Privacy Shield: US companies have time to update data sharing contracts

Cerys Wyn Davies,,  Monday, July 25, 2016

US businesses intending to sign up to the new EU-US Privacy Shield within the first two months of it becoming operational can do so without first having to update arrangements for sharing data with others. However, they will only have a limited time in which to put new contracts in place.

The US can’t go stomping on other countries’ laws. Period.

Paul Rosenzweig by Paul Rosenzweig, The Chertoff Group
Monday, July 25, 2016

Sadly, however, today threats to the free flow of information across the globe come, not only from authoritarian countries but, also, from misguided actions of Western nations that ought to know better. The latest example of this unfortunate trend is the U.S. government's effort to force Microsoft to provide it with data that Microsoft stored in a data center in Ireland. In December 2013, Microsoft received a warrant from a magistrate in the Southern District of New York directing the company to turn over content and non-content information relating to a user associated with the company's Dublin, Ireland data center. Microsoft produced the non-content material associated with the user stored on its U.S. servers, but objected to the order for content data stored in Ireland. The government's view was that the U.S. government can compel the company, a U.S. based cloud provider, to disclose a user's content data stored outside the United States. Happily, that argument has not carried the day. The United States Court of Appeals for the Second Circuit recently issued a decision rejecting the government's request and allowing Microsoft to refuse to produce the data.

A Breakthrough in Trans-Atlantic Data Flow and Privacy

Justin Antonipillai and Ted Dean,  Wednesday, July 20, 2016

Privacy Shield, as you may know, will guide how US and EU companies will protect the privacy of personal data of EU individuals that gets transmitted to our nation, and speed digital commerce across the Atlantic. Commerce has the lead on the US side to carry out the framework, working with other US agencies and our EU counterparts. For more details, see the Privacy Shield materials – Secretary Pritzker’s remarks, fact sheet and FAQs, and a guide for companies to sign up – posted July 12 on Also see our testimony to the European Commission on March 17, and my (Justin) speech to the TRUSTe Privacy Risk conference on June 8 in San Francisco.

Privacy Shield Moves Forward, Company Certifications to Begin August 1

Martin Braun, Reed Freeman Barry Hurewitz, Benjamin Powell and Heather Zachary, Mondaq,  Wednesday, July 13, 2016

The European Commission formally adopted the EU-US Privacy Shield on Tuesday, ending months of legal uncertainty with a new framework for governing transatlantic data transfers after the Privacy Safe Harbor framework was invalidated in 2015. According to the Commission, Privacy Shield shifts from being a system based on self-regulation to "an oversight system that is more responsive as well as proactive" via stronger efforts by the US Department of Commerce, the US Federal Trade Commission and European Data Protection Authorities. The US Department of Commerce is now encouraging companies to review the framework, and it will begin accepting voluntary certifications beginning on August 1.

EU Heralds Privacy Shield as Trans-Atlantic Pact Takes Effect

Stephanie Bodoni, Bloomberg,  Tuesday, July 12, 2016

“The EU-U.S. Privacy Shield is a robust new system to protect the personal data of Europeans and ensure legal certainty for businesses,” EU Justice Commissioner Vera Jourova said in a statement on Tuesday, the first day of the new pact. “It brings stronger data protection standards that are better enforced, safeguards on government access, and easier redress for individuals in case of complaints.”

EU-U.S. Privacy Shield: Progress for privacy rights

John Frank, Microsoft EU Policy Blog,  Monday, July 11, 2016

We at Microsoft welcome the new EU-U.S. Privacy Shield decision, which the European Commission is expected to announce on 12 July. It sets a new high standard for the protection of Europeans’ personal data. Microsoft regards privacy as a fundamental right and we believe the Privacy Shield advances this right. This is an important achievement for the privacy rights of citizens across Europe, and for companies across all industries that rely on international data flows to run their businesses and serve their customers. The successful and rigorous negotiations also demonstrate progress between Europe and the United States on a vital issue for transatlantic coordination. While we rely on different legal frameworks, we share the same privacy values on both sides of the Atlantic.

European Union approves ‘Privacy Shield’ data transfer deal with the US

Jonathan Keane, Digital Trends,  Friday, July 8, 2016

Privacy Shield, the much-debated data transfer agreement that will replace Safe Harbor, has been approved by the European Union. The 28 member states of the EU approved the data transfer deal today following extensive debate and some controversy over the protections it provided to EU citizens’ data when transferred to the U.S. Under the terms of the new deal, Privacy Shield will be reviewed on an annual basis.

You are here: Home Public Sector Data Protection News Doubt clouds future of UK’s post-Brexit data protection rules Doubt clouds future of UK’s post-Brexit data protection rules

Joe Curtis, IT Pro,  Wednesday, July 6, 2016

Uncertainty continues over the future of the UK’s data protection policies following Brexit, a government minister has admitted. Saying “for a period the future will be more uncertain”, Baroness Lucy Neville-Rolfe said EU rules on data protection could apply fully in the UK if it remains in the single market, or the UK may replace all EU rules with its own if it does not stay. “Currently it seems unlikely we will know the answer to these questions before the withdrawal negotiations get under way,” the minister for data protection told the Privacy Laws & Business annual conference yesterday.

Cybersecurity: MEPs back rules to help vital services resist online threats

European Parliament News,  Wednesday, July 6, 2016

Firms supplying essential services, e.g. for energy, transport, banking and health, or digital ones, such as search engines and cloud services, will have to improve their ability to withstand cyber-attacks under the first EU-wide rules on cybersecurity, approved by MEPs on Wednesday.

The Post Safe Harbor Era: New Opportunities for Service Providers

Rashid Niamat, The Whir,  Thursday, June 30, 2016

This truly is a sword of Damocles hanging over the market and nearly everyone in the IT industry wants it removed as quickly as possible. The complexity is apparent. The public and policy makers focus their attention on companies that have data. The relevance of the current situation to the hosting and data center industry is however, still underexposed.