About

Advisory

EU-US Privacy Shield to Replace US-EU Safe Harbor

On February 29, 2016, the European Commission and the US Department of Commerce released details of the new arrangement for EU-US data flows, to be called the “EU-US Privacy Shield Framework,” which will replace the US-EU Safe Harbor Framework following its ratification in the EU.

A copy of the full text is available for download here.  The Commerce Department’s fact sheet on EU-US Privacy Shield requirements may be downloaded here.

BBB will offer its compliance assistance and independent dispute resolution services to companies self-certifying to the Privacy Shield Framework as soon as the program becomes available.

During this transition, the US Department of Commerce  is continuing to administer the Safe Harbor program, processing self-certifications to the Safe Harbor Frameworks. BBB will likewise continue to accept applications and renewals for its independent dispute resolution program for companies self-certifying to the Safe Harbor Frameworks. 

 

What is the Safe Harbor framework? The European Data Privacy Directive prohibits the transfer of personal data from EU member states to destinations, including the US, that do not meet the European “adequacy” standard for privacy protection. The US Department of Commerce has developed “Safe Harbor” frameworks with the European Commission and the Swiss Data Protection authorities, to bridge the different privacy approaches between the US and Europe.
What does this mean for businesses? The Safe Harbor enables US businesses to receive and process personal data from the EU countries and Switzerland if they self-certify their adherence to the protections set out in seven Safe Harbor Privacy Principles. Certifying to the Safe Harbor will ensure that European organizations and consumers know your business provides "adequate" privacy protection.
What is BBB EU Safe Harbor? US businesses participating in the Safe Harbor are required to provide an independent dispute resolution option to residents of the EU and Switzerland whose personal data they collect. We created BBB EU Safe Harbor to help businesses meet this requirement and continue to conduct business in Europe.

Where can I learn more? Visit the Department of Commerce "Safe Harbor" Web site for additional information about self-certifying to the Safe Harbor.