The European Commission has announced the new EU-US Privacy Shield law, which replaces Safe Harbor effective immediately. The new ruling addresses European concerns about US access to the data of Europeans and gives Europeans more options to file concerns regarding the use of their data. U.S. companies may certify compliance beginning Aug. 1.
Tech companies praised the new agreement, saying it restores trust that’s needed after the Edward Snowden leaks of 2013. “Our members are ready to implement the new framework and meet the compliance challenge that the strengthened provisions demand from companies,” said John Higgins, director general of DIGITALEUROPE, which represents Apple, Google and IBM.
However, privacy watchdog groups are wary of the new agreement and say it offers nothing new. “Sadly, for both privacy and for business, this agreement helps nobody at all,” said Joe McNamee, executive director of European Digital Rights, an association of civil and human rights organizations. “We now have to wait until the Court again rules that the deal is illegal and then, maybe, the EU and US can negotiate a credible arrangement that actually respects the law, engenders trust and protects our fundamental rights.”
The European Court of Justice invalidated Safe Harbor on Oct. 6, 2015. The U.S. Department of Commerce continued to honor Safe Harbor certificates until the new ruling came into effect. US companies may certify compliance with the Privacy Shield as of Aug. 1.
For more information, visit the European Commission website.