European Commission publishes EU-U.S. Privacy Shield

The European Commission today issued a Communication taking stock of its work to restore trust in transatlantic data flows since the 2013 surveillance revelations. The Commission also published a draft “adequacy decision” of the Commission as well as the texts that will constitute the EU-U.S. Privacy Shield. This includes the Privacy Shield Principles companies have to abide by, as well as written commitments by the U.S. Government (to be published in the U.S. Federal Register) on the enforcement of the arrangement, including assurance on the safeguards and limitations concerning access to data by public authorities. Vice-President Ansip said: “Now we start turning the EU-US Privacy Shield into reality. Both sides of the Atlantic work to ensure that the personal data of citizens will be fully protected and that we are fit for the opportunities of the digital age.” Commissioner Jourová added: “Protection of personal data is my priority both inside the EU and internationally. The EU-U.S. Privacy Shield is a strong new framework, based on robust enforcement and monitoring, easier redress for individuals and, for the first time, written assurance from our U.S. partners on the limitations and safeguards regarding access to data by public authorities on national security grounds.” Now, a committee composed of representatives of the Member States will be consulted and the EU Data Protection Authorities (Article 29 Working Party) will give their opinion, before a final decision by the College. A press release, a Q&A and a factsheet are available online.