The European Commission announced the EU-US Privacy Shield. The Shield is intended to replace the Safe Harbor framework, previously recognised as providing adequate protection for personal data transferred from the EU to Safe Harbor member companies in the USA.

It is too early to say whether the new Shield provides adequate protection for personal data passed from the EU to the USA. The Article 29 Working Party will provide an opinion to the European Commission about the Shield, as envisioned under Article 30(1)(b) of the Data Protection Directive. It will also continue its work in assessing whether other transfer tools, such as standard contractual clauses (SCCs) and binding corporate rules (BCRs) can act as effective safeguards for personal data transferred to the USA.

See ICO Blog