The European Union General Data Privacy Regulation (GDPR), which took effect in May 2018, covers the handling of personal information of E.U. citizens, including by U.S.-based companies. The E.U.-U.S. Privacy Shield is a framework to provide companies with a mechanism to comply with the GDPR. It includes self-certification of adequate data protection practices, including data transfers. The Privacy Shield program is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce.
The U.S. has yet to appoint a permanent ombudsperson to handle any complaints by E.U. citizens that a company is not complying with the GDPR. The E.U. has now set a deadline of February 28, 2019 for that appointment to be made. The acting ombudsperson, Judith Garber, has recently been nominated as U.S. ambassador to Cyprus. Whether the U.S. will meet the deadline remains to be seen.
More information about the E.U.-U.S. Privacy Shield is available here. Access an article with more information about the E.U.’s imposed deadline here. Contact us at Ossian Law P. C. regarding any information technology law matter.
© 2019 Ossian Law P.C.