Safe Harbour replaced with EU-US Privacy Shield

The new agreement may take effect from July if both parties agree on its directions

US Capitol Building

The EU-US Privacy Shield, arranged to replace Safe Harbour, may come into effect from July, the EU and US have agreed.

The EU-US Privacy Shield has been tweaked slightly from its original specification to include a promise from the White House regarding the treatment of data.

It states that bulk collection of data sent from the EU to the US can only happen if conditions have been agreed prior to the transfer and it must be "as targeted and focused" as possible.

Advertisement - Article continues below

Other new clauses integrated into the agreement include that companies have to delete data that no longer serves the purpose for which it was originally collected. Additionally, the ombudsman that oversees the agreement will be independent from national security services to make it as fair and transparent as possible.

The US will create the ombudsman that deals with complaints from EU citizens about Americans misusing or spying on their data.

A spokesman for the European Commission said: "This new framework for transatlantic data flows protects the fundamental rights of Europeans and ensures legal certainty for businesses."

Other existing key points of the EU-US Privacy Shield include promises that the US Office of the Director of National Intelligence will give written commitment that data collected from EU citizens will not be used in mass surveillance exercises and an annual review will be performed by both the EU and US to ensure the system is running correctly.

Advertisement
Advertisement - Article continues below

However, now the UK has voted to leave the EU, this means the UK would need to independently negotiate a similar law in line with the EU's regulations that protects the data of businesses should they choose to trade with the UK and vice versa.

Advertisement

Recommended

Visit/policy-legislation/data-protection/355184/supreme-court-finds-morrisons-was-not-liable-for-2014
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020
Visit/security/privacy/355048/government-may-trace-covid-19-patients-using-mobile-phone-data
privacy

UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354842/irish-data-regulator-racks-up
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020
Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/security/cyber-crime/355171/fbi-warns-of-zoom-bombing-hackers-amidst-coronavirus-usage-spike
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020