The EU-US Privacy Shield, arranged to replace Safe Harbour, may come into effect from July, the EU and US have agreed.
The EU-US Privacy Shield has been tweaked slightly from its original specification to include a promise from the White House regarding the treatment of data.
It states that bulk collection of data sent from the EU to the US can only happen if conditions have been agreed prior to the transfer and it must be "as targeted and focused" as possible.
Other new clauses integrated into the agreement include that companies have to delete data that no longer serves the purpose for which it was originally collected. Additionally, the ombudsman that oversees the agreement will be independent from national security services to make it as fair and transparent as possible.
The US will create the ombudsman that deals with complaints from EU citizens about Americans misusing or spying on their data.
A spokesman for the European Commission said: "This new framework for transatlantic data flows protects the fundamental rights of Europeans and ensures legal certainty for businesses."
Other existing key points of the EU-US Privacy Shield include promises that the US Office of the Director of National Intelligence will give written commitment that data collected from EU citizens will not be used in mass surveillance exercises and an annual review will be performed by both the EU and US to ensure the system is running correctly.
However, now the UK has voted to leave the EU, this means the UK would need to independently negotiate a similar law in line with the EU's regulations that protects the data of businesses should they choose to trade with the UK and vice versa.
-
EU and US reach agreement on Privacy Shield replacementNews Privacy campaigner Max Schrems suggests the deal amounts to a "patchwork approach" that will ultimately fail
-
Zoom is no longer compatible with GDPR, Hamburg data watchdog claimsNews Regulator claims city officials are using a "legally highly problematic system"
-
Microsoft promises to challenge all government requests for customer dataNews Stance taken following EU advice to firms on complying with a ruling invalidating the EU-US data transfer mechanism
-
European court invalidates primary EU-US data transfer mechanism
News Privacy Shield ruled to be incompatible with GDPR in landmark case
-
What is EU-US Privacy Shield?In-depth A look at the now invalidated framework US companies relied on to transfer data to and from the European Union
-
Privacy Shield should be suspended, say MEPsNews Committee cites Cambridge Analytica scandal and CLOUD Act as obstacles
-
EU seeks Privacy Shield changes in its first annual reviewNews Proposals include tougher rules around non-compliance and greater cooperation between US and EU authorities
-
European data protection supervisor says Privacy Shield not robust enoughNews Giovanni Buttarelli said the European Commission needs to develop a longer-term solution for sharing data across continents
