When the European Union’s highest court issued its October 2015 ruling striking down the U.S.- EU Safe Harbor framework, shock waves rippled on both sides of the Atlantic. The decision in Schrems v. Facebook meant that companies handling personal information of European citizens could no longer rely on self-certification under the U.S.-EU Safe Harbor framework to establish compliance with EU privacy laws. On February 2nd, the EU Commission and the U.S. Commerce Department announced a revamped framework, the U.S.-EU Privacy Shield, also known as Safe Harbor 2.0.
This article examines the new U.S.-EU Privacy Shield and what’s next in terms of implementation of the new framework.