Since 1 August, U.S. companies have been able to sign up to the EU-U.S. Privacy Shield with the U.S. Department of Commerce, which has been verifying that their privacy policies comply with the high data protection standards required by the Privacy Shield. Already 103 have been certified. This means that these U.S. companies can receive personal data from the EU in full compliance with EU data protection rules. European companies can easily check on the Privacy Shield list whether their American partner companies, to whom they are transferring personal data, are certified.
The Department of Commerce is currently reviewing the privacy policies of 190 further companies that have signed up to the Shield while an additional 250 companies are in the process of submitting their application. Věra Jourová, the EU’s Commissioner for Justice, Consumers and Gender Equality, said:
“The EU-U.S. Privacy Shield is a robust new framework protecting fundamental rights of Europeans, and also facilitating business across the Atlantic. I’m pleased that many companies have already signed up and brought their privacy policies in line with the Privacy Shield. I encourage many others to continue to do so to ensure Europeans can have full confidence in the protection of their personal data when transferred to the U.S.”
The Commission welcomes the choice made by a third of the certified companies to opt for the EU Data Protection Authorities as their dispute resolution body (which is compulsory for human resource data but optional for other personal data). This will provide individuals with an easy and accessible way to obtain redress, if they consider their data has been misused and their data protection rights have not been respected.
All details on the different redress possibilities are available in the citizens’ guide published by the Commission. More information on the Privacy Shield are available in the 12 July press release and a Q&A, as well as in the Official Journal.
Compliments of the EU Delegation to the US