This page contains a Flash digital edition of a book.
Interactive DATA PRIVACY AND PROTECTION


l Naughty Corner. Companies will be subject to audits, an FTC 'wall of shame', continuing obligations for those who cease to be signatories to Privacy Shield and enforcement actions from the FTC and European Data Protection Authorities (“DPAs”).


CONS  Te Elephant in the Room. US authorities have


"promised" there will be clear limitations, safeguards, and oversight mechanisms for access by public authorities for law enforcement and national security purposes. While Europe has welcomed the steps that have been taken towards further transparency, there is ample discontent and skepticism. Many agree that the new framework needs to fully reflect the shared democratic and individual-rights-based values which are present in the Lisbon Treaty and the Charter of Fundamental Rights in the EU and by the US Constitution , but there is widespread disagreement as to the best method to do so.


 Scope for Challenge. Trough somewhat gritted teeth, the DPAs have said they will hold off on any challenges for the first year of the Privacy Shield. However, once a year has passed you can bet your bottom dollar that Germany will be first in line behind Schrems to challenge it. Already, the country's equivalent to the US Senate has asked the government to make it possible for its federal and state DPAs to challenge adequacy decisions.


Whilst challenge is important - it comes down (yet again) to balance - a successful challenge to Privacy Shield might also bring down the other mechanisms that companies use to process EU data in the US. After all, if US mass surveillance means the Privacy Shield doesn't protect EU citizens' rights, one could argue the same applies to Model Clauses and Binding Corporate Rules : EU personal data would then be en route to the US without any armour whatsoever.


 Te Unknowns. Tere are many, but Brexit is, for the UK, one of the biggest. As far as the British Prime Minister is concerned "Brexit means Brexit", but how the UK will go about transferring data to the US once it breaks from the EU is unclear. It is likely that it will either follow the EU path or negotiate a similar, perhaps “lighter” version of Shield with the US directly.


CONCLUSION Like the Chinese merchant, we do not know


whether the Privacy Shield can sufficiently resist the spear. As discussed, many do not think it is fit for purpose, but the EU is standing strong with shield raised high waiting for ready


P122 NEWSWIRE / INTERACTIVE / 247.COM


You may think that if the Privacy Shield is going to be challenged anyway, what's the point in worrying about complying with it? The simple answer is that if you don’t want to infringe EU data protection law, it's currently the cheapest, easiest and quickest way to comply with EU-US data laws.


challengers. You may think therefore that if the Privacy Shield is going to be challenged on these grounds anyway, what's the point in worrying about complying with it (or checking that your business complies with it)? Te simple answer is that if you don’t want to infringe EU data protection law, it's currently the cheapest, easiest and quickest way to comply with EU-US


data transfer laws. On that note, we leave you with some practical steps you can take:


FOR US COMPANIES HANDLING EU DATA l Check your eligibility - can you sign up to the


Shield?


l If so, your handling of data must be technically and operationally compliant.


l Ensure your privacy policy is Shield- compliant before submitting an application.


l Review both internal and external data contracts and practices.


FOR INDIVIDUALS l Next time you are asked to “click here” to


agree to a Privacy Policy, Terms of Use, Cookies Practice or whatever it may be - have a look to see what the terms say about international data transfer. Are you happy with how your data will be used? Is it reasonable?


l If not, and the organisation is signed up to the Privacy Shield, you have options – use them.


l Information is power, keep an eye on the latest privacy news to stay up to date.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92  |  Page 93  |  Page 94  |  Page 95  |  Page 96  |  Page 97  |  Page 98  |  Page 99  |  Page 100  |  Page 101  |  Page 102  |  Page 103  |  Page 104  |  Page 105  |  Page 106  |  Page 107  |  Page 108  |  Page 109  |  Page 110  |  Page 111  |  Page 112  |  Page 113  |  Page 114  |  Page 115  |  Page 116  |  Page 117  |  Page 118  |  Page 119  |  Page 120  |  Page 121  |  Page 122  |  Page 123  |  Page 124  |  Page 125  |  Page 126  |  Page 127  |  Page 128  |  Page 129  |  Page 130  |  Page 131  |  Page 132