EU-U.S. Privacy Shield Certification
The EU-U.S. Privacy Shield program is the successor of the U.S.-EU Safe Harbor program.
Announced on July 12, 2016 it became operational on the 1st August 2016 and delivered a number of key benefits:
1. Enhanced Dispute Resolution systems with additional reporting criteria.
2. A US based Privacy Ombudsperson to handle complaints regarding data access by US Intelligence agencies.
3. Stricter controls on onward transfer of data once outside of the European Union.
4. Liability remaining with data controllers after the onward transfer of data to third-party agent.
5. The option for binding arbitration to handle unresolved complaints.
6. Increased co operation between the Department of Commerce and the European Comission, including an annual review of the program when appropriate.
The program became active on 1st August 2016. Companies that apply before September 30th benefited from a 9 month grace period during which time to bring onward transfers into compliance.
For more information view the EU-U.S. Privacy Shield Timeline
The PrivacyTrust EU Privacy Shield program is designed to assist companies intending to self-certify to the U.S. Department of Commerce that they comply with the EU-U.S. Privacy Shield Framework as set forth by the Department. The PrivacyTrust EU Privacy Shield program provides guidance prior to and during the self-certification application process, along with support afterwards. PrivacyTrust provides a dispute resolution service (independent recourse mechanism) and an outside compliance review (verification) service for the EU-U.S. Privacy Shield program.
Related: See also GDPR