On December 19, the EU Commission (“Commission”) published its report to the European Parliament and the Council on the second review of the functioning of the EU-US Privacy Shield (the “Report”).

To the relief of the 3,850 US companies who have certified to the Privacy Shield, and those entities transferring personal data to them, the Commission concluded that the Privacy Shield framework ensures an adequate level of protection for personal data and, therefore, can still be used as one of the available transfer mechanisms under the General Data Protection Regulation (“GDPR”). Nonetheless, the review identified some immediate actions for the US government to take in order to continue to keep the Privacy Shield framework on secure footing.

Read more

Post By Nix (1,198 Posts)