SlideShare a Scribd company logo

The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

M
Mark Aldrich

This presentation provided an overview of the proposed Privacy Shield to ease the transfer of personal information of EU citizens to the US for processing as a response to the European Court of Justice opinion invalidating its predecessor, the U.S. - EU Safe Harbor. The presentation examined the new standards, procedural requirements and compliance obligations of US companies and the new dispute resolution mechanisms available to EU citizens.

Law
1 of 22
The New Privacy Shield for Trans-Atlantic Data Cyberspace Law Committee Business Law Section State Bar of California Is the Shield Better, Different Or Just New? Mark B. Aldrich© 2016 Aldrich Law Group All Rights Reserved
The New Privacy Shield The History The New Provisions © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield The History © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield – The History • EU Data Protection Directive 94/46/EC - Established in 1998 - Prohibits Transfer of Personal Information Without Meeting EU “Adequacy” Standard © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield – The History - October 6, 2015 – ECJ Opinion - Article 29 Working Party Grace Period to Feb. 1, 2016 • The Schrems Case - German Data Protection Authority Protectionism © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield An Overview © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: An Overview • Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved • Safeguards against Intelligence Agencies • Dispute Resolution • Enforcement Authorities • Compliance and Reporting Obligations
Privacy Shield Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties • Transfers to Agents - Safe Harbor Required Notice and Choice Prior to Disclosure - Additional Notice Not Required if Agent to Perform Tasks - Recipient Required to Comply with Safe Harbor in Written Agreement © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties - Privacy Shield Imposes New Requirements: - Purpose Limitation - Compliance with Shield Privacy Standards - Stopping and Remediating Unauthorized Processing - Must Provide Summary or a Representative Copy of Privacy Provisions of Its Contract With the Agent to Dept. of Commerce “Upon Request” - Transferring Company Remains Liable • Transfers to Agents © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties • Transfers to Affiliates - Lessened Restrictions Where Recipient is Within a “Controlled Group of Corporations or Entities.” - Can Use BCR’s and Intra-Group Policies - Transferring Company Remains Liable © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Safeguards Against Intelligence Activities © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Safeguards Against Intelligence Activities • February, 2016 EU Declaration - U.S. Government Assurances Given - Access to EU Citizen Data Subject to “Clear Limitations, Safeguards and Oversight Mechanisms” - Ombudsman in Dept. of State to be Created to review and Investigate Claims - No Independent Investigative or Enforcement Powers - Applies to BCR’s and SCC’s © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Dispute Resolution © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Direct Complaints to Company - Independent Recourse Mechanism - Can Be Private ADR or a Panel of EU DPA’s - Private ADR Must: - Respond Promptly to Inquiries and Info. Requests from Dept. of Commerce; - Issue Annual Reports With Aggregate Stats - Panel Empowered to Hear Unresolved Private Disputes © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - DPA Panel - Parties Able to Provide Evidence Prior to Decision - DPA Will ‘Try’ to Issue ‘Advice’ Within 60 Days - Organizations Must Comply Within25 Days - If No Compliance, Panel Refers Matter to FTC for Enforcement and Inform Dept. of Commerce for Revocation of Compliance Cert. © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Binding Arbitration by Privacy Shield Panel - Must Exhaust Other Avenues First - No Damage Award, Only Equitable Remedies - Decisions Within 90 Days - Damage Recover Allowed by Later Court Action - Judicial Review Permitted under US Federal Arb. Act © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Enforcement Authorities © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Enforcement Authorities • Department of Commerce • Federal Trade Commission • Organizations with Statutory Authority – Dept. of Transportation • European Data Protection Authorities • Private Sector Independent Recourse Mechanisms and Self-Regulating Bodies © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Compliance Obligations © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Compliance Obligations • Recertification on Annual Basis • Record Retention Re: Implementation of Privacy Program – Must Provide to Regulators Upon Request • Data Must be Protected After Leaving Privacy Shield Program – Same as Safe Harbor – Adds Annual Reporting Requirement to Dept. of Commerce So Long As information Retained – Alternatively, Return or Delete Info or Provide ‘Adequate’ Protection by Other Means (SCC’s, BCR’s) © 2016 Aldrich Law Group All Rights Reserved
The New Privacy Shield for Trans-Atlantic Data: Is the Shield Better, Different or Just New? Mark B. Aldrich maldrich@algapc.com © 2016 Aldrich Law Group All Rights Reserved

Recommended

D 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateD 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateObger Mercier , MBA
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in MaltaBridgeWest.eu
 
Hackproof-Healthcare Supports
Hackproof-Healthcare Supports Hackproof-Healthcare Supports
Hackproof-Healthcare Supports hackproof12
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines Skyhigh Networks
 
Cayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupCayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupBell Rock Group
 
How to comply with Privacy Shield
How to comply with Privacy ShieldHow to comply with Privacy Shield
How to comply with Privacy Shieldtermsfeed
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?Winston & Strawn LLP
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementGACC_Midwest
 

Recommended

D 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateD 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateObger Mercier , MBA
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in MaltaBridgeWest.eu
 
Hackproof-Healthcare Supports
Hackproof-Healthcare Supports Hackproof-Healthcare Supports
Hackproof-Healthcare Supports hackproof12
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines Skyhigh Networks
 
Cayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupCayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupBell Rock Group
 
How to comply with Privacy Shield
How to comply with Privacy ShieldHow to comply with Privacy Shield
How to comply with Privacy Shieldtermsfeed
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?Winston & Strawn LLP
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementGACC_Midwest
 
DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeTealium
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...TrustArc
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataSchellman & Company
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshareFreddy Ntwari
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr finalBrian Matteson, CISSP CISA
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to KnowTrustArc
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Sutherland
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborGayle Gorvett
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeTrustArc
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?TAG Alliances
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds Sutherland
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideSharefpottfb
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideSharevgfnrtwr
 
六合彩
六合彩六合彩
六合彩fawymar
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...MSL
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa businessiipmff2
 
Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfPoojaGadiya1
 
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 

More Related Content

Similar to The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeTealium
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...TrustArc
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataSchellman & Company
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshareFreddy Ntwari
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to KnowTrustArc
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Sutherland
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborGayle Gorvett
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeTrustArc
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?TAG Alliances
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds Sutherland
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideSharefpottfb
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideSharevgfnrtwr
 
六合彩
六合彩六合彩
六合彩fawymar
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...MSL
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa businessiipmff2
 

Similar to The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New? (20)

DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal Landscape
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU Data
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshare
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments Webinar
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe Harbor
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection Regulation
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border Data
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShare
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare
 
六合彩
六合彩六合彩
六合彩
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa business
 

Recently uploaded

Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfPoojaGadiya1
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxRRR Chambers
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxca2or2tx
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...Finlaw Associates
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsAurora Consulting
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...James Watkins, III JD CFP®
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptzainabbkhaleeq123
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdflaysamaeguardiano
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubham Wadhonkar
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhaiShashankKumar441258
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书E LSS
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书SS A
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptxPamelaAbegailMonsant2
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxRRR Chambers
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm2020000445musaib
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfKelechi48
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxPSSPRO12
 

Recently uploaded (20)

Appeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdfAppeal and Revision in Income Tax Act.pdf
Appeal and Revision in Income Tax Act.pdf
 
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 6 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptx
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
 
CAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction FailsCAFC Chronicles: Costly Tales of Claim Construction Fails
CAFC Chronicles: Costly Tales of Claim Construction Fails
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
 
Chp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .pptChp 1- Contract and its kinds-business law .ppt
Chp 1- Contract and its kinds-business law .ppt
 
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdfBPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
BPA GROUP 7 - DARIO VS. MISON REPORTING.pdf
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
 
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
8. SECURITY GUARD CREED, CODE OF CONDUCT, COPE.pptx
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptxpnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
pnp FIRST-RESPONDER-IN-CRIME-SCENEs.pptx
 

The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

  • 1. The New Privacy Shield for Trans-Atlantic Data Cyberspace Law Committee Business Law Section State Bar of California Is the Shield Better, Different Or Just New? Mark B. Aldrich© 2016 Aldrich Law Group All Rights Reserved
  • 2. The New Privacy Shield The History The New Provisions © 2016 Aldrich Law Group All Rights Reserved
  • 3. Privacy Shield The History © 2016 Aldrich Law Group All Rights Reserved
  • 4. Privacy Shield – The History • EU Data Protection Directive 94/46/EC - Established in 1998 - Prohibits Transfer of Personal Information Without Meeting EU “Adequacy” Standard © 2016 Aldrich Law Group All Rights Reserved
  • 5. Privacy Shield – The History - October 6, 2015 – ECJ Opinion - Article 29 Working Party Grace Period to Feb. 1, 2016 • The Schrems Case - German Data Protection Authority Protectionism © 2016 Aldrich Law Group All Rights Reserved
  • 6. Privacy Shield An Overview © 2016 Aldrich Law Group All Rights Reserved
  • 7. Privacy Shield: An Overview • Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved • Safeguards against Intelligence Agencies • Dispute Resolution • Enforcement Authorities • Compliance and Reporting Obligations
  • 8. Privacy Shield Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved
  • 9. Privacy Shield: Transfers to Third Parties • Transfers to Agents - Safe Harbor Required Notice and Choice Prior to Disclosure - Additional Notice Not Required if Agent to Perform Tasks - Recipient Required to Comply with Safe Harbor in Written Agreement © 2016 Aldrich Law Group All Rights Reserved
  • 10. Privacy Shield: Transfers to Third Parties - Privacy Shield Imposes New Requirements: - Purpose Limitation - Compliance with Shield Privacy Standards - Stopping and Remediating Unauthorized Processing - Must Provide Summary or a Representative Copy of Privacy Provisions of Its Contract With the Agent to Dept. of Commerce “Upon Request” - Transferring Company Remains Liable • Transfers to Agents © 2016 Aldrich Law Group All Rights Reserved
  • 11. Privacy Shield: Transfers to Third Parties • Transfers to Affiliates - Lessened Restrictions Where Recipient is Within a “Controlled Group of Corporations or Entities.” - Can Use BCR’s and Intra-Group Policies - Transferring Company Remains Liable © 2016 Aldrich Law Group All Rights Reserved
  • 12. Privacy Shield Safeguards Against Intelligence Activities © 2016 Aldrich Law Group All Rights Reserved
  • 13. Privacy Shield: Safeguards Against Intelligence Activities • February, 2016 EU Declaration - U.S. Government Assurances Given - Access to EU Citizen Data Subject to “Clear Limitations, Safeguards and Oversight Mechanisms” - Ombudsman in Dept. of State to be Created to review and Investigate Claims - No Independent Investigative or Enforcement Powers - Applies to BCR’s and SCC’s © 2016 Aldrich Law Group All Rights Reserved
  • 14. Privacy Shield Dispute Resolution © 2016 Aldrich Law Group All Rights Reserved
  • 15. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Direct Complaints to Company - Independent Recourse Mechanism - Can Be Private ADR or a Panel of EU DPA’s - Private ADR Must: - Respond Promptly to Inquiries and Info. Requests from Dept. of Commerce; - Issue Annual Reports With Aggregate Stats - Panel Empowered to Hear Unresolved Private Disputes © 2016 Aldrich Law Group All Rights Reserved
  • 16. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - DPA Panel - Parties Able to Provide Evidence Prior to Decision - DPA Will ‘Try’ to Issue ‘Advice’ Within 60 Days - Organizations Must Comply Within25 Days - If No Compliance, Panel Refers Matter to FTC for Enforcement and Inform Dept. of Commerce for Revocation of Compliance Cert. © 2016 Aldrich Law Group All Rights Reserved
  • 17. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Binding Arbitration by Privacy Shield Panel - Must Exhaust Other Avenues First - No Damage Award, Only Equitable Remedies - Decisions Within 90 Days - Damage Recover Allowed by Later Court Action - Judicial Review Permitted under US Federal Arb. Act © 2016 Aldrich Law Group All Rights Reserved
  • 18. Privacy Shield Enforcement Authorities © 2016 Aldrich Law Group All Rights Reserved
  • 19. Privacy Shield: Enforcement Authorities • Department of Commerce • Federal Trade Commission • Organizations with Statutory Authority – Dept. of Transportation • European Data Protection Authorities • Private Sector Independent Recourse Mechanisms and Self-Regulating Bodies © 2016 Aldrich Law Group All Rights Reserved
  • 20. Privacy Shield Compliance Obligations © 2016 Aldrich Law Group All Rights Reserved
  • 21. Privacy Shield: Compliance Obligations • Recertification on Annual Basis • Record Retention Re: Implementation of Privacy Program – Must Provide to Regulators Upon Request • Data Must be Protected After Leaving Privacy Shield Program – Same as Safe Harbor – Adds Annual Reporting Requirement to Dept. of Commerce So Long As information Retained – Alternatively, Return or Delete Info or Provide ‘Adequate’ Protection by Other Means (SCC’s, BCR’s) © 2016 Aldrich Law Group All Rights Reserved
  • 22. The New Privacy Shield for Trans-Atlantic Data: Is the Shield Better, Different or Just New? Mark B. Aldrich maldrich@algapc.com © 2016 Aldrich Law Group All Rights Reserved