This page contains a Flash digital edition of a book.
Interactive DATA PRIVACY AND PROTECTION


Transatlantic data: risk and security


The Safe Harbor agreement was negotiated and enshrined in law as recently as the year 2000, and was intended to confer European levels of protection to private data once it made its way into the systems of companies based in the US


Sarah Pearce, Partner, Cooley’s Technology Transactions Group


Sarah Pearce is a partner in Cooley’s Technology Transactions Group and is resident in the firm's London office. While her focus is on technology, Sarah also advises a diverse selection of clients (particularly in the consumer products and retail sector) on general commercial matters, including data protection and privacy issues.


It was declared no longer valid just a decade-and-a-half later, and its collapse caused a degree of panic amidst businesses relying on the cross Atlantic transmission of material. Tis panic subsided somewhat following the announcement, at the start of February, that the European Commission and the US Department of Commerce had struck a deal to replace it.


Jane Elphick, Associate Cooley Technology Transactions Group


Jane advises on a range of commercial agreements and technology transactions, principally in the TMT and retail sectors. She also provides privacy, data protection, consumer rights and e-commerce advice.


P62 NEWSWIRE / INTERACTIVE / 247.COM


Te new solution, known as the Privacy Shield, was intended to be an upgraded version of Safe Harbor, providing reassurance that information crossing borders and jurisdictions from the European Economic Area (EAA) to the US will enjoy consistent levels of protection and privacy. Such an arrangement is needed because the flow of data between the EAA and the US is now a key, if not the key component enabling billions of dollars, euros and pounds worth of trade to take place. Tis can only take place, under European Data Protection Law, if the information in question has guaranteed protection in place. Safe Harbor ultimately failed in this aim and


was declared invalid by the European Court of Justice ("CJEU") in October of last year. Te question now being asked is whether the Privacy Shield can offer a more robust and practicable solution to the privacy conundrum. Like Safe Harbor, the Privacy Shield will depend upon organisations and businesses in the US self-


certificating – basically promising to adhere to European levels of data protection. What’s changed is that, in this case, the levels of adequate protection these bodies are pledging to meet are underpinned by a set of seven core and 16 supplemental Privacy Principles, as well as official representations and commitments taking the form of signed letters from US authorities, including Secretary of State John Kerry, Secretary of Commerce Penny Pritzker, the Federal Trade Commission (‘FTC’) and the Office of the Director of National Intelligence. Te Principles themselves represent the criteria which the self- certificating organisations have to meet, and are intended to reflect the core principles of EU data protection legislation. With this in mind they have been given names such as the ‘Notice Principle’, ‘Choice Principle’, ‘Security Principle’ and ‘Access Principle’. Te aforementioned representations and commitments, for their part, offer promises on behalf of the wider US authorities, guaranteeing adherence to the levels of protection required by the European Commission. Bearing all of this in mind, the Privacy Shield was designed with stronger obligations and


Safe Harbor ultimately failed in this aim and was declared invalid by the European Court of Justice ("CJEU") in October of last year. The question now being asked is whether the Privacy Shield can offer a more robust and practicable solution to the privacy conundrum.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76