EU-U.S. Privacy Shield: Second review shows improvements but a permanent Ombudsperson should be nominated by 28 February 2019

Privacy Shield 2019

Dimitris Avramopoulos, Member of the EC in charge of Migration, Home Affairs and Citizenship, and Vĕra Jourová, Member of the EC in charge of Justice, Consumers and Gender Equality, give a press conference on the communication on Visa Reciprocity, the Second Report on the visa suspension mechanism and the Report on the second annual review of the EU-US Privacy Shield. © European Union , 2018 / Photo: Théodore Boermans

This article is brought to you in association with the European Commission.


Today the European Commission publishes its report on the second annual review of the functioning of the EU-U.S. Privacy Shield.

This year’s report shows thatthe U.S. continues to ensure an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. The steps taken by the U.S. authorities to implement the recommendations made by the Commission in last year’s report have improved the functioning of the framework.

However, the Commission does expect the US authorities to nominate a permanent Ombudsperson by 28 February 2019 to replace the one that is currently acting.  The Ombudsperson is an important mechanism that ensures complaints concerning access to personal data by U.S. authorities are addressed.

Andrus Ansip, Commission Vice-President for the Digital Single Market, said: “Today’s review shows that the Privacy Shield is generally a success. More than 3,850 companies have been certified, including companies like Google, Microsoft and IBM – along with many SMEs. This provides an operational ground to continuously improve and strengthen the way the Privacy Shield works. We now expect our American partners to nominate the Ombudsperson on a permanent basis, so we can make sure that our EU-US relations in data protection are fully trustworthy.”

Commissioner for Justice, Consumers and Gender Equality, Věra Jourová,stated: The EU and the U.S. are facing growing common challenges, when it comes to the protection of personal data, as shown by the Facebook / Cambridge Analytica scandal. The Privacy Shield is also a dialogue that in the long term should contribute to convergence of our systems, based on strong horizontal rights and independent, vigorous enforcement. Such convergence would ultimately strengthen the foundation on which the Privacy Shield is based. In the meantime, all elements of the Shield must be working at full speed, including the Ombudsperson.”

Improvements already made include the strengthening by the Department of Commerce of the certification process and of its proactive oversight over the framework. As recommended by the Commission’s first annual review, the Department of Commerce has set up several mechanisms, such as a system of checks (“spot checks”), which randomly selects companies to verify that they comply with the Privacy Shield principles. 100 companies have been checked: 21 had issues that have now been solved. Additional compliance review procedures also include the analysis of Privacy Shield participants’ websites to ensure that links to privacy policies are correct. The Department of Commerce put in place a system to identify false claims which prevents companies from claiming their compliance with the Privacy Shield, when they have not been certified.

The Federal Trade Commission has also demonstrated a more proactive approach to enforcement by monitoring the principles of the Privacy Shield, including by issuing subpoenas to request information from the participating companies.

As regards access to personal data by U.S. public authorities for national security purposes, new members of the Privacy and Civil Liberties Oversight Board (PCLOB) have been appointed which restores the Board’s quorum. The Board’s report on the implementation of Presidential Policy-Directive No. 28 (PPD-28, which provides for privacy protections for non-Americans) has been made publicly available. It confirms that these privacy protections for non-Americans are implemented across the U.S. intelligence community.

The second review took into account relevant developments in the U.S. legal system in the area of privacy. The Department of Commerce launched a consultation on a federal approach to data privacy to which the Commission contributed and the US Federal Trade Commission is reflecting on its current powers in this area. In the context of the Facebook/Cambridge Analytica scandal, the Commission noted the Federal Trade Commission’s confirmation that its investigation of this case is ongoing.

Next steps

The report will be sent to the European Parliament, the Council, the European Data Protection Board and to the U.S. authorities.

The European Commission expects the U.S. government to identify a nominee to fill the Ombudsperson position on a permanent basis by 28 February 2019 at the latest. If this does not take place by that date, the Commission will consider taking appropriate measures, in accordance with the General Data Protection Regulation.

Background

The EU-U.S. Privacy Shield decision was adopted on 12 July 2016 and the Privacy Shield framework became operational on 1 August 2016. It protects the fundamental rights of anyone in the EU whose personal data is transferred to certified companies in the United States for commercial purposes and brings legal clarity for businesses relying on transatlantic data transfers.

The Commission committed to reviewing the arrangement on an annual basis, to assess if it continues to ensure an adequate level of protection for personal data. After the first annual review, which took place in 2017, the Commission made a number of recommendations to further improve the practical functioning of the Privacy Shield.

On 18 October 2018, Commissioner for Justice, Consumers and Gender Equality Věra Jourová, launched with the US Secretary of Commerce Wilbur Ross the discussions for the second review the EU-U.S. Privacy Shield (statement). The findings in this report are based on meetings with representatives of all US government departments in charge of running the Privacy Shield, including the Federal Trade Commission, the Office of the Director of National Intelligence (ODNI), the Department of Justice and the State Department, which took place in Brussels mid-October 2018, a study on automated decision-making commissioned by the Commission as well as on input from a wide range of stakeholders, including feedback from companies and privacy NGOs. Representatives of the EU’s independent data protection authorities also participated in the review.

Advertising

Advertising

Advertising

Advertising

Advertising

Advertising

the European Sting Milestones

Featured Stings

Stopping antimicrobial resistance would cost just USD 2 per person a year

Why Eurozone can afford spending for growth

EU-US ties to break over Iran; Democrats’ electoral win may not change it

EU to spend €6 billion on youth employment and training futile schemes

“Access denied”: the Greek health system under pressure

MWC 2016 LIVE: Ericsson/Cisco partnership on track, insist execs

Does the world have strong enough institutions to handle risks like Trump and Brexit?

Second Facebook-Cambridge Analytica hearing: impact on privacy, voting and trust

Eurozone: Disinflation engulfs the industrial goods sector

How Abu Dhabi found a way to grow vegetables in 40-degree heat

EU prepares a banking union amidst financial ruins

Central Asia bloc has important role in ‘peace, stability and prosperity’ beyond region, says Deputy UN chief

Refugee crisis update: EU seeks now close cooperation with Africa while Schulz is shocked to witness live one single wreck full of immigrants

Cyber defence: MEPs call for better European cooperation

Greece to stay in the euro area but the cost to its people remains elusive

EU Budget: InvestEU Programme to support jobs, growth and innovation in Europe

Trust is at breaking point. It’s time to rebuild it

EntEx Organises 5 Summer Schools for Young Entrepreneurs across Europe in June/July 2014

‘Stop and listen’ to victims of terrorism, UN chief urges in message marking international day

China, forever new adventures

The ECB proposes a swift solution for SMEs’ financing

We need to change the fast fashion model. Here’s how

UN chief commends African Union on adoption of institutional reforms

Long-term EU budget: MEPs lay down funding priorities for post-2020 budget

Sanctions on Russia to be the biggest unity test at this European Council

Unemployment and exclusion brings EU cities to boiling point

UN chief applauds Bangladesh for ‘opening borders’ to Rohingya refugees in need

“What a Wonderful World”: the unsettled relationship between Climate Change and Human Health

Trade Committee advocates lower tariffs in Western Sahara

Why impoverishment and social exclusion grow in the EU; the affluent north also suffers

Civil society organisations disenchanted with “Youth Guarantee”

It’s down to cities to limit global warming to 1.5°C by 2030

Can the Americans alone determine the future of Syria?

Income inequality threatens the socio-political structures in developed countries

Continue ‘their mission’ urges UN chief, as the victims of the Baghdad bombing are remembered, 15 years on

OECD Secretary-General Gurría welcomes announcement of new trade agreement between the US, Mexico and Canada

How to rebuild trust and integrity in South Africa

Telecommunications and Internet: A Jungle with no principles?

European Youth Forum and youngest MEPs call on President Juncker to keep his promise to Europe’s youth

China repels EU allegations of export subsidies

It’s time to ditch our obsession with trade deficits. Here’s why

The European Council takes more measures to stem illegal migration

This is the world’s biggest mental health problem – and you might not have heard of it

The time for cities to get smart is now

Terror attacks strike people ‘from all walks of life, the UN included’

The Parliament accuses core EU countries of exploiting their dominant political position

Access to health in the developped and developing world

Parliament and Council agree drastic cuts to plastic pollution of environment

A young student discusses the determinants of migration in the European Union

Italy’s populist government appears determined to drive EU economy and markets into recession

Banks get trillions and the unemployed ECB’s love…

3 important lessons from 20 years of working with social entrepreneurs

Trade, taxes and other takeaways from Li Keqiang’s speech to the World Economic Forum

Iraq: Security Council told ‘despair’ has ‘given way to hope’ but road to stability ‘long and far from easy’

Two States ‘side-by-side’ is the ‘peaceful and just solution’ for Israel-Palestine conflict: Guterres

Bid to raise $5.5 billion for millions of Syrians and their host communities

Real EU unemployment rate at 10.2%+4.1%+4.7%: Eurostat Update

EP Group leaders on Brexit: “the agreement is not open to renegotiation”

WEF Davos 2016 LIVE: Cameron corroborates that Britain should remain in the EU

There is a forgotten solution to climate change that we must invest in – nature

LED lights could stop turtles and birds from drowning in fishing nets

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s