopted

American organization will be able to participate by conducting a registration and annual self-certification procedure. Once registered such organizations will be periodically monitored and verified by the US Department of Commerce. A listing of all registered participants will be made available. In addition, the organizations will be required to display an easily accessible and readable privacy policy on its website in accordance with the principles of the EU-US Privacy Shield.

What to do in the mean time?

For the moment, businesses can still make use of substitute instruments (e.g. Binding Corporate Rules or Standard Contract Clauses). Relying on the Safe Harbour, however, is – since last October – no longer a legal option.

Status of the General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR will take effect on 25th of May of 2018 in all member states of the European Union without transposition having to take place into the 28 national laws.

I.M. Tempelman, 12 juli 2016

Contact
If you would like to know more about this matter or any other privacy issue, please contact mr. I.M. Tempelman.

Read more information as published by the European Commission on the Privacy Shield:

Press release European Commission dated 8 July 2016

Draft Text Privacy Shield dated 29 February 2016

Recente berichten
  • 2 juni 2020

    NOW 2.0

    Marion Hagenaars
    Op 29 mei jl. zijn enkele wijzigingen op de verlenging van de NOW aangekondigd (NOW 2.0). Hierna de (aangepaste) hoofdlijnen.
    Lees verder
  • 27 mei 2020

    NOW 2.0

    Marion Hagenaars
    Woensdag 20 mei jl. is de verlenging van de NOW aangekondigd (NOW 2.0). De looptijd is van juli tot en met december 2020. De nieuwe voorwaarden worden nog nader uitgewerkt, maar de hoofdlijnen zijn bekend.
    Lees verder
  • 15 april 2020

    7 tips voor IT-leveranciers bij aanbestedingen tijdens corona

    Wouter Huisman
    Alweer anderhalve maand geleden werd de eerste Nederlandse coronapatiënt vastgesteld. Inmiddels zijn we weer wat verder. Het coronavirus begint langzaam onderdeel te worden van het dagelijks leven en iedereen bereidt zich voor op de ‘1,5 meter-samenleving’. Zo ook in Aanbestedingsland.
    Lees verder

Plaats een reactie

Top