Implementing the EU-U.S. Privacy Shield: U.S. and EU Perspectives and Recommendations

On July 12, 2016, the long-anticipated EU-U.S. Privacy Shield Framework was officially approved, allowing U.S. companies to self-certify to the Framework beginning August 1. Companies that take advantage of the Privacy Shield and publicly commit to comply with its requirements will be able to receive personal data from the EU in compliance with EU data protection laws.

Drinker Biddle’s Peter Blenkinsop and Jeremiah Posedel, along with Taylor Wessing’s Paul Voigt (Berlin, Germany), discussed the key provisions of the Privacy Shield and provided recommendations on successfully implementing its Principles.

Topics discussed included:

• Key Privacy Shield Principles and steps to successfully implementing them;
• Transitioning from Safe Harbor to Privacy Shield;
• Transitioning from Model Clauses to Privacy Shield;
• Impact on controlled groups of corporations or entities;
• Impact on transferring and processing HR data;
• Increased role of EU data protection authorities;
• Future of Privacy Shield and other recognized transfer mechanisms; and
• The GDPR's potential impact on Privacy Shield.