U.S. companies involved in the transmission of personally identifying information (“PII”) should be aware of the new “EU-U.S. Privacy Shield” unveiled by the U.S. Secretary of Commerce this week. The new Privacy Shield requires U.S. companies “to monitor and enforce more robustly” the privacy rights of Europeans doing business with American companies.
In addition to requiring greater transparency surrounding the collection and use of Europeans’ PII, the new Privacy Shield requires American companies to self-certify annually that they meet the privacy-protection requirements under the new EU-U.S. arrangement. American companies must now reply to complaints from individuals within 45 days, and U.S. businesses handling human resources data must cooperate and comply with European Data Protection Authorities.
If your company or business handles the personal data of Europeans, this new arrangement probably affects you. Consult with a legal professional experienced in the area of international data protection today.