The Commission’s review finds the Privacy Shield to have several novel elements that address the requirements laid down by the European Court of Justice in the Schrems case. Namely, the Commission reports that “[The Privacy Shield] provides for more regular and rigorous monitoring by the Department of Commerce and significantly strengthens the possibilities for EU individuals to obtain redress.”
On October 18, 2017, the EU Commission released its report and accompanying working document on the first annual review of the EU-U.S. Privacy Shield framework. The report states that the Privacy Shield framework continues to ensure an adequate level of protection for personal data that is transferred from the EU to the U.S. It also indicates that U.S. authorities have put in place the necessary structures and procedures to ensure the proper functioning of the Privacy Shield, including by providing new redress possibilities for EU individuals and instituting appropriate safeguards regarding government access to personal data.
The first joint annual review of the Privacy Shield is underway and the European Commission is preparing its report to be issued later this month. Separately, the EU DPAs are also conducting an assessment on how the arrangement is working.
A key vacancy in the State Department is creating friction between the European Union and United States over a new agreement affecting thousands of U.S. companies that do business in Europe.
Last week, representatives of the European Commission and U.S. Department of Commerce met for the first-annual review of the Privacy Shield framework , which more than 2,500 companies currently use to transfer personal data from the EU to the United States.
Speaking at the 39th International Conference of Privacy Commissioners in Hong Kong on 25 September, Shannon Coe from the US Department of Commerce explained that the US stakeholders had a two-day discussion with the European Commission and eight EU DPAs last week. The Privacy Shield review was an exchange of views and experience on the department’s administration of the programme, and also industry experience.
European Data Protection Supervisor (EDPS) Giovanni Buttarelli on Privacy Shield, General Data Protection Regulation (GDPR), and priorities of EDPS.
EU Justice Commissioner Věra Jourová said she was relieved that US President Trump’s “America first” policy will not shatter the EU-US privacy shield agreement on data transfers, after meeting with Commerce Secretary Wilbur Ross on Monday (18 September) to scrutinise the one-year-old deal.