The EU and the US reached a new agreement on data protection called the “EU-U.S. Privacy Shield”

The EU and the US reached a new agreement on data protection called the “EU-U.S. Privacy Shield”. This agreement is designed to provide greater data protection for personal data transferred from the EU to the US by companies based in Europe.

With this new arrangement, all companies based in Europe that offer personal data processing services, including cloud computing, will be able to use their existing contractual arrangements with US clients as a legal basis for transferring personal data from the EU to the US, or vice versa.

The key requirement is that there must be an adequacy decision issued by the European Commission and US Department of Commerce finding that transfers of personal data from the EU under these contractual arrangements are "adequate" for purposes of meeting data protection standards under EU law and US law.

For some years now, EU companies operating in the U.S. have been unable to use contractual arrangements as a legal basis for transferring personal data from the EU to third countries located outside of Europe, such as Canada and Japan. This has been because of concerns that such transfers may be governed by inadequate privacy standards in these countries.

The European Union and the United States of America (the "U.S.") have both agreed to a draft new agreement on data protection, which has been dubbed the “EU-US Privacy Shield”.

The Privacy Shield is designed to replace the current framework for the transfer of personal data from the EU to the U.S., which has been in place since 1995. This framework has a number of shortcomings, including its outdated legal basis, lack of binding dispute resolution mechanism, and a low level of protection that does not meet the requirements set out in Article 45 of Regulation No 45/65/EEC.

The new agreement was agreed by the Council on 27th February 2016 and it will replace the existing framework at a date to be determined by law.

The new agreement, which took effect on July 1, 2016, is aimed at improving the level of protection for US citizens who share their personal data with US-based companies and institutions.

Under the terms of the Privacy Shield, companies that are certified by the US Department of Commerce will be required to adhere to the EU's data protection standards. As a result, they will be bound by certain obligations designed to protect the privacy of EU citizens.

A certification program was established in order to determine which companies are adhering to European data protection principles and which are not. The certification requires organizations to provide evidence that they meet certain criteria related to privacy policies and practices.

The certification program depends on self-reporting by participating organizations. Organizations involved in large-scale transatlantic flows of personal data are expected to self-report their compliance under the Privacy Shield certification program. Other organizations can also voluntarily participate in this program by submitting a declaration stating their compliance with the Privacy Shield principles.

If you're selling goods in the US, you need to be aware of how your customers' data will be used by your US-based business. The EU-US Privacy Shield aims to ensure that companies operating inside the EU and the US comply with their respective privacy laws.

The new agreement aims to give European citizens more control over how their data is collected by American companies, and it ensures companies abiding by these rules will not face legal action from the US government for breaking European privacy laws. It should also make it simpler for Europeans to make a complaint about how their data has been processed or used.

The Privacy Shield provides a way for companies based in the EU and the U.S. to move personal data between the two countries, following strict privacy safeguards. Products on Amazon have to comply with the requirements of this agreement before they can be sold on Amazon in any other marketplace run by Amazon EU S.à r.l.

Companies intending to use the Privacy Shield to transfer personal data from Europe must submit their data collection, storage, and use practices to an independent third-party assessor, who will certify that these practices meet certain criteria for the protection of personal data.

Thank you,

Hope you like it!