We live in a digitalised world, where the processing of personal data has intensified, and as a result, there is a need in the market to increase the processing capabilities. Now, the US is a big market and as such offers a variety of services and products such as cloud storage, marketing services, digital commerce, analytics and others.
Useful? Embed this infographic on your website.
Given the above, the EU through an adequacy decision has provided with a particular solution for the processing of personal data with US companies, which is called the EU-US Privacy Shield Framework (“Privacy Shield”). This framework is available since the 12 July 2016 and still valid until now; however, should be noted that its validity has been contested and is under the review of the Court of Justice of the European Union (CJEU).
But until the CJEU do not produce a decision, the Privacy Shield still in force and because of this currently, EU companies can transfer EU personal data to US companies as far as these US companies are Privacy Shield Certified (PSC) companies. To know which companies are PSC, please refer to www.privacyshield.gov/list
The process to use the Privacy Shield is pretty straight forward, EU businesses can transfer EU data to any US PSC company, but should be noted that the PSC only applies to companies regulated by the US Federal Trade Commission e.g. US financial institutions or communications providers can not benefit from the Privacy Shield.
As the last remark, in my opinion, it is advisable that before deciding to use the Privacy Shield, to examine the EU Parliament Resolution on this matter (see www.europarl.europa.eu) and assess the pros and cons in order to make a sound management decision.
The following infographic aims to provide at a glance with the main points of what it is and how the Privacy Shield works. This should raise awareness among individuals about the legal protections available to protect their data in the US and also, seeks to provide businesses with a clear picture of the Privacy Shield framework, for them to make a well-informed decision.
Each lawinfographic has a visual presentation and keywords that will allow any person to comprehend at a glance the main topic. The lawinfographic and article contain several examples that have been taken from the EU law, regulations, guidelines and opinions on the matter and have been precisely referred in the documents. If you require more information, do not hesitate to consult the lawinfographic source or to contact me, you can leave me a comment or reach me in Linkedin.
Recitals 95/46 and Art. 45 of the GDPR
data-protection/article-29/ documentation/opinion- recommendation/index_en.htm
Opinion 01/2016 from Art.29 of the Working Party
Handbook on european data protection law pg.129-139
The Privacy Shield website
EU Parliament Resolution of 23 March 2017