Manufacturers Welcome U.S.-EU Privacy Shield, Seek Approval in Europe

By February 25, 2016Shopfloor Policy, Trade

On Feb. 2, the United States and European Union announced a political agreement on the new U.S.-EU Privacy Shield, a data transfer arrangement that would replace the longstanding U.S.-EU Safe Harbor framework. Once the new Privacy Shield text is released, companies will be in a position to review the new standards they would be required to follow to ensure they are protecting EU citizens’ personal data in the United States to a degree that is “essentially equivalent” to data protections provided to EU citizens in the European Union.

The new Privacy Shield framework has been welcomed by the NAM, especially by those members that rely on cross-border data flows to operate their businesses on a global scale. However, there remains some uncertainty as the European Union seeks approval of the new arrangement in the coming months:

  • One outstanding question is how long it will take for the new framework to become binding EU law. EU Commissioner Vĕra Jourová estimated in a Feb. 2 press conference that it could take three months for the new Privacy Shield framework to enter into force. Critical to the European Union’s review of the new framework will be opinions issued by the EU Article 29 Working Party (which represents regional data-protection authorities within EU member states) on whether the arrangement would adequately protect EU citizens’ personal data in the United States. The Article 29 Working Party expects to complete its review by the end of March. At some point thereafter, the EU Commission would draft an “adequacy decision,” which would then need to be adopted by the EU Commission and approved by the Article 31 Working Group (representing EU Member states) before it becomes law.
  • A second question is whether other personal data transfer mechanisms, including EU Standard Contractual Clauses and Binding Corporate Rules, will remain viable alternatives after the Article 29 Working Party completes its review. Any gap between the end of March and entry into force of the new framework could be problematic for companies with a U.S. and EU presence which have depended on these alternative arrangements since the Safe Harbor Framework was nullified by the Court of Justice of the European Union (CJEU) in October.
  • A third set of concerns is whether the Privacy Shield framework would be challenged at the CJEU once it becomes EU law, and how long a review by the CJEU would take. Any uncertainty surrounding the legality of the new framework could affect companies’ decisions on how to store data and could add costs to their operations.

Once the Privacy Shield text is released, the NAM will work closely with our members to assess the impact of the new framework and provide input on its implementation and transition mechanisms, while at the same time monitoring the EU approval process.

Ken Monahan

Ken Monahan

Director for International Trade Policy at National Association of Manufacturers
Ken Monahan is the Director for International Trade Policy at the National Association of Manufacturers (NAM), where he works with NAM member companies to develop and advocate the association’s positions and priorities on trade agreement negotiations, ensure enforcement of existing trade agreement commitments, and other issues including the World Trade Organization (WTO), miscellaneous tariff bills, data flows and privacy, conflict minerals, forced localization, and other bilateral country trade matters (e.g., Colombia, South Korea, and the European Union and its member states). Mr. Monahan has on-the-ground experience negotiating trade agreements, having worked at the U.S. Department of Commerce on the WTO Doha Round negotiations, the U.S.-Korea free trade agreement and other international trade matters.
Ken Monahan

Leave a Reply