Another blow has been struck to US companies wishing to do business in the European Union, as the ‘Privacy Shield’ regulation which allowed EU citizen data to be transferred to and processed in the US has been deemed invalid by the European Court of Justice. Privacy Shield was itself designed to replace an older data transfer mechanic/regulation called ‘Safe Harbor’, which also met the wrath of European lawmakers back in 2015.
EU-US Data Transfer May Be Stopped As Privacy Shield Comes Under Fire
The flow of data between the United States and the EU may be at risk as tensions are rising around Privacy Shield. If you haven’t been living under a rock for the last two years, you will likely have heard of the GDPR – the EU data protection regulation that now fiercely protects EU citizen data, whether in the hands of a non-EU or EU-based organisation. You may have wondered, then, how companies in places like the US are still able to legally hold and process EU data without falling foul of the GDPR, and the answer is Privacy Shield. Privacy Shield is a framework that allows companies on both sides of the Atlantic to transfer data while complying with the GDPR. However, this may all soon change, with Members of the European Parliament calling for Privacy Shield to be brought up to scratch or invalidated.