EU US Privacy Shield: Changes for Data Processors and Exporters
New EU-U.S. Privacy Shield creates confusion for Data Processors and Data Exporters
Data privacy between United States (US) and European Union (EU) companies has a new option formally named the EU-U.S. Privacy Shield which was adopted by the European Commission on July 12, 2016. This replaces the Safe Harbor Privacy Principles which were overturned on October 6, 2015 by the European Court of Justice.
For a background on all of these regulations see our post from June about data sovereignty and Brexit.
Do I need to change to the privacy shield regulations now or can I stick to the model clauses?
At Jungle Disk we have our data privacy counsel investigating the industry reception for the new Privacy Shield. Today we provide our EU customers the ability to store their data in Amazon Web Services EU (Ireland) and we provide a Standard Contractual Clauses agreement for Data Processors and Data Exporters (PDF download). The Privacy Shield pact does not invalidate any Model Clause agreement between an EU and U.S. entity so you do not need to make a change today.
When will U.S. companies start offering Privacy Shield for protection of personal data?
The United States Department of Commerce published a Fact Sheet on July 12, 2016 (PDF Download) outlining the self-certification process available via the Privacy Shield Framework starting in August of this year. We’ll continue to review and then decide if we’ll add the Privacy Shield Framework alongside our Model Clauses agreements.
Should I read more about this?
This topic is actively covered in news outlets. Our team recommends the following articles and fact sheets if you want to do more research on your own:
- The National Law Review, European Commission Approves Privacy Shield Ushering in Safe Harbor 2.0
- European Commission, EU-U.S. Privacy Shield Fact Sheet
- United States Department of Commerce, EU-U.S. Privacy Shield Home Page
Data Privacy is Important
We take data privacy very seriously at Jungle Disk which is why we stand in support of strong encryption (we implement AES-256) and customer control over the encryption keys. Jungle Disk does not have a master key so when your data is encrypted by you, as a customer, it is only accessible with your unique encryption key. You can securely backup the PCs and Macs of your employees with our Workgroup Edition and your Windows and Linux Servers with our Server Edition.