In case you missed it, Ken Dort at Drinker Biddle held a discussion covering high points of the EU/US Privacy Shield. Talking points covered:
1. Application Overview
2. Certification Issues
3. Privacy Shield Principles and Supplemental Principles
4. Implementation Timelines (Expected)
5. Best Practices Going Forward Pending Implementation
The draft EU-U.S. Privacy Shield “adequacy decision” includes the Privacy Shield Principles companies must follow. Suggested Best Practices for compliance with EU-U.S. Privacy Shield Principles include: evaluating disclosures about data collection and use to determine whether they are sufficiently clear and evident to consumers, and 2) giving strong consideration for implementation of a formal opt-in mechanism. European government trade regulators are concerned about whether consumers are being sufficiently informed about the nature and scale of data collection.
Ken graciously provided this great list of resources for the discussion:
* Full text of the Privacy Shield can be found here.
* European Commission draft adequacy decision can be found here.
* Department of Commerce Fact Sheet can be found here.
* European Commission Fact Sheet can be found here.
* European Commission FAQs can be found here.
* Statement from U.S. Secretary of Commerce Penny Pritzker on release of the Privacy Shield text can be found here.
* European Commission statement on the Privacy Shield text can be found here.
* Article 29 Working Party statement on the Privacy Shield can be found here.
As part of Adler Law Group’s Privacy & Information Security Practice, we continue to follow the developments in this area. We can help you review, enhance and adopt standardized contracts and implement methodologies for approaching these challenges by setting objectives, determining scope, allocating resources, and developing agreements that will efficiently and effective manage risks.
Twitter feed is not available at the moment.