Close Menu
    Latest Category
    • Finance
    • Tech
    • EU Law
    • Energy
    • About
    • Contact
    EUbusiness.com | EU news, business and politicsEUbusiness.com | EU news, business and politics
    Login
    • EU News
    • Focus
    • Guides
    • Press
    • Jobs
    • Events
    • Directory
    EUbusiness.com | EU news, business and politicsEUbusiness.com | EU news, business and politics
    Home » EU-US Privacy Shield review finds room for improvement

    EU-US Privacy Shield review finds room for improvement

    npsnps18 October 2017
    — Filed under: Data protection EU News Headline1 Internet USA
    Share
    Facebook Twitter LinkedIn Pinterest Email
    EU-US Privacy Shield review finds room for improvement

    Vera Jourova – Photo EC

    (BRUSSELS) – The EU- U.S. Privacy Shield is doing a good job in protecting the personal EU personal data but there is some room for improving its implementation, the Commission says in its first annual review.

    The Privacy Shield, an arrangement for protecting the personal data of anyone in the EU when it is transferred to the U.S. for commercial purposes, includes obligations for U.S. companies receiving personal data from the EU, as well as obligations for the U.S. government if they subsequently request access to this personal data for national security or law enforcement reasons.

    “Transatlantic data transfers are essential for our economy,” said the EU’s Justice Commissioner Vera Jourova, “but the fundamental right to data protection must be ensured also when personal data leaves the EU.”

    The Privacy Shield was working well, she said, but its implementation could be improved: “The Privacy Shield is not a document lying in a drawer. It’s a living arrangement that both the EU and U.S. must actively monitor to ensure we keep guard over our high data protection standards.”

    The Privacy Shield was launched in August 2016, with a commitment to an annual review to assess if it was ensuring adequate protection for personal data. It covers instances such as when a European customer is shopping online or using social media, personal data is collected by a branch or business partner of a participating American company, who then transfers it to the U.S. For example, a travel agent in the EU may send names, contact details and credit card numbers to a hotel in the U.S. which has registered to the Privacy Shield.

    Overall the report shows that the Privacy Shield continues to ensure an adequate level of protection for the personal data transferred from the EU to participating companies in the U.S. It finds that the U.S. authorities have put in place the necessary structures and procedures to ensure the correct functioning of the Privacy Shield, such as new redress possibilities for EU individuals. Complaint-handling and enforcement procedures have been set up, and cooperation with the European Data protection authorities has been stepped up. The certification process is functioning well – over 2,400 companies have now been certified by the U.S. Department of Commerce. As regards access to personal data by U.S. public authorities for national security purposes, relevant safeguards on the U.S. side remain in place.

    Recommendations to further improve the functioning of the Privacy Shield

    The report suggests a number of recommendations to ensure the continued successful functioning of the Privacy Shield. These include:

    • More proactive and regular monitoring of companies’ compliance with their Privacy Shield obligations by the U.S. Department of Commerce. The U.S. Department of Commerce should also conduct regular searches for companies making false claims about their participation in the Privacy Shield.
    • More awareness-raising for EU individuals about how to exercise their rights under the Privacy Shield, notably on how to lodge complaints.
    • Closer cooperation between privacy enforcers i.e. the U.S. Department of Commerce, the Federal Trade Commission, and the EU Data Protection Authorities (DPAs), notably to develop guidance for companies and enforcers.
    • Enshrining the protection for non-Americans offered by Presidential Policy Directive 28 (PPD-28), as part of the ongoing debate in the U.S. on the reauthorisation and reform of Section 702 of the Foreign Intelligence Surveillance Act (FISA).
    • To appoint as soon as possible a permanent Privacy Shield Ombudsperson, as well as ensuring the empty posts are filled on the Privacy and Civil Liberties Oversight Board (PCLOB).

    The report will now be sent to the European Parliament, the Council, the Article 29 Working Party of Data Protection Authorities and to the U.S. authorities. The Commission says it will work with the U.S. authorities on the follow-up of its recommendations in the coming months.

    Annual Review of the EU-U.S. Privacy Shield - background guide

    Report and Staff Working Document on the annual review of the functioning of the EU–U.S. Privacy Shield

    Add A Comment
    Leave A Reply Cancel Reply

    You must be logged in to post a comment.

    nps
    • Website

    Related Content

    Sustainable business reporting - Image by u_c48rf6ybx8 from Pixabay

    Revised sustainability reporting standards to reduce red tape for EU businesses

    Nature conservation lake - Photo by Pixabay

    European Parliament’s Environment Committee supports major boost for nature funding in next EU budget

    Sponsor: WWF EU2 July 2026
    Ursula von der Leyen - Nikol Pashinyan - Photo © European Union 2026

    EU offers tariff-free access for 80 pct of Armenia’s exports to EU

    Renewable energy project - Photo by Kindel Media on Pexels

    €2.5 bn EU emission trading revenues invested in cleaner energy systems

    Parcel post - Image by congerdesign from Pixabay

    New e-commerce duty for small packages to increase fairness for EU businesses

    Pollution - Image by ivabalk from Pixabay

    Weakening EU carbon removal targets could breach international law, legal analysis warns

    Sponsor: WWF EU30 June 2026
    LATEST EU NEWS
    Sustainable business reporting - Image by u_c48rf6ybx8 from Pixabay

    Revised sustainability reporting standards to reduce red tape for EU businesses

    3 July 2026
    Ursula von der Leyen - Nikol Pashinyan - Photo © European Union 2026

    EU offers tariff-free access for 80 pct of Armenia’s exports to EU

    2 July 2026
    Renewable energy project - Photo by Kindel Media on Pexels

    €2.5 bn EU emission trading revenues invested in cleaner energy systems

    2 July 2026
    Parcel post - Image by congerdesign from Pixabay

    New e-commerce duty for small packages to increase fairness for EU businesses

    1 July 2026
    Renewable energy - Image by Maria Maltseva from Pixabay

    EU’s renewable energy, natural gas supply up in 2025

    30 June 2026

    Subscribe to EUbusiness Week

    Get the latest EU news

    CONTACT INFO

    • EUbusiness, 117 High Street, Chesham Buckinghamshire, HP5 1DE, United Kingdom
    • +44(0)20 8058 8232
    • service@eubusiness.com

    INFORMATION

    • About Us
    • Advertising
    • Contact Info

    Services

    • Cookie Policy
    • Terms
    • Disclaimer

    SOCIAL MEDIA

    Facebook
    eubusiness.com © EUbusiness Ltd 2026

    Type above and press Enter to search. Press Esc to cancel.

    Manage Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}
    Manage Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    • Manage options
    • Manage services
    • Manage {vendor_count} vendors
    • Read more about these purposes
    View preferences
    • {title}
    • {title}
    • {title}

    Sign In or Register

    Welcome Back!

    Login to your account below.

    Lost password?