SlideShare a Scribd company logo

The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

M
Mark Aldrich

This presentation provided an overview of the proposed Privacy Shield to ease the transfer of personal information of EU citizens to the US for processing as a response to the European Court of Justice opinion invalidating its predecessor, the U.S. - EU Safe Harbor. The presentation examined the new standards, procedural requirements and compliance obligations of US companies and the new dispute resolution mechanisms available to EU citizens.

Law
1 of 22
The New Privacy Shield for Trans-Atlantic Data Cyberspace Law Committee Business Law Section State Bar of California Is the Shield Better, Different Or Just New? Mark B. Aldrich© 2016 Aldrich Law Group All Rights Reserved
The New Privacy Shield The History The New Provisions © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield The History © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield – The History • EU Data Protection Directive 94/46/EC - Established in 1998 - Prohibits Transfer of Personal Information Without Meeting EU “Adequacy” Standard © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield – The History - October 6, 2015 – ECJ Opinion - Article 29 Working Party Grace Period to Feb. 1, 2016 • The Schrems Case - German Data Protection Authority Protectionism © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield An Overview © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: An Overview • Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved • Safeguards against Intelligence Agencies • Dispute Resolution • Enforcement Authorities • Compliance and Reporting Obligations
Privacy Shield Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties • Transfers to Agents - Safe Harbor Required Notice and Choice Prior to Disclosure - Additional Notice Not Required if Agent to Perform Tasks - Recipient Required to Comply with Safe Harbor in Written Agreement © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties - Privacy Shield Imposes New Requirements: - Purpose Limitation - Compliance with Shield Privacy Standards - Stopping and Remediating Unauthorized Processing - Must Provide Summary or a Representative Copy of Privacy Provisions of Its Contract With the Agent to Dept. of Commerce “Upon Request” - Transferring Company Remains Liable • Transfers to Agents © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Transfers to Third Parties • Transfers to Affiliates - Lessened Restrictions Where Recipient is Within a “Controlled Group of Corporations or Entities.” - Can Use BCR’s and Intra-Group Policies - Transferring Company Remains Liable © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Safeguards Against Intelligence Activities © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Safeguards Against Intelligence Activities • February, 2016 EU Declaration - U.S. Government Assurances Given - Access to EU Citizen Data Subject to “Clear Limitations, Safeguards and Oversight Mechanisms” - Ombudsman in Dept. of State to be Created to review and Investigate Claims - No Independent Investigative or Enforcement Powers - Applies to BCR’s and SCC’s © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Dispute Resolution © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Direct Complaints to Company - Independent Recourse Mechanism - Can Be Private ADR or a Panel of EU DPA’s - Private ADR Must: - Respond Promptly to Inquiries and Info. Requests from Dept. of Commerce; - Issue Annual Reports With Aggregate Stats - Panel Empowered to Hear Unresolved Private Disputes © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - DPA Panel - Parties Able to Provide Evidence Prior to Decision - DPA Will ‘Try’ to Issue ‘Advice’ Within 60 Days - Organizations Must Comply Within25 Days - If No Compliance, Panel Refers Matter to FTC for Enforcement and Inform Dept. of Commerce for Revocation of Compliance Cert. © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Binding Arbitration by Privacy Shield Panel - Must Exhaust Other Avenues First - No Damage Award, Only Equitable Remedies - Decisions Within 90 Days - Damage Recover Allowed by Later Court Action - Judicial Review Permitted under US Federal Arb. Act © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Enforcement Authorities © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Enforcement Authorities • Department of Commerce • Federal Trade Commission • Organizations with Statutory Authority – Dept. of Transportation • European Data Protection Authorities • Private Sector Independent Recourse Mechanisms and Self-Regulating Bodies © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield Compliance Obligations © 2016 Aldrich Law Group All Rights Reserved
Privacy Shield: Compliance Obligations • Recertification on Annual Basis • Record Retention Re: Implementation of Privacy Program – Must Provide to Regulators Upon Request • Data Must be Protected After Leaving Privacy Shield Program – Same as Safe Harbor – Adds Annual Reporting Requirement to Dept. of Commerce So Long As information Retained – Alternatively, Return or Delete Info or Provide ‘Adequate’ Protection by Other Means (SCC’s, BCR’s) © 2016 Aldrich Law Group All Rights Reserved
The New Privacy Shield for Trans-Atlantic Data: Is the Shield Better, Different or Just New? Mark B. Aldrich maldrich@algapc.com © 2016 Aldrich Law Group All Rights Reserved

Recommended

D 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateD 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associate
Obger Mercier , MBA
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in Malta
BridgeWest.eu
 
Hackproof-Healthcare Supports
Hackproof-Healthcare Supports Hackproof-Healthcare Supports
Hackproof-Healthcare Supports
hackproof12
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines
Skyhigh Networks
 
Cayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupCayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock Group
Bell Rock Group
 
How to comply with Privacy Shield
How to comply with Privacy ShieldHow to comply with Privacy Shield
How to comply with Privacy Shield
termsfeed
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?
Winston & Strawn LLP
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor Replacement
GACC_Midwest
 

Recommended

D 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associateD 0372-00069035 00001 independent associate
D 0372-00069035 00001 independent associate
Obger Mercier , MBA
 
GDPR Regulations in Malta
GDPR Regulations in MaltaGDPR Regulations in Malta
GDPR Regulations in Malta
BridgeWest.eu
 
Hackproof-Healthcare Supports
Hackproof-Healthcare Supports Hackproof-Healthcare Supports
Hackproof-Healthcare Supports
hackproof12
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines
Skyhigh Networks
 
Cayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock GroupCayman Islands Data Protection Law - Bell Rock Group
Cayman Islands Data Protection Law - Bell Rock Group
Bell Rock Group
 
How to comply with Privacy Shield
How to comply with Privacy ShieldHow to comply with Privacy Shield
How to comply with Privacy Shield
termsfeed
 
EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?EU-U.S. Privacy Shield: Should You Sign Up?
EU-U.S. Privacy Shield: Should You Sign Up?
Winston & Strawn LLP
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor Replacement
GACC_Midwest
 
DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal Landscape
Tealium
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
TrustArc
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU Data
Schellman & Company
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshare
Freddy Ntwari
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
Brian Matteson, CISSP CISA
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know
TrustArc
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
Parsons Behle & Latimer
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments Webinar
Eversheds Sutherland
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe Harbor
Gayle Gorvett
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection Regulation
Ghostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
TrustArc
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
IT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
TAG Alliances
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds Sutherland
 
六合彩
六合彩六合彩
六合彩
fawymar
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShare
fpottfb
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare
vgfnrtwr
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
MSL
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa businessiipmff2
 
Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...
Finlaw Consultancy Pvt Ltd
 
How to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the NetherlandsHow to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the Netherlands
BridgeWest.eu
 

More Related Content

Similar to The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal Landscape
Tealium
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
TrustArc
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU Data
Schellman & Company
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshare
Freddy Ntwari
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
Brian Matteson, CISSP CISA
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know
TrustArc
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
Parsons Behle & Latimer
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments Webinar
Eversheds Sutherland
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe Harbor
Gayle Gorvett
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection Regulation
Ghostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
TrustArc
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
IT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
TAG Alliances
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds Sutherland
 
六合彩
六合彩六合彩
六合彩
fawymar
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShare
fpottfb
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare
vgfnrtwr
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
MSL
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa businessiipmff2
 

Similar to The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New? (20)

DV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal LandscapeDV 2016: Making Sense of the Current Legal Landscape
DV 2016: Making Sense of the Current Legal Landscape
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
 
Privacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU DataPrivacy shield: What You Need To Know About Storing EU Data
Privacy shield: What You Need To Know About Storing EU Data
 
Privacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slidesharePrivacy shield what you need to know about storing eu data slideshare
Privacy shield what you need to know about storing eu data slideshare
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
 
Eversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments WebinarEversheds Safe Harbor Developments Webinar
Eversheds Safe Harbor Developments Webinar
 
Data Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe HarborData Privacy vs. National Security post Safe Harbor
Data Privacy vs. National Security post Safe Harbor
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection Regulation
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border Data
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
 
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
Eversheds 'Spotlight on the Cloud' - headline results presentation and key sp...
 
六合彩
六合彩六合彩
六合彩
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShare
 
六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare六合彩-香港六合彩 » SlideShare
六合彩-香港六合彩 » SlideShare
 
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
Transatlantic Personal Data Processing: Complying with the new EU-US Privacy ...
 
Chapter 05 claims & internationa business
Chapter 05 claims & internationa businessChapter 05 claims & internationa business
Chapter 05 claims & internationa business
 

Recently uploaded

Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...
Finlaw Consultancy Pvt Ltd
 
How to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the NetherlandsHow to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the Netherlands
BridgeWest.eu
 
Rokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal OpinionRokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal Opinion
Abdul-Hakim Shabazz
 
Introducing New Government Regulation on Toll Road.pdf
Introducing New Government Regulation on Toll Road.pdfIntroducing New Government Regulation on Toll Road.pdf
Introducing New Government Regulation on Toll Road.pdf
AHRP Law Firm
 
Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....
Knowyourright
 
ASHWINI KUMAR UPADHYAY v/s Union of India.pptx
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxASHWINI KUMAR UPADHYAY v/s Union of India.pptx
ASHWINI KUMAR UPADHYAY v/s Union of India.pptx
shweeta209
 
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
9ib5wiwt
 
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
Dr. Oliver Massmann
 
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselMilitary Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Thomas (Tom) Jasper
 
Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)
Wendy Couture
 
Agrarian Reform Policies in the Philippines: a quiz
Agrarian Reform Policies in the Philippines: a quizAgrarian Reform Policies in the Philippines: a quiz
Agrarian Reform Policies in the Philippines: a quiz
gaelcabigunda
 
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptxEMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
MwaiMapemba
 
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxNATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
anvithaav
 
Notes-on-Prescription-Obligations-and-Contracts.doc
Notes-on-Prescription-Obligations-and-Contracts.docNotes-on-Prescription-Obligations-and-Contracts.doc
Notes-on-Prescription-Obligations-and-Contracts.doc
BRELGOSIMAT
 
WINDING UP of COMPANY, Modes of Dissolution
WINDING UP of COMPANY, Modes of DissolutionWINDING UP of COMPANY, Modes of Dissolution
WINDING UP of COMPANY, Modes of Dissolution
KHURRAMWALI
 
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
9ib5wiwt
 
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
9ib5wiwt
 
Law Commission Report. Commercial Court Act.
Law Commission Report. Commercial Court Act.Law Commission Report. Commercial Court Act.
Law Commission Report. Commercial Court Act.
Purushottam Jha
 
Debt Mapping Camp bebas riba to know how much our debt
Debt Mapping Camp bebas riba to know how much our debtDebt Mapping Camp bebas riba to know how much our debt
Debt Mapping Camp bebas riba to know how much our debt
ssuser0576e4
 
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxRIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
OmGod1
 

Recently uploaded (20)

Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...Responsibilities of the office bearers while registering multi-state cooperat...
Responsibilities of the office bearers while registering multi-state cooperat...
 
How to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the NetherlandsHow to Obtain Permanent Residency in the Netherlands
How to Obtain Permanent Residency in the Netherlands
 
Rokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal OpinionRokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal Opinion
 
Introducing New Government Regulation on Toll Road.pdf
Introducing New Government Regulation on Toll Road.pdfIntroducing New Government Regulation on Toll Road.pdf
Introducing New Government Regulation on Toll Road.pdf
 
Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....
 
ASHWINI KUMAR UPADHYAY v/s Union of India.pptx
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxASHWINI KUMAR UPADHYAY v/s Union of India.pptx
ASHWINI KUMAR UPADHYAY v/s Union of India.pptx
 
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
 
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
VIETNAM - DIRECT POWER PURCHASE AGREEMENTS (DPPA) - Latest development - What...
 
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselMilitary Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
 
Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)
 
Agrarian Reform Policies in the Philippines: a quiz
Agrarian Reform Policies in the Philippines: a quizAgrarian Reform Policies in the Philippines: a quiz
Agrarian Reform Policies in the Philippines: a quiz
 
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptxEMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
EMPLOYMENT LAW AN OVERVIEW in Malawi.pptx
 
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxNATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
 
Notes-on-Prescription-Obligations-and-Contracts.doc
Notes-on-Prescription-Obligations-and-Contracts.docNotes-on-Prescription-Obligations-and-Contracts.doc
Notes-on-Prescription-Obligations-and-Contracts.doc
 
WINDING UP of COMPANY, Modes of Dissolution
WINDING UP of COMPANY, Modes of DissolutionWINDING UP of COMPANY, Modes of Dissolution
WINDING UP of COMPANY, Modes of Dissolution
 
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
原版仿制(aut毕业证书)新西兰奥克兰理工大学毕业证文凭毕业证雅思成绩单原版一模一样
 
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
 
Law Commission Report. Commercial Court Act.
Law Commission Report. Commercial Court Act.Law Commission Report. Commercial Court Act.
Law Commission Report. Commercial Court Act.
 
Debt Mapping Camp bebas riba to know how much our debt
Debt Mapping Camp bebas riba to know how much our debtDebt Mapping Camp bebas riba to know how much our debt
Debt Mapping Camp bebas riba to know how much our debt
 
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxRIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptx
 

The New Privacy Shield for Trans-Atlantic Data - Is the Shield Better, Different or Just New?

  • 1. The New Privacy Shield for Trans-Atlantic Data Cyberspace Law Committee Business Law Section State Bar of California Is the Shield Better, Different Or Just New? Mark B. Aldrich© 2016 Aldrich Law Group All Rights Reserved
  • 2. The New Privacy Shield The History The New Provisions © 2016 Aldrich Law Group All Rights Reserved
  • 3. Privacy Shield The History © 2016 Aldrich Law Group All Rights Reserved
  • 4. Privacy Shield – The History • EU Data Protection Directive 94/46/EC - Established in 1998 - Prohibits Transfer of Personal Information Without Meeting EU “Adequacy” Standard © 2016 Aldrich Law Group All Rights Reserved
  • 5. Privacy Shield – The History - October 6, 2015 – ECJ Opinion - Article 29 Working Party Grace Period to Feb. 1, 2016 • The Schrems Case - German Data Protection Authority Protectionism © 2016 Aldrich Law Group All Rights Reserved
  • 6. Privacy Shield An Overview © 2016 Aldrich Law Group All Rights Reserved
  • 7. Privacy Shield: An Overview • Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved • Safeguards against Intelligence Agencies • Dispute Resolution • Enforcement Authorities • Compliance and Reporting Obligations
  • 8. Privacy Shield Transfers to Third Parties © 2016 Aldrich Law Group All Rights Reserved
  • 9. Privacy Shield: Transfers to Third Parties • Transfers to Agents - Safe Harbor Required Notice and Choice Prior to Disclosure - Additional Notice Not Required if Agent to Perform Tasks - Recipient Required to Comply with Safe Harbor in Written Agreement © 2016 Aldrich Law Group All Rights Reserved
  • 10. Privacy Shield: Transfers to Third Parties - Privacy Shield Imposes New Requirements: - Purpose Limitation - Compliance with Shield Privacy Standards - Stopping and Remediating Unauthorized Processing - Must Provide Summary or a Representative Copy of Privacy Provisions of Its Contract With the Agent to Dept. of Commerce “Upon Request” - Transferring Company Remains Liable • Transfers to Agents © 2016 Aldrich Law Group All Rights Reserved
  • 11. Privacy Shield: Transfers to Third Parties • Transfers to Affiliates - Lessened Restrictions Where Recipient is Within a “Controlled Group of Corporations or Entities.” - Can Use BCR’s and Intra-Group Policies - Transferring Company Remains Liable © 2016 Aldrich Law Group All Rights Reserved
  • 12. Privacy Shield Safeguards Against Intelligence Activities © 2016 Aldrich Law Group All Rights Reserved
  • 13. Privacy Shield: Safeguards Against Intelligence Activities • February, 2016 EU Declaration - U.S. Government Assurances Given - Access to EU Citizen Data Subject to “Clear Limitations, Safeguards and Oversight Mechanisms” - Ombudsman in Dept. of State to be Created to review and Investigate Claims - No Independent Investigative or Enforcement Powers - Applies to BCR’s and SCC’s © 2016 Aldrich Law Group All Rights Reserved
  • 14. Privacy Shield Dispute Resolution © 2016 Aldrich Law Group All Rights Reserved
  • 15. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Direct Complaints to Company - Independent Recourse Mechanism - Can Be Private ADR or a Panel of EU DPA’s - Private ADR Must: - Respond Promptly to Inquiries and Info. Requests from Dept. of Commerce; - Issue Annual Reports With Aggregate Stats - Panel Empowered to Hear Unresolved Private Disputes © 2016 Aldrich Law Group All Rights Reserved
  • 16. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - DPA Panel - Parties Able to Provide Evidence Prior to Decision - DPA Will ‘Try’ to Issue ‘Advice’ Within 60 Days - Organizations Must Comply Within25 Days - If No Compliance, Panel Refers Matter to FTC for Enforcement and Inform Dept. of Commerce for Revocation of Compliance Cert. © 2016 Aldrich Law Group All Rights Reserved
  • 17. Privacy Shield: Dispute Resolution • Multiple Avenues for EU Citizens - Binding Arbitration by Privacy Shield Panel - Must Exhaust Other Avenues First - No Damage Award, Only Equitable Remedies - Decisions Within 90 Days - Damage Recover Allowed by Later Court Action - Judicial Review Permitted under US Federal Arb. Act © 2016 Aldrich Law Group All Rights Reserved
  • 18. Privacy Shield Enforcement Authorities © 2016 Aldrich Law Group All Rights Reserved
  • 19. Privacy Shield: Enforcement Authorities • Department of Commerce • Federal Trade Commission • Organizations with Statutory Authority – Dept. of Transportation • European Data Protection Authorities • Private Sector Independent Recourse Mechanisms and Self-Regulating Bodies © 2016 Aldrich Law Group All Rights Reserved
  • 20. Privacy Shield Compliance Obligations © 2016 Aldrich Law Group All Rights Reserved
  • 21. Privacy Shield: Compliance Obligations • Recertification on Annual Basis • Record Retention Re: Implementation of Privacy Program – Must Provide to Regulators Upon Request • Data Must be Protected After Leaving Privacy Shield Program – Same as Safe Harbor – Adds Annual Reporting Requirement to Dept. of Commerce So Long As information Retained – Alternatively, Return or Delete Info or Provide ‘Adequate’ Protection by Other Means (SCC’s, BCR’s) © 2016 Aldrich Law Group All Rights Reserved
  • 22. The New Privacy Shield for Trans-Atlantic Data: Is the Shield Better, Different or Just New? Mark B. Aldrich maldrich@algapc.com © 2016 Aldrich Law Group All Rights Reserved