MEPs Say EU-U.S. Privacy Shield Could Face Suspension if U.S. Does Not Fully Comply by September 1

Written By ESR News Blog Editor Thomas Ahearn

On July 5, 2018, Members of European Parliament (MEPs), elected politicians of the European Union (EU), voted to adopt a resolution on the adequacy of the protection afforded by the EU-U.S. Privacy Shield that called for the suspension of the framework for transatlantic exchanges of personal data between the EU and the United States (U.S.) if the U.S. is not fully compliant by September 1, 2018.

The resolution stated that the EU-U.S. Privacy Shield – which replaced the “Safe Harbor” data transfer agreement invalidated by a European Court of Justice ruling in 2015 – “does not provide the adequate level of protection” and asked the European Commission to suspend the Privacy Shield if the U.S  does not fully comply in accordance with Article 45(5) of the General Data Protection Regulation (GDPR).

According to a press release from the European Parliament, MEPs passed the resolution by 303 votes to 223 with 29 abstentions, adding that the EU-U.S. Privacy Shield should remain suspended until the U.S. authorities comply with its terms in full. MEPs emphasized the need for better monitoring following the Facebook-Cambridge Analytica data breach since both companies are certified under the Privacy Shield.

“This resolution makes clear that the Privacy Shield in its current form does not provide the adequate level of protection required by EU data protection law and the EU Charter. Progress has been made to improve on the Safe Harbor agreement but this is insufficient to ensure the legal certainty required for the transfer of personal data,” Civil Liberties Committee Chair Claude Moraes stated in the press release.

Launched on August 1, 2016, the EU-U.S. Privacy Shield is an agreement that allows U.S. companies to transfer personal data from the EU to the U.S. and it replaced the U.S.-EU Safe Harbor Framework that was declared invalid on the grounds that the agreement was not strict enough on data protection for EU citizens. As of July 2018, over 3,300 organizations participate in the EU-U.S. Privacy Shield program.

The 28 member countries of the EU – an economic-political partnership between European countries – include (in alphabetical order) Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.

ESR Self-Certifies Adherence to the Privacy Shield Framework

Employment Screening Resources® (ESR) – a leading global background check firm – offers international background screening solutions that help U.S. companies comply with laws around the world and has incorporated GDPR-compliant technology. ESR has also self-certified its adherence to the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework. To learn more, visit www.esrcheck.com.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2018 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.